www.planusa.org Open in urlscan Pro
2606:4700:3037::6815:4da4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.email.planusa.org/?qs=2859b56e8bd906226aac3f846f955d7e6465554c57cedbb6b14d1323b2eabcdba56c0efcae28c8638ad58db41037...
Effective URL:
http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Submission: On January 20 via api (January 20th 2022, 2:29:22 am UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 25 domains to perform 112 HTTP transactions. The main IP is 2606:4700:3037::6815:4da4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.planusa.org. The Cisco Umbrella rank of the primary domain is 862345.

This is the only time www.planusa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.18.12 13.111.18.12	22606 (EXACT-7) (EXACT-7)
1 29	2606:4700:303... 2606:4700:3037::6815:4da4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.216.128.35 52.216.128.35	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
10	93.184.220.42 93.184.220.42	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
1	151.101.129.131 151.101.129.131	54113 (FASTLY) (FASTLY)
7	2.16.186.242 2.16.186.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:e14e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.96.127.16 34.96.127.16	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
1	65.9.58.40 65.9.58.40	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:2c00:d:87ae:bb80:21	16509 (AMAZON-02) (AMAZON-02)
4 6	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
3	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	138.197.61.175 138.197.61.175	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
112	35

1 13.111.18.12 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.s10.exacttarget.com

click.email.planusa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:3037::6815:4da4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.planusa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.187.169.47 (Frankfurt am Main, Germany) 2 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files1.cybba.solutions	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.216.128.35 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

planusa-org-staging.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 93.184.220.42 (London, United Kingdom)

ASN15133 (EDGECAST, US)

static.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

9879419.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.131 (United States)

ASN54113 (FASTLY, US)

2e07d875b89549cf92917817c484f293.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.186.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-242.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e14e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.127.16 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 16.127.96.34.bc.googleusercontent.com

knrpc.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-40.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:2c00:d:87ae:bb80:21 (United States)

ASN16509 (AMAZON-02, US)

d2rp1k1dldbai6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.173.215 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.197.61.175 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

app.cybba.solutions	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	planusa.org 2 redirects click.email.planusa.org www.planusa.org — Cisco Umbrella Rank: 862345	2 MB
14	olark.com static.olark.com — Cisco Umbrella Rank: 12806 knrpc.olark.com — Cisco Umbrella Rank: 13445 api.olark.com — Cisco Umbrella Rank: 14605 log.olark.com — Cisco Umbrella Rank: 13907	454 KB
7	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 404 ib.adnxs.com — Cisco Umbrella Rank: 241	6 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1300	123 KB
6	cybba.solutions files1.cybba.solutions — Cisco Umbrella Rank: 32860 app.cybba.solutions — Cisco Umbrella Rank: 32778	26 KB
6	doubleclick.net 1 redirects 9879419.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96	6 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5557 adservice.google.de — Cisco Umbrella Rank: 8028	2 KB
5	clarity.ms 1 redirects e.clarity.ms — Cisco Umbrella Rank: 2242 c.clarity.ms — Cisco Umbrella Rank: 917	24 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	65 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 385 c.bing.com — Cisco Umbrella Rank: 273	12 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	221 KB
4	amazonaws.com planusa-org-staging.s3.amazonaws.com	106 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1531 insight.adsrvr.org — Cisco Umbrella Rank: 624	5 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	313 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	30 KB
2	ubembed.com 2e07d875b89549cf92917817c484f293.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 10642	50 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	114 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 440	6 KB
2	rawgit.com 2 redirects cdn.rawgit.com — Cisco Umbrella Rank: 8219	1 KB
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 6473	425 B
1	cloudfront.net d2rp1k1dldbai6.cloudfront.net	20 KB
1	fonts.net fast.fonts.net — Cisco Umbrella Rank: 2989	819 B
1	rtb123.com www.rtb123.com — Cisco Umbrella Rank: 19071	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
112	25

	Domain	Requested by
29	www.planusa.org	1 redirects www.planusa.org
10	static.olark.com	www.planusa.org srcdoc static.olark.com
7	analytics.tiktok.com	www.planusa.org analytics.tiktok.com
6	secure.adnxs.com	4 redirects www.planusa.org
5	app.cybba.solutions	files1.cybba.solutions
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.planusa.org
4	www.google.de	www.planusa.org
4	www.google.com	www.planusa.org
4	www.googletagmanager.com	www.planusa.org
4	planusa-org-staging.s3.amazonaws.com	www.planusa.org
3	e.clarity.ms	bat.bing.com e.clarity.ms
3	googleads.g.doubleclick.net	www.googleadservices.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.planusa.org
2	log.olark.com
2	insight.adsrvr.org	js.adsrvr.org
2	c.clarity.ms	1 redirects www.planusa.org
2	www.facebook.com	www.planusa.org
2	www.googleadservices.com	www.googletagmanager.com
2	connect.facebook.net	www.planusa.org connect.facebook.net
2	9879419.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	cdn.jsdelivr.net	www.planusa.org
2	cdn.rawgit.com	2 redirects
1	ib.adnxs.com	d2rp1k1dldbai6.cloudfront.net
1	api.olark.com	static.olark.com
1	pro.ip-api.com	files1.cybba.solutions
1	adservice.google.de	adservice.google.com
1	c.bing.com	1 redirects
1	files1.cybba.solutions	www.rtb123.com
1	d2rp1k1dldbai6.cloudfront.net	www.rtb123.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	9879419.fls.doubleclick.net
1	assets.ubembed.com	2e07d875b89549cf92917817c484f293.js.ubembed.com
1	js.adsrvr.org	www.planusa.org
1	knrpc.olark.com	static.olark.com
1	fast.fonts.net	www.planusa.org
1	2e07d875b89549cf92917817c484f293.js.ubembed.com	www.googletagmanager.com
1	www.rtb123.com	www.planusa.org
1	fonts.googleapis.com	www.planusa.org
1	click.email.planusa.org	1 redirects
112	39

This site contains links to these domains. Also see Links.

Domain
planusa.org
www.instagram.com
www.facebook.com
twitter.com
www.youtube.com
www.tiktok.com
www.charitynavigator.org
give.org
www.guidestar.org
greatnonprofits.org
planusa-org-staging.s3.amazonaws.com
constructive.co

Subject Issuer	Validity	Valid
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-29` - `2022-01-27`	3 months	crt.sh
www.rtb123.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-09` - `2022-02-10`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
assets.ubembed.com Amazon	`2021-03-06` - `2022-04-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
s2.wac.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-09` - `2022-11-30`	a year	crt.sh
files1.cybba.solutions R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.cybba.solutions Sectigo RSA Domain Validation Secure Server CA	`2021-06-15` - `2022-07-16`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.olark.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-20` - `2022-10-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh

This page contains 9 frames:

Primary Page: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Frame ID: 476AE06FBA8F802C36837CA900203963
Requests: 102 HTTP requests in this frame

Frame: http://static.olark.com/jsclient/app.js
Frame ID: 9D253A40F44CB9269F7F1179AA71C5E6
Requests: 7 HTTP requests in this frame

Frame: http://9879419.fls.doubleclick.net/activityi;dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField
Frame ID: 4779F01BDEEFFF76A2600CCD6EB4D660
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField
Frame ID: 9260A10882D0EE48FF873809BDC4E85E
Requests: 1 HTTP requests in this frame

Frame: https://static.olark.com/jsclient-bucket5/storage.html?v=1639596023950
Frame ID: 1224392F805AB17F85251FB109823782
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D52382F74C561441220894E48B078C20
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField
Frame ID: 42717DD1F91B57CCD3BC6733BAC564C2
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2mlbed5&ref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&upid=3gs34vr&upv=1.1.0
Frame ID: 30AB46472AB7A601F378BB7FEA17713A
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=4toff13&ref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&upid=16dhzbf&upv=1.1.0
Frame ID: 9D4E0F9D29A9042B40F7046571EB9FCD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Our Blog | Plan International USARequired AsteriskRequired AsteriskRequired AsteriskOlark launch button clip path

Page URL History Show full URLs

http://click.email.planusa.org/?qs=2859b56e8bd906226aac3f846f955d7e6465554c57cedbb6b14d1323b2eabcdba56c0efc... HTTP 302
http://www.planusa.org/blog?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFrom... HTTP 301
http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFro... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

112
Requests

53 %
HTTPS

46 %
IPv6

25
Domains

39
Subdomains

35
IPs

5
Countries

3817 kB
Transfer

9613 kB
Size

31
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://planusa.org/help-items/getting-started/
Title: Help center

Search URL Search Domain Scan URL

URL: https://planusa.org/projects/
Title: Our projects

Search URL Search Domain Scan URL

URL: https://www.instagram.com/plan_usa/?hl=en

Search URL Search Domain Scan URL

URL: https://www.facebook.com/planusa

Search URL Search Domain Scan URL

URL: https://twitter.com/PlanUSA

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/PlanUSAvideos/videos

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@planusa?lang=en%E2%80%A9

Search URL Search Domain Scan URL

URL: https://www.charitynavigator.org/index.cfm?bay=search.summary&orgid=4337

Search URL Search Domain Scan URL

URL: https://give.org/charity-reviews/national/Relief-and-Development/Plan-International-USA-in-Warwick-ri-28092

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/13-5661832

Search URL Search Domain Scan URL

URL: https://greatnonprofits.org/org/plan-international-usa-inc

Search URL Search Domain Scan URL

URL: https://planusa-org-staging.s3.amazonaws.com/public/uploads/2022/01/FreedomFromHarassment-2.pdf
Title: Freedom From Harassment Policy

Search URL Search Domain Scan URL

URL: https://planusa-org-staging.s3.amazonaws.com/public/uploads/2022/01/TraffickingInPersons-2.pdf
Title: Trafficking in Persons Policy and Compliance Plan

Search URL Search Domain Scan URL

URL: https://planusa-org-staging.s3.amazonaws.com/public/uploads/2022/01/CodeofEthicsandConduct-2.pdf
Title: Code of Ethics and Conduct

Search URL Search Domain Scan URL

URL: https://constructive.co/
Title: Constructive

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.email.planusa.org/?qs=2859b56e8bd906226aac3f846f955d7e6465554c57cedbb6b14d1323b2eabcdba56c0efcae28c8638ad58db41037cf10e678b112045d5715ccc06d00c641743d HTTP 302
http://www.planusa.org/blog?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField HTTP 301
http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://cdn.rawgit.com/michalsnik/aos/2.1.1/dist/aos.css HTTP 301
https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.css

Request Chain 36

https://cdn.rawgit.com/michalsnik/aos/2.1.1/dist/aos.js HTTP 301
https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.js

Request Chain 39

http://www.googletagmanager.com/gtag/js?id=G-P02S4VE0VS&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=G-P02S4VE0VS&l=dataLayer&cx=c

Request Chain 42

http://9879419.fls.doubleclick.net/activityi;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField HTTP 302
http://9879419.fls.doubleclick.net/activityi;dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField

Request Chain 75

http://www.googletagmanager.com/gtag/js?id=AW-608274385 HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-608274385

Request Chain 76

http://www.googletagmanager.com/gtag/js?id=AW-608274385&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-608274385&l=dataLayer&cx=c

Request Chain 79

http://secure.adnxs.com/seg?add=20952558&t=2 HTTP 307
https://secure.adnxs.com/sbounce?%2Fseg%3Fadd%3D20952558%26t%3D2 HTTP 307
https://secure.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D20952558%2526t%253D2

Request Chain 80

http://secure.adnxs.com/px?id=1222827&t=2 HTTP 307
https://secure.adnxs.com/sbounce?%2Fpx%3Fid%3D1222827%26t%3D2 HTTP 307
https://secure.adnxs.com/bounce?%2Fsbounce%3F%252Fpx%253Fid%253D1222827%2526t%253D2

Request Chain 82

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=5CBBC37A68CA490DB1059CBF8D6BC246&RedC=c.clarity.ms&MXFR=3D9094DA02306DD61D3785E80630631A HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=5CBBC37A68CA490DB1059CBF8D6BC246&MUID=3F31AFFA4CAE668611B2BEC84D7C6741

112 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.planusa.org/blog/
Redirect Chain

http://click.email.planusa.org/?qs=2859b56e8bd906226aac3f846f955d7e6465554c57cedbb6b14d1323b2eabcdba56c0efcae28c8638ad58db41037cf10e678b112045d5715ccc06d00c641743d
http://www.planusa.org/blog?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

140 KB
51 KB

1271ms
1271ms

Document
text/html

2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c43d589534b2c550c72b4bfdbf49674b0aa0e09c6f8b521a8b89954f58fced

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
link: <https://www.planusa.org/wp-json/>; rel="https://api.w.org/", <https://www.planusa.org/wp-json/wp/v2/pages/9691>; rel="alternate"; type="application/json", <https://www.planusa.org/?p=9691>; rel=shortlink
vary: Accept-Encoding
via: 1.1 vegur
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tW5csd6rWs8ZmCqmYaqghija9%2Fb58DZnluo4yyDD%2BfXAwYGnUXdc7tL9F9ZA2wUOQcobPyRXPdG1DPZCaTdJzEMoVAZSPCDXdrWV4fkmAg3jRvjcsMx23%2BshjQpajvcyc%2BJj10FfbKxqbwwYLHc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6d04dfbbab535c32-FRA
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Thu, 20 Jan 2022 02:29:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-redirect-by: WordPress
location: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
via: 1.1 vegur
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zp6MQy54svYmDS6w%2FyR9zHwg%2F7vDwGf4QYU5ZZe%2FUQLtRP%2Fv4IXDdK3h9xsOdMS5ZsceEtwH%2BAIdWYaoSekDZSsB0uuiysKXg2V3utgdCtx07%2FBBMrwpNilKJHXVS4hbZqr72gCAZI%2B35w%2B3UEw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6d04dfb54b365c32-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK styles.css
www.planusa.org//app/plugins/contact-form-7/includes/css/ 2 KB
2 KB 52ms
36ms Stylesheet
text/css 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org//app/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
via: 1.1 vegur
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Cf-Polished: origSize=2630
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 15:39:14 GMT
Server: cloudflare
etag: W/"a46-5d4ebac240c80-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpYKotlYe4IDdphGYl6sSoDgNUwXM1g2hP%2BfMM61EOfIwAJBBb%2B9FEPZukueixbOXfvWBz9iib6XR93Sg10p1mHKWSYrlDlI17fW1WEs9roGPIOo%2BhEDWIhJSXQ07r4gv57zv0pkm%2FGZzIJJvAs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
CF-RAY: 6d04dfc3c8557057-FRA
Cf-Bgj: minify

GET
H/1.1 200
OK main.css
www.planusa.org//app/themes/planusa/dist/styles/ 2 MB
202 KB 52ms
36ms Stylesheet
text/css 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org//app/themes/planusa/dist/styles/main.css
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcff0a0ce2e020657abcc4eb811920cb99fd387a06c3548d9ec10c42e6a0fb6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
via: 1.1 vegur
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
Server: cloudflare
etag: W/"1b997d-5d4ebb378e140-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ur6KLg6%2FYeRoEwSX%2Bfwunlwex1TkyjNc5bDTLi0di8AdMT3oL2pTw634%2BQZHYKFVrM6bR91EBZSp9oyglvYcSezHXgMfR2W7oAiGUnimIgA1%2FyOZAKG4jWdayZV2Qi%2F0D1Ew7etvY7PI9Y5vr8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
CF-RAY: 6d04dfc3cfd22b65-FRA
Cf-Bgj: minify

GET
H2

200

aos.css
cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/
Redirect Chain

https://cdn.rawgit.com/michalsnik/aos/2.1.1/dist/aos.css
https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.css

25 KB
2 KB

59ms
23ms

Stylesheet
text/css

2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.css

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f60551109a5502a1fb601b2b16872fef5232e7f92bac1c3b779a75e819d3f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1280791
x-jsd-version: 2.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19156-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"657f-JPG3KrqqrRZx4J3G/yvsAP326KE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6d04dfc449175c3e-FRA

Redirect headers

date: Thu, 20 Jan 2022 02:29:15 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 756
age: 23536
access-control-expose-headers: *
x-cache: MISS, HIT
cdn-cachedat: 01/20/2022 03:29:12
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 95
server: BunnyCDN-DE1-756
x-served-by: cache-fra19153-FRA, cache-pwk4946-PWK
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-requestpullcode: 301
location: https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.css
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-requestid: 6c027c8c84fec4aca85d7b2f8ca8db64
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 301
cdn-requestpullsuccess: True

GET
H/1.1 200
OK invisible.js Show response
www.planusa.org/cdn-cgi/challenge-platform/h/b/scripts/ 40 KB
15 KB 28ms
28ms Script
text/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42fb3a01b6f7048cffb9e83c78308051db77491eb72eeeca6fb5f50c95d16301

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRVcYrJC%2FsAtVnLCr4QwU0JAK4oa6rYYaUkkHYXUAmL5Xi8uT1YiGmpcNRG6DceE2W%2BqFe4n9XfQ4ROrDPMKCSw5sGXRvG%2FCrZ37oC3LJK3uKXbclgK%2FwVvb9unvZmBkwnfeoi%2FhoifG6MdqluE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript
cache-control: max-age=604800, public
Transfer-Encoding: chunked
Connection: keep-alive
x-control-type-options: nosniff
CF-RAY: 6d04dfc4582d2b65-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK BlogImg_377x292.jpg
planusa-org-staging.s3.amazonaws.com/public/uploads/2021/10/ 34 KB
34 KB 544ms
227ms Image
image/jpeg 52.216.128.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://planusa-org-staging.s3.amazonaws.com/public/uploads/2021/10/BlogImg_377x292.jpg
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.128.35 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 036b49ed361056525e591016b3f969f4badd515f96116015a04dfba75a51b34c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:16 GMT
Last-Modified: Tue, 14 Dec 2021 17:54:58 GMT
Server: AmazonS3
x-amz-request-id: JPTMQSTW9VCX2JZ7
ETag: "a5cc071deb3ff2ef0ec71467a7d70646"
Content-Type: image/jpeg
x-amz-version-id: osqh3dtpJ_ZmxqFyB.yO_JyZ4WETOrtQ
Accept-Ranges: bytes
Content-Length: 34728
x-amz-id-2: bxF5EFzAhkg94wX06Dq6M61zjj5qopNzXxzsbFVIv7Os0KWO4s4tX/cCJn9wesbuJ6Ne+e97dGw=

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 67ms
25ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.planusa.org
URL: http://www.planusa.org//app/themes/planusa/dist/styles/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 00:31:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 20 Jan 2022 02:29:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jan 2022 02:29:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 248 KB
82 KB 74ms
33ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef575efc1400b24a23a13d57e42f46527c2d4ebebad010b9f50e4371d2a3e10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83279
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 00:28:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jan 2022 02:29:15 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 488f0037e7d36e54fa24655cd5294b223ac6444638065d5fb8a883c78ef4042a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK menu_icon.jpg
www.planusa.org/app/themes/planusa/resources/assets/images/general/ 160 KB
161 KB 28ms
28ms Image
image/jpeg 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.planusa.org/app/themes/planusa/resources/assets/images/general/menu_icon.jpg
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36aa72c2e9a35811b1021156761155c5093b3b01abc1f411f155d4a8d16c9497

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
via: 1.1 vegur
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 476
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 163612
last-modified: Thu, 06 Jan 2022 15:39:14 GMT
Server: cloudflare
etag: "27f1c-5d4ebac240c80"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3kIMTyKfiblsWBxpvckTuSMO89N9ZqVfIc1iK%2FRH%2FDx7YmMpBacBtiJ5MiSNOZYu4wADjmZyJA%2FH7ggEKNgo8557e9kF2dnXx0WuLrlmFj%2BHFxf93kTSfN7uFarbOXOQFXZ5PXUMd%2BuXGJ94RU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc4e89c2b65-FRA

GET
DATA 200
OK truncated
/ 805 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 857ad2091f006457a9430c0d437a96ffe6d7d7b75a2aa898a6e169d10ad4256d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK Hero_Blog.jpg
planusa-org-staging.s3.amazonaws.com/public/uploads/2021/09/ 20 KB
21 KB 466ms
153ms Image
image/jpeg 52.216.128.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://planusa-org-staging.s3.amazonaws.com/public/uploads/2021/09/Hero_Blog.jpg
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.128.35 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a0c9247009d3bcd0d8f7fe80ea839ee32042c31e98de7459d8f67d79c7879b4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:17 GMT
Last-Modified: Tue, 14 Dec 2021 18:01:49 GMT
Server: AmazonS3
x-amz-request-id: 9D3W57C9EV80P9EJ
ETag: "7328d83ebcf51e433f2afa5df71dde6f"
Content-Type: image/jpeg
x-amz-version-id: zRoOLtsCRxL8RDIgh45sJjgE8ZjmEI7_
Accept-Ranges: bytes
Content-Length: 20868
x-amz-id-2: zGs5TAQeY6VEklgwfCabfTUda8ss1xa+vpGlLUdfkWpcpMf67NP4GunStEpVhsrsv1/C83nAg/E=

GET
H/1.1 200
OK jagged-edge-white.svg
www.planusa.org//app/themes/planusa/dist/images/general/ 23 KB
11 KB 22ms
22ms Image
image/svg+xml 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.planusa.org//app/themes/planusa/dist/images/general/jagged-edge-white.svg
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb8804e2f55d962a7ab2c7ea7e2b39220b05964d6f770ee7c35579af5e32096

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 476
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 10527
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
Server: cloudflare
etag: "5aa6-5d4ebb378e140-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knjFLMv%2FSr6sGGMw8oDOL%2B6PNoJ1R3fruUjhCY9ucReBBYlOMAvNZKU8McdJZ63key2byGrpXPG74tp%2F4mcbjsLFYneBH%2FYAyYYuwtzJq0IaZeq88xXc6t8ucqrfEAmuhGxZt6LHGE5T%2Ff5rtLo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc4f9a47057-FRA

GET
H/1.1 200
OK splotch-big-hero.png
www.planusa.org//app/themes/planusa/dist/images/general/ 1 MB
1 MB 72ms
24ms Image
image/png 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.planusa.org//app/themes/planusa/dist/images/general/splotch-big-hero.png
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c3873e9e42bae983548a7c47aa2d39c872adb1744b9b9ed052b3313f487d53d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
via: 1.1 vegur
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 476
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1346239
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
Server: cloudflare
etag: "148abf-5d4ebb378e140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Fy%2FXx9mj3zb5qO4W3hEEjs5XIlLSLMLtdjIFd1eqDKMQlLzyc0KWu529XP1UPlra96ymlnkOGXMX5G4fyM6H%2FjxvnZD50b9xhrubMa%2BQX9Hs6lQVBhRY6gXlm3M7MhO84CdpKEO89kxn0MYxkY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc53a097057-FRA

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5529c0e96ec7e0586aaf8abac45b2607fef96a6a6e3f6e4d390c4bb8f7dceb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK Life_Detail_Row_Landscape_2.jpeg
planusa-org-staging.s3.amazonaws.com/public/uploads/2021/10/ 50 KB
50 KB 476ms
161ms Image
image/jpeg 52.216.128.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://planusa-org-staging.s3.amazonaws.com/public/uploads/2021/10/Life_Detail_Row_Landscape_2.jpeg
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.128.35 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3fa7bddaeac151c28d400e002ef0f5e40f7b6f1a6caf52de9a4f6d1626a8c086

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:17 GMT
Last-Modified: Tue, 14 Dec 2021 17:55:08 GMT
Server: AmazonS3
x-amz-request-id: 9D3Q9ZXDCZVYYHQM
ETag: "bb86f8c509dbda1a132e12c7f622aa0e"
Content-Type: image/jpeg
x-amz-version-id: LMNfzkWsIX1xPZyhcy122Dmb057s.cm9
Accept-Ranges: bytes
Content-Length: 50750
x-amz-id-2: jTSjphBt8NwA4SbUmn/x/VPF/cQkoIM5dQSOyq0F340A0HQgdBHGhWjaZk3Gqef8/QsLUUPvAQc=

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a04c223ab64cea7b63f08059699088afb013dd51aadc0eecda77a6b345f3f89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK jagged-edge.svg
www.planusa.org//app/themes/planusa/dist/images/general/ 23 KB
11 KB 74ms
25ms Image
image/svg+xml 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.planusa.org//app/themes/planusa/dist/images/general/jagged-edge.svg
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98817c9af505be714bd9dd7c2ac619597eb181959f379743c01120156d591109

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 475
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 10529
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
Server: cloudflare
etag: "5aa6-5d4ebb378e140-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJ47Ej8Ngr7mL9DgcOutVtS8h1LD989ebkak8AO43%2FEfdk7%2FlN1e7nKXK19KkWAU951NwUmnUyIqAYgcvO6YKrwQX1WuJgm6afrHQdBf62qF%2BQRyEUF0JW69%2F3CRGPEVwKraMGkTso0WAZjRHb8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc54d335b9e-FRA

GET
H/1.1 200
OK 800da3b0-675f-465f-892d-d76cecbdd5b1.woff2
www.planusa.org//app/themes/planusa/dist/fonts/5664150/ 27 KB
28 KB 40ms
29ms Font
font/woff2 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org//app/themes/planusa/dist/fonts/5664150/800da3b0-675f-465f-892d-d76cecbdd5b1.woff2
Requested by: Host: www.planusa.org
URL: http://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e7cf9a9f7bb1bbb6e732a1541b1d0f26f46cfda65e2098c2b2085e8ae1ccf52

Request headers

Referer: http://www.planusa.org//app/themes/planusa/dist/styles/main.css
Origin: http://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
via: 1.1 vegur
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 27472
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
Server: cloudflare
etag: "6b50-5d4ebb378e140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQCB16AFA7pbunVRw%2BNou6tBesUZMkbp7gRODeneldGyJsect02S2WM%2B5djWn3Z0OoLYToBAKAZDBTaahAe9zCt2j08HnlDSSRqbCzTVyMlo0qes0mIVmgr3Ca3gCSWx4gvLarVZVlxdMHZlOjQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc50e4968fd-FRA

GET
H/1.1 200
OK FreightTextBook.ttf
www.planusa.org//app/themes/planusa/dist/fonts/ 125 KB
50 KB 44ms
31ms Font
font/ttf 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org//app/themes/planusa/dist/fonts/FreightTextBook.ttf
Requested by: Host: www.planusa.org
URL: http://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a20cd460709095cb95769f66d91eba8bbb81e61d45cd79cce981eb3a5f2a057e

Request headers

Referer: http://www.planusa.org//app/themes/planusa/dist/styles/main.css
Origin: http://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 50730
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
Server: cloudflare
etag: "1f540-5d4ebb378e140-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVZijDn%2BXFtCtapRiK%2FPreGAgVuw9jbPwp5Ko5MThvyO9F%2BsHm2GcRlsOGBtHY8sZTufnpaxjvqJPsUrWaECuuGJoeEwdGG6DQGFRL1j9oNfr5btuWuN5ZO1ZELXysHXseR1fUSV7nYQik7HG64%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/ttf
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc51d055b9e-FRA

GET
H/1.1 200
OK veneercleanreg-webfont.woff2
www.planusa.org//app/themes/planusa/dist/fonts/ 14 KB
15 KB 47ms
31ms Font
font/woff2 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org//app/themes/planusa/dist/fonts/veneercleanreg-webfont.woff2
Requested by: Host: www.planusa.org
URL: http://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a0bd74072c70519c01e1e224b71681e4515e1fc79d4a4c09f63060cb2f0dbd

Request headers

Referer: http://www.planusa.org//app/themes/planusa/dist/styles/main.css
Origin: http://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
via: 1.1 vegur
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 14420
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
Server: cloudflare
etag: "3854-5d4ebb378e140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlRsC2tIBqQ4BhI0yEHO%2FIwGWDWlq6WjvGbERCAyD0Uyog8Q0uHGvTwH8PeeX4D5GPqrlBWJh%2BdRRgFw1A1RHdn%2BQ%2BI41go%2FCfCzGYPWiIWmc0v%2BWzFRDL7UrlPKgPVYUCZc31rivUBP4WSkRv8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc51c6f696a-FRA

GET
H/1.1 200
OK f2f49a5e-567d-4dfa-8152-c28c8f60c84e.woff2
www.planusa.org//app/themes/planusa/dist/fonts/5663763/ 26 KB
27 KB 42ms
25ms Font
font/woff2 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org//app/themes/planusa/dist/fonts/5663763/f2f49a5e-567d-4dfa-8152-c28c8f60c84e.woff2
Requested by: Host: www.planusa.org
URL: http://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96ca8021c420d64c7a5cd71509940586c77d3e129acd6e52e780033da10ef5c

Request headers

Referer: http://www.planusa.org//app/themes/planusa/dist/styles/main.css
Origin: http://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
via: 1.1 vegur
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 26980
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
Server: cloudflare
etag: "6964-5d4ebb378e140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDa1VBurrz%2FHUkjGiNeHMlW4sx0It3yRMgSoBx0YL%2BrPdfTSl5t7gsCIVFI4SreE2OUEIIDvXzeGZbit50XJzy%2BH3vtNjCAwr1ikyET2ROmT6XLhGeqLzj%2F9sZZYVXaEkSvr0Ym4NrOA8Vof%2F64%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc519d07057-FRA

GET
H/1.1 200
OK 08b57253-2e0d-4c12-9c57-107f6c67bc49.woff2
www.planusa.org//app/themes/planusa/dist/fonts/5664093/ 28 KB
29 KB 56ms
35ms Font
font/woff2 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org//app/themes/planusa/dist/fonts/5664093/08b57253-2e0d-4c12-9c57-107f6c67bc49.woff2
Requested by: Host: www.planusa.org
URL: http://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b889c3ba20d61a1dbf81230dcb46989cb433fe33926fbc2da19db0be3279581f

Request headers

Referer: http://www.planusa.org//app/themes/planusa/dist/styles/main.css
Origin: http://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
via: 1.1 vegur
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 28856
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
Server: cloudflare
etag: "70b8-5d4ebb378e140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c02pbOU1PF%2FhsG83H%2FxnygS0OgL%2FaH09U5tH8rKx6x4qTFA7wxIFk3OTag97LgZVSsFaPEVrjYAz9TW0aansYZUh46j5RQio9e8w4tKHx5nfnq%2Fi%2BT0rpVmeQOnR96cN5739wZD29xJnpKvXsoQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc518c62b65-FRA

GET
H/1.1 200
OK f9c5199e-a996-4c08-9042-1eb845bb7495.woff2
www.planusa.org//app/themes/planusa/dist/fonts/5664085/ 28 KB
29 KB 57ms
23ms Font
font/woff2 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org//app/themes/planusa/dist/fonts/5664085/f9c5199e-a996-4c08-9042-1eb845bb7495.woff2
Requested by: Host: www.planusa.org
URL: http://www.planusa.org//app/themes/planusa/dist/styles/main.css
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 272c08ccba5f883006400f7d490a1393f8114e239b97043e0d2d018a257ca368

Request headers

Referer: http://www.planusa.org//app/themes/planusa/dist/styles/main.css
Origin: http://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
via: 1.1 vegur
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 28636
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
Server: cloudflare
etag: "6fdc-5d4ebb378e140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkwKx8cyKV%2BUBeliT%2F%2Bu3giIPEzaQ%2FBvA206iYIJ43EK3HMmnfcfP5U%2FLWDQGABgW10avXuS6DPBNaLRXDAccnWj71c2jDO4AwhVuASH0ZvOv53erL0%2BKDXMBJWYl1CZioaYmfnx9NAVk9NmOxU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc538855c32-FRA

GET
H/1.1 200
OK jquery.min.js Show response
www.planusa.org/wp/wp-includes/js/jquery/ 87 KB
31 KB 25ms
22ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org/wp/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 30908
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
Server: cloudflare
etag: "15db1-5d0725e454380-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGXn6qxd6yqG54kx42i4CN14NNhkwSR8MSW50yi6JHuhySEA%2FnZ3QHDCmCrUVW8XrEL3Bl%2FXR3puztZSssm68WltKyX%2FNY4QXT2wyQFuNyWohs8S5gvuIWPCE%2FK2%2BlQ%2FsURlQct81%2FTneKox1jI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc53e7c68fd-FRA

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.planusa.org/wp/wp-includes/js/jquery/ 11 KB
5 KB 27ms
27ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org/wp/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4169
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
Server: cloudflare
etag: "2bd8-5d0725e454380-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxgLr0gueNojsRfCKk0CkZm1%2ByGfLkiX35kA%2BazSS9LLFvk7F8m%2FBbgBPNLf7zjUUk9WAsR09abgwyaLcOCblMi7kOpZQYcLWP0PMk93bcICXsWOXL0tZQtYNVwUURNmUqfF0gY1Gr1yJSQrg7Q%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc54cca696a-FRA

GET
H/1.1 200
OK plan-contact-form.js Show response
www.planusa.org//app/plugins/plan-contact-forms/ 2 KB
1 KB 24ms
23ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org//app/plugins/plan-contact-forms/plan-contact-form.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd5b33af440ffa40f58cdafd7da626e38baa7dcbf5a0ef72c163d0938114bd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 573
last-modified: Thu, 06 Jan 2022 15:39:14 GMT
Server: cloudflare
etag: "8cf-5d4ebac240c80-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1Ax0uCw%2Flag9%2F6%2BLsvMOcIQom3Vc3Jync5B3KtxhPtcZn9VHfMVKYcMa7R63oU7jnwzlGkcOfs7qS6fRJWuMff%2FFpGm6CuNkWkp3Fp%2FgY%2FGbp8L8bWBZA6NJLCphK54BIP7vz%2FYhljfC%2FP0nb0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc558c35c32-FRA

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/vendor/ 6 KB
3 KB 23ms
23ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org/wp/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2398
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
Server: cloudflare
etag: "1906-5d0725e454380-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sTRFJEzkgCBkLVDg6vq78cST%2B7gQBjovJWUbLfRYo2XeO4RHQoF12OZzce8CZS%2Bkq1n6jTdIF3yfSU%2Bd9aDcWpdxicZ3uLQW1pn1pu0TcjTe5IxmwD23lNOnpXz6oWY3K4Wo60ZCQ3DGuz4Ric%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc558fe2b65-FRA

GET
H/1.1 200
OK wp-polyfill.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/vendor/ 16 KB
7 KB 31ms
30ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org/wp/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6031
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
Server: cloudflare
etag: "4056-5d0725e454380-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEH6fh1B5vis2bOvP5r%2BYE1UM4CUyHC5nCbyYZEso%2FT0Nf%2BUK4%2F7IASMZ3ruWOBdTYbDykKD3RD0i5VXvWWXEBcg1nF7YywS9RN4VraoT3G8t2%2FFz4dzGEeyzwuK%2BUS9tNJZV2mbBt2csxxGVEI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc56ea568fd-FRA

GET
H/1.1 200
OK hooks.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/ 5 KB
3 KB 22ms
22ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org/wp/wp-includes/js/dist/hooks.min.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1790
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
Server: cloudflare
etag: "1540-5d0725e454380-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjWkudW70PC2aUcLdD%2B8E04CJS5znG3BGABwAo2ig1RpG5BvxNPJFAupi6CW4YQ%2BSDDsPS%2Fkv%2FT6WeZMIo3qVxg3y17mKi31%2FUORHwxVDSw8jwk17eu8Z8Ikd%2Fp1dacU%2B1BB4KInEAqUSdNIAvY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc56d515b9e-FRA

GET
H/1.1 200
OK i18n.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/ 10 KB
5 KB 24ms
23ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org/wp/wp-includes/js/dist/i18n.min.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 477
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3858
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
Server: cloudflare
etag: "268a-5d0725e454380-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qWJUVQPGgW%2B92gqAvsrlhkjroGlMszLCxLgUimI%2FUPqfAAv1lq7ebmbywsCI2kxImaH9E06C1RzQxJmjMhYi%2F6Cf%2BeVFN1ddf6%2FzdBHQSL%2BYYmmyUuuDP50vA1BEafaYHgL8XCVnLIjmf0BeQY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc57cfc696a-FRA

GET
H/1.1 200
OK lodash.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/vendor/ 71 KB
26 KB 28ms
27ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org/wp/wp-includes/js/dist/vendor/lodash.min.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 476
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 25900
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
Server: cloudflare
etag: "11d37-5d0725e454380-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iduOr6NY7%2F52mDOs67SiSkH1C5XP%2Bn7jyrM1Irv7OQthy69plRWe%2BcMG0ylhDuTpfgRsEaJ7Dtl91aoFT5fDKWbNMc1HN4PBQq%2FNNXbPwnF1KeLqorGqtn6eo3kPqjC9dcPeQnonOa2fxeXVkuo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc579025c32-FRA

GET
H/1.1 200
OK url.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/ 5 KB
3 KB 27ms
27ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org/wp/wp-includes/js/dist/url.min.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 661ef2a25c5ddbb64b8819ebe4a078fa23e8eae9676f567e4138448ae685893f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 476
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1989
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
Server: cloudflare
etag: "138a-5d0725e454380-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcljAONp4y8tfrRyaGT9aQ9okkipbpPqcxBIBOpOEhWs7dzSEhyee0vfyMeYQKID%2FxSC1sIPPA6bN1vpbRLs7E%2F9nVyWKRoOmzjZGicwF2J5YHv7Ud5q%2BaES3yErwFH1PdGY00KrMEu2vkA7zak%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc5791d2b65-FRA

GET
H/1.1 200
OK api-fetch.min.js Show response
www.planusa.org/wp/wp-includes/js/dist/ 6 KB
3 KB 26ms
26ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org/wp/wp-includes/js/dist/api-fetch.min.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dc89846fca2c8051e0c805735e48d3b31f23359dbd47f6b9c47b6ae41969236

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 476
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2483
last-modified: Wed, 10 Nov 2021 17:15:10 GMT
Server: cloudflare
etag: "167c-5d0725e454380-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCpaua4E3PtlO0ml8GWMLIN4O%2FS9X0dyMt%2F59tFK4dHcL%2FckEyy7V3uxYd6vkih7GEJTy2MG%2BGe45S%2B0gUaWeoVM8u%2Ba2lsYdL4hYmVj3cNDBLLRM6zCqr7OJD35ku3YDE%2FuWYlKyZzprUOaAxc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc59d665b9e-FRA

GET
H/1.1 200
OK index.js Show response
www.planusa.org//app/plugins/contact-form-7/includes/js/ 11 KB
4 KB 26ms
26ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org//app/plugins/contact-form-7/includes/js/index.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 476
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3238
last-modified: Thu, 06 Jan 2022 15:39:14 GMT
Server: cloudflare
etag: "2ac2-5d4ebac240c80-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCzk7JN%2BPMuB0bEpy1XP3WlHXVDRs7zISKhLpXG2LYZqPIq8XVburEBJ9RVpNoYfbZrJvQ4zkwM6ljhd7zgFI1j4ZeH%2FEk8x2Vf%2FLDlG6ODpmodO6F0lVvf3Q1XmFYrfh35br7kihKgrGw0scUM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc59eec68fd-FRA

GET
H/1.1 200
OK mtiFontTrackingCode.js Show response
www.planusa.org//app/themes/planusa/dist/scripts/ 2 KB
2 KB 23ms
23ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org//app/themes/planusa/dist/scripts/mtiFontTrackingCode.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cef54b115861c341cbaf1ac0baa3bfc74d72e4154ea41815b88d81284a31b47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 476
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 913
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
Server: cloudflare
etag: "6b5-5d4ebb378e140-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGYly07gNOduujnxIi34YUmf%2F5K3s4Y4W4ftcymX5FhVZ2%2FjdS2RPJG0tHivRAjyPWwBwvmrmyQVMgS6edgHFaql%2BecdW2jnEIMkYvv6RtudQQSxLn8rUG23bEQ1FRTNKgOG7zPVfNhiydqfCZg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
via: 1.1 vegur
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6d04dfc5a9485c32-FRA

GET
H/1.1 200
OK main.js Show response
www.planusa.org//app/themes/planusa/dist/scripts/ 2 MB
509 KB 26ms
26ms Script
application/javascript 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org//app/themes/planusa/dist/scripts/main.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f60b7b366414177e5dd1097793aa4da5271bdd44388758781a33e9c25c87a48f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 476
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Jan 2022 15:41:17 GMT
Server: cloudflare
etag: "1ce538-5d4ebb378e140-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uqji0%2BzCAIL6nrNxvCQ2dYsl88JexIQXvUyglrZjTOZnLQ7zmlUJi%2BD0Z9xrx8Y38qa4ybom927a%2BlZG%2BdNG8Hv8XBdXdx7senovGRJEzdQgB79VVWuFXGBjNANY5Y063k0Wvn5i%2FHGdQD5aCME%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
via: 1.1 vegur
Cache-Control: max-age=14400
CF-RAY: 6d04dfc59d5b696a-FRA

GET
H2

200

aos.js Show response
cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/
Redirect Chain

https://cdn.rawgit.com/michalsnik/aos/2.1.1/dist/aos.js
https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.js

12 KB
4 KB

23ms
22ms

Script
application/javascript

2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.js

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fc3dc353e44ae364d1dc0ebf2b40e1118ca7b7c45c43b02844b6d57fe458bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1370729
x-jsd-version: 2.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19149-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"309e-cpJskiPcspL2Qdrb/E/HvSfUzYw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6d04dfc55a685c3e-FRA

Redirect headers

date: Thu, 20 Jan 2022 02:29:15 GMT
x-content-type-options: nosniff
cdn-edgestorageid: 756
age: 71345
access-control-expose-headers: *
x-cache: MISS, HIT
cdn-cachedat: 01/20/2022 03:29:12
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 94
server: BunnyCDN-DE1-756
x-served-by: cache-fra19177-FRA, cache-pwk4923-PWK
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-requestpullcode: 301
location: https://cdn.jsdelivr.net/gh/michalsnik/aos@2.1.1/dist/aos.js
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=2592000
cdn-requestid: def8b8caac79852e81089a6f4e18974d
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 301
cdn-requestpullsuccess: True

GET
H/1.1 200
OK loader.js Show response
static.olark.com/jsclient/ 9 KB
3 KB 31ms
16ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://static.olark.com/jsclient/loader.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 19:22:52 GMT
Server: ECS (frb/6772)
Age: 3944
Etag: "61ba408c-2227"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Accept-Ranges: bytes
Content-Length: 3120
Via: 1.1 google
Expires: Thu, 20 Jan 2022 05:29:15 GMT

GET
H/1.1 200
OK app.js Show response
static.olark.com/jsclient/ Frame 9D25 55 KB
19 KB 16ms
16ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://static.olark.com/jsclient/app.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: HTTP/1.1
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: 506e190d894a15318bb3f0c60d700a21432f0e57275b9c3d8c44ef45f31b6674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 19:23:06 GMT
Server: ECS (frb/6762)
Age: 7385
Etag: "61ba409a-dae7"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Accept-Ranges: bytes
Content-Length: 18597
Via: 1.1 google
Expires: Thu, 20 Jan 2022 05:29:15 GMT

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=G-P02S4VE0VS&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=G-P02S4VE0VS&l=dataLayer&cx=c

165 KB
61 KB

52ms
26ms

Script
application/javascript

2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P02S4VE0VS&l=dataLayer&cx=c

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88e5b17ab82f63e9df62aa13d4fdb8be83c2fc1288120df4944e2126dea15456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62542
x-xss-protection: 0
expires: Thu, 20 Jan 2022 02:29:15 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=G-P02S4VE0VS&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 63ms
21ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5289
date: Thu, 20 Jan 2022 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 20 Jan 2022 03:01:06 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 76ms
39ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7BAE5556C0484EF4AEC396E4609FBD12 Ref B: FRAEDGE1221 Ref C: 2022-01-20T02:29:15Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H/1.1

200
OK

activityi;dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%... Show response
9879419.fls.doubleclick.net/ Frame 4779
Redirect Chain

http://9879419.fls.doubleclick.net/activityi;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F...
http://9879419.fls.doubleclick.net/activityi;dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http...

597 B
1 KB

28ms
27ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://9879419.fls.doubleclick.net/activityi;dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF

Protocol

HTTP/1.1

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

167460e9b51be0c421eb438d592183e577fcfaa453c89137ea7426ce14c3c928

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 20 Jan 2022 02:29:15 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 447
X-XSS-Protection: 0

Redirect headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 20 Jan 2022 02:29:15 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Follow-Only-When-Prerender-Shown: 1
Strict-Transport-Security: max-age=21600
Location: http://9879419.fls.doubleclick.net/activityi;dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 52ms
18ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26187
x-xss-protection: 0
pragma: public
x-fb-debug: 0vnUyoWbgeiIMsmsQGCOWhAxnjMYnbZhlXlXhuu68SSgvQzgtK2R2/gun+tNwE2BMBqZNcNxRCarbgoH3QhfpQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 20 Jan 2022 02:29:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 btp.js Show response
www.rtb123.com/tags/F252B1AF-720F-7E91-A7FC-2C1CC8587E1A/ 6 KB
2 KB 456ms
121ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/F252B1AF-720F-7E91-A7FC-2C1CC8587E1A/btp.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6ff81a1d1383d77bf6e6c307a02105b2b7f0dedcade233d203e6f8975266043d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 16:45:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "07b5a78425d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2072

GET
H2 200 / Show response
2e07d875b89549cf92917817c484f293.js.ubembed.com/ 8 KB
2 KB 69ms
16ms Script
application/json 151.101.129.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://2e07d875b89549cf92917817c484f293.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 60e0357e9e5bebd6128e71e8b5e6bc154692316fa317fcd8c84a83ccad2d179f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 477
etag: 3e9e5442845c7891f3ef36de2739ce13-v0.179.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA50-C1
accept-ranges: none
x-amz-apigw-id: MOQM5E3ijoEFdXA=

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 120 KB
35 KB 177ms
125ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV3UQRTD82FVM3BE8BI0
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 02b1d98819b55a56dc97a22a2c9e6e2a2a67c765e62afcd8f4945f6f96e0cfe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 29357f22.481ee808
date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-221-225-86.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1642645755923769
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 110,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=13, inner; dur=1
content-length: 35053
pragma: no-cache
server: nginx
x-tt-logid: 2022012002291501011313522718EFBA17
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.221.225.86
x-tt-trace-host: 016d77b26dd86e25531c9e1cdefa978aa4289a0fbef6c4b0d50456fa2afc37ec034e71d3df5cbf133f97907227282a3f709e926d2f140d9a63163f1cc83144f8cac38b400d8428b878cb013000f9e4663746526871c3fb5c6707cded8b1774c082c3ad876cfcf039ab7699b883b93fabf4
expires: Thu, 20 Jan 2022 02:29:15 GMT

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 120 KB
35 KB 201ms
150ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV40RRID4EIVEV2ITOB0
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c69b2064a720570d3f0fee1f024367c3393d1303989b1c629a611f12cab9c6d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 3656a6a.481ee809
date: Thu, 20 Jan 2022 02:29:16 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-221-225-93.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
upstream-caught: 1642645755938067
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 134,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=29, inner; dur=1
content-length: 35039
pragma: no-cache
server: nginx
x-tt-logid: 2022012002291501011300613609F8DA8F
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.221.225.93
x-tt-trace-host: 016d77b26dd86e25531c9e1cdefa978aa4289a0fbef6c4b0d50456fa2afc37ec03841211276dd498b02d88d4817b9fe140b4723c0837b6851ea5098c7b284c6e5ff2b741568eb1ceec33a0b9bf86b4f69e2e6783852a62c3eba5531c5cf80d5d827e0d8a23d49172235bfa2899af58e927
expires: Thu, 20 Jan 2022 02:29:16 GMT

GET
H/1.1 200
OK 1.css
fast.fonts.net/lt/ 0
819 B 45ms
29ms Stylesheet
text/css 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://fast.fonts.net/lt/1.css?apiType=css&c=ea6359fa-853e-4937-aed5-a11449a9b2d1&fontids=5658415,5663763,5664085,5664089,5664093,5664098,5664111,5664150
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
CF-Cache-Status: HIT
Age: 129694
CF-RAY: 6d04dfc6195c4a8c-FRA
Connection: keep-alive
Content-Length: 0
x-amz-id-2: MfgZf0pyrclUeSvK9NPomQqZjSM3RZ9QHElzhSzpktLEAw5QcPXgjhgl48HALn/pUm/CNN9Yf5c=
Last-Modified: Tue, 23 Mar 2021 12:59:56 GMT
Server: cloudflare
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
x-amz-request-id: 2JY4S7YD8VSRPMP5
Cache-Control: public, max-age=0, s-maxage=604800
Accept-Ranges: bytes
Content-Type: text/css; charset=utf-8
x-amz-meta-mtime: 1361983047

GET
H/1.1 200
OK 2290-981-10-8705.js Show response
static.olark.com/a/assets/v0/site/ Frame 9D25 29 KB
30 KB 16ms
16ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://static.olark.com/a/assets/v0/site/2290-981-10-8705.js?cb=1642645755836
Requested by: Host: static.olark.com
URL: http://static.olark.com/jsclient/app.js
Protocol: HTTP/1.1
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67AA) /
Resource Hash: 6c4c6c1720cd70cd89d6e86a7bc98250de7004deab5df8e90f736213aa49e7fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
Via: 1.1 google
Last-Modified: Wed, 19 Jan 2022 12:21:49 GMT
Server: ECS (frb/67AA)
Age: 50847
X-Cache: HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 29933

GET
H/1.1 200
OK c Show response
knrpc.olark.com/nrpc/ Frame 9D25 881 B
1 KB 144ms
127ms XHR
text/javascript 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://knrpc.olark.com/nrpc/c?c=create&s=2290-981-10-8705&v=av4Z0sf1tk8FEjsQ588Ba0PoaaRZb47F&i=XCUxh31geVB0R1Vm588Ba0P7abj4bkoa&g=ALL&q=precache041713318508512764&j=o0&version=loader-precache&xhttp=1&u=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&r=&ca=false&ru=false
Requested by: Host: static.olark.com
URL: http://static.olark.com/jsclient/app.js
Protocol: HTTP/1.1
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: TwistedWeb/21.2.0 /
Resource Hash: 78071040007909b1bad4eca5467cd67e33fab5802cb43178e6e42b2b3ed2a175

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 02:29:15 GMT
Via: 1.1 google
Last-Modified: Thu, 20 Jan 2022 02:29:15 UTC
Server: TwistedWeb/21.2.0
Transfer-Encoding: chunked
X-Rpc: nrpc-http-6556d69b75-ms8tg
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0
Content-Disposition: inline; filename="rpc.txt"
Content-Type: text/javascript; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK application2.js Show response
static.olark.com/jsclient-bucket5/ Frame 9D25 1 MB
309 KB 16ms
16ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://static.olark.com/jsclient-bucket5/application2.js?v=1639596023950
Requested by: Host: static.olark.com
URL: http://static.olark.com/jsclient/app.js
Protocol: HTTP/1.1
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: a9cf578656c6c3d88130bc3b64768066d27712b0f54a5a0d834c4fc1902e69ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 19:22:48 GMT
Server: ECS (frb/668C)
Age: 6441
Etag: "61ba4088-11e9d5"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Accept-Ranges: bytes
Content-Length: 315904
Via: 1.1 google
Expires: Thu, 20 Jan 2022 05:29:15 GMT

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK show Show response
www.planusa.org/cart/ 34 B
737 B 654ms
654ms Fetch
application/json 2606:4700:3037::6815:4da4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.planusa.org/cart/show
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:4da4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0824e35cfc0209edf067d13c8776eefdb291ec4381ba18ffc7754bec8ed22197

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

CF-RAY: 6d04dfc6cf35696a-FRA
Date: Thu, 20 Jan 2022 02:29:16 GMT
via: 1.1 vegur
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifAA75Gnvp1dCl9pdiIoVK9NDPo%2B3tPZmELmiwZ5zDHGi5tD6q1d19h8g1%2ByNLfdpdsoTyQ7kid0jiuQSPXE43n57wt%2Biac6Hr60ddO9Jwio1nKSGSA3jVXGBvdB5Xxl8aztDPkoq3frAUGUNHI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json; charset=UTF-8
Connection: keep-alive
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET posts
www.planusa.org/wp-json/plan/v1/ 0
0

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 137 KB
45 KB 55ms
29ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-5V4F57R&t=gtm4&cid=796013014.1642645756

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c06a9fce687add357d9a228f8995e367efebd5ad7521d0bc0c300776f86d03c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46455
x-xss-protection: 0
expires: Thu, 20 Jan 2022 02:29:16 GMT

GET
H3 200 1673850439538622 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 37ms
18ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1673850439538622?v=2.9.49&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05e7a6adde929e7d731550f9d3d957b6754e7a2bf2fb475794a6e5f74f6f61e9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88962
x-xss-protection: 0
pragma: public
x-fb-debug: BN2zm8lmYozYyeXVwq59FNpwGQa0maTHJH8c98DOoZAtl/Y7QzxWTJx3rH4rj9GSgPkOt3Q1rz8H8OtS9GqpRw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 20 Jan 2022 02:29:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 42ms
26ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF

Protocol

HTTP/1.1

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 20 Jan 2022 02:29:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 1633785920527017951
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 14846
X-XSS-Protection: 0
Expires: Thu, 20 Jan 2022 02:29:16 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 166ms
16ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-65-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 19 Jan 2022 03:56:57 GMT
Via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 81140
ETag: "98d98b3499058b76d58073cf8ede2f10"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: 4p4cOhuqT20bp32UAnlTCuSpW9LoIBNbic8P5nS4DZB_z1Iup_bv3A==

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.1/ 173 KB
47 KB 106ms
18ms Script
application/javascript 65.9.58.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by: Host: 2e07d875b89549cf92917817c484f293.js.ubembed.com
URL: https://2e07d875b89549cf92917817c484f293.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-40.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 19:43:55 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:19:04 GMT
server: AmazonS3
age: 1233922
etag: W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: sixi_QNi8IXnu0e4HoLmV5ID2ROwCx5RUBXo2cIcmkyw4bXTfUD5CA==

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 23ms
23ms Ping
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-P02S4VE0VS&gtm=2oe1c0&_p=1474258366&sr=1600x1200&ul=en-us&cid=796013014.1642645756&_s=1&dl=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&dt=Our%20Blog%20%7C%20Plan%20International%20USA&sid=1642645755&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-P02S4VE0VS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.planusa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 28082325.js Show response
bat.bing.com/p/action/ 685 B
738 B 210ms
210ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/28082325.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fa6a5d3bccff8f77197267f6c79c4472a29bb47f94738230af90e0c88a942b3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7D8DDB592C1D4DA3A67859D2AAF6E62C Ref B: FRAEDGE1221 Ref C: 2022-01-20T02:29:16Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 587

GET
H2 204 0
bat.bing.com/action/ 0
172 B 40ms
40ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=28082325&tm=gtm002&Ver=2&mid=c2cda69f-d76d-4625-a8dc-cb3c01d7c452&sid=c356f430799811ecbc3cc1e469145d29&vid=c356ffa0799811ecb61b0135c0c10814&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Our%20Blog%20%7C%20Plan%20International%20USA&p=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&r=&lt=3131&evt=pageLoad&msclkid=N&sv=1&rn=943921
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 23BA0C977E414C64A48593C04749D478 Ref B: FRAEDGE1221 Ref C: 2022-01-20T02:29:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_sour... Show response
adservice.google.com/ddm/fls/i/ Frame 9260 596 B
915 B 107ms
61ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField

Requested by

Host: 9879419.fls.doubleclick.net
URL: http://9879419.fls.doubleclick.net/activityi;dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cd7a6d09ab80c4bb79a6677c409fd6f170ec38492d207bf86d48c738f6b64f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://9879419.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jan 2022 02:29:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 446
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 114ms
114ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV3UQRTD82FVM3BE8BI0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 2b84625a.481ee87b
date: Thu, 20 Jan 2022 02:29:16 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-25-157-178.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1642645756162409
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 98,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=2, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 2022012002291601011300611226F5347C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,184.25.157.178
x-tt-trace-host: 016d77b26dd86e25531c9e1cdefa978aa492ae7a70a59017f1e62bd0ef6519a2e8591185e07eb61a68116b2928bb67fba54074daf9e39f76302f267cd14d25707aab55e55e0016c938a10a1b52373085c2e713d5b7dc1ea244cb64b4013f2c86dd308ec5b95cf54e3f8179fa877898969a
expires: Thu, 20 Jan 2022 02:29:16 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 107ms
107ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BV3UQRTD82FVM3BE8BI0&hostname=www.planusa.org
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV3UQRTD82FVM3BE8BI0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 765878db2008fd3751bb16c1189a6fbc4e72631a7b63e11729c2a75c386a63e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 4b46670e.481ee885
date: Thu, 20 Jan 2022 02:29:16 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a72-247-190-52.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
upstream-caught: 1642645756183247
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 89,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=2, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 2022012002291601011313500926F697C3
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,72.247.190.52
x-tt-trace-host: 016d77b26dd86e25531c9e1cdefa978aa432530b9e23f64a4dc3d1dbe7daf5c4ff3d19867a52ba34a1a42670949678765513a9c4743c311c0333c85b1235d705abaebf18f4523353924c7bd1e3d1a739c648ef9c759c47a70549d48f189a62e7839a9cc5cdf875cde2d757eed5ea0846ae
expires: Thu, 20 Jan 2022 02:29:16 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 717 B
1 KB 115ms
114ms Script
application/javascript 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BV40RRID4EIVEV2ITOB0&hostname=www.planusa.org
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV3UQRTD82FVM3BE8BI0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d401f2661f8fa38103e44cc57c2cf846a2f36d3e5aecdc537d0b4caa0ba54a74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 5a9f0cf.481ee889
date: Thu, 20 Jan 2022 02:29:16 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-221-225-102.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
upstream-caught: 1642645756195464
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 99,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=10, inner; dur=1
content-length: 321
pragma: no-cache
server: nginx
x-tt-logid: 202201200229160101130062141BF89F40
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.221.225.102
x-tt-trace-host: 016d77b26dd86e25531c9e1cdefa978aa4289a0fbef6c4b0d50456fa2afc37ec0359ce68fabeb00eb6b610167ca827590ecabb9faaee1d5771119c469bacc0f84ee05ad1bebd3c22178d67d078ed39dba0685c2c0b8648c05a59a94d087adba4790be31aaa726f17a99198ca50c4551cb1
expires: Thu, 20 Jan 2022 02:29:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 59ms
20ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1673850439538622&ev=PageView&dl=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&rl=&if=false&ts=1642645756149&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&fbp=fb.1.1642645756147.1719024549&it=1642645755991&coo=false&exp=p1&rqm=GET

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 20 Jan 2022 02:29:16 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 25ms
24ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1474258366&t=pageview&_s=1&dl=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&ul=en-us&de=UTF-8&dt=Our%20Blog%20%7C%20Plan%20International%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAEADQAAAAC~&jid=604498797&gjid=644453576&cid=796013014.1642645756&tid=UA-634112-1&_gid=670851466.1642645756&_r=1&gtm=2wg1c0NCM2NF&z=1506503626

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.planusa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072188440/ 2 KB
2 KB 467ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072188440/?random=1642645756225&cv=9&fst=1642645756225&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&ig=1&data=dynx_pagetype%3Dother%3Bdynx_totalvalue%3D0&frm=0&url=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Our%20Blog%20%7C%20Plan%20International%20USA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

116121dee1f11af6653cf653ffd4ed1471b09ba0e06c22abe3edd2ccb7c630b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1110
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 438ms
24ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-634112-1&cid=796013014.1642645756&jid=604498797&gjid=644453576&_gid=670851466.1642645756&_u=aHDAAEACQAAAAC~&z=1135430019

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 20 Jan 2022 02:29:16 GMT
content-type: text/plain
access-control-allow-origin: http://www.planusa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1474258366&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&ul=en-us&de=UTF-8&dt=Our%20Blog%20%7C%20Plan%20International%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Google%20Optimize&ea=yqsK9vY5Qu-VypNcHgng5Q&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=796013014.1642645756&tid=UA-634112-1&_gid=670851466.1642645756&gtm=2wg1c0NCM2NF&z=573539171

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jan 2022 19:33:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24927
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 storage.html Show response
static.olark.com/jsclient-bucket5/ Frame 1224 180 B
368 B 418ms
17ms Document
text/html 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient-bucket5/storage.html?v=1639596023950
Requested by: Host: static.olark.com
URL: http://static.olark.com/jsclient-bucket5/application2.js?v=1639596023950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: 17e9588688a15c515b224e4c7633242f64a364e515df9f365f9f923f7bd5c1c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 7614
cache-control: max-age=10800
content-type: text/html; charset=utf-8
date: Thu, 20 Jan 2022 02:29:16 GMT
etag: "61ba4095-b4"
expires: Thu, 20 Jan 2022 05:29:16 GMT
last-modified: Wed, 15 Dec 2021 19:23:01 GMT
server: ECS (frb/6772)
vary: Accept-Encoding
via: 1.1 google
x-cache: HIT
content-length: 156

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
709 B 115ms
115ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV3UQRTD82FVM3BE8BI0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4b46698e.481ee8cb
date: Thu, 20 Jan 2022 02:29:16 GMT
x-cache-remote: TCP_MISS from a72-247-190-52.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 99,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=12, inner; dur=11
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202201200229160101130062091AE9CA23
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,72.247.190.52
x-tt-trace-host: 016d77b26dd86e25531c9e1cdefa978aa432530b9e23f64a4dc3d1dbe7daf5c4ff3d19867a52ba34a1a42670949678765513a9c4743c311c0333c85b1235d705ab20e1570b4afaecec22e5843cc9338011ab5e3c0838df66e5b4f9b2be527395e0706a9dc9e15e5d25251f28ea7a1d00b3
expires: Thu, 20 Jan 2022 02:29:16 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
710 B 122ms
122ms Ping
application/octet-stream 2.16.186.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BV3UQRTD82FVM3BE8BI0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-242.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4a99546.481ee8d2
date: Thu, 20 Jan 2022 02:29:16 GMT
x-cache-remote: TCP_MISS from a23-221-225-108.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-238.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-parent-response-time: 106,2.16.186.238
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=24, inner; dur=14
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202201200229160101130062050BF4541D
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.221.225.108
x-tt-trace-host: 016d77b26dd86e25531c9e1cdefa978aa4289a0fbef6c4b0d50456fa2afc37ec038bc403c54a8eee68c10a32866b5ae534376828353076d6d5d5d01a6d15b8bb478b80534a387bfadb2823b65b63896c35346a1301f2562789512b07a3b057f9d81cc40530581c3039e618cc2d4a07e7cc
expires: Thu, 20 Jan 2022 02:29:16 GMT

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-608274385
https://www.googletagmanager.com/gtag/js?id=AW-608274385

98 KB
39 KB

27ms
27ms

Script
application/javascript

2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-608274385

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a27fc46e2fd27c37d7472734f4324cf00bd2ca7ebadcb2af058b3eaaeaa7c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39733
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 00:28:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jan 2022 02:29:16 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-608274385
Non-Authoritative-Reason: HSTS

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-608274385&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-608274385&l=dataLayer&cx=c

98 KB
39 KB

31ms
31ms

Script
application/javascript

2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-608274385&l=dataLayer&cx=c

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73453b75ceda9365eb4e26e2b5d2457fed511e365ae4c21585e65419cb4021bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39747
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 00:28:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jan 2022 02:29:16 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-608274385&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK cybba_latest.min.js Show response
d2rp1k1dldbai6.cloudfront.net/ 75 KB
20 KB 40ms
19ms Script
application/javascript 2600:9000:214f:2c00:d:87ae:bb80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2rp1k1dldbai6.cloudfront.net/cybba_latest.min.js
Requested by: Host: www.rtb123.com
URL: https://www.rtb123.com/tags/F252B1AF-720F-7E91-A7FC-2C1CC8587E1A/btp.js
Protocol: HTTP/1.1
Server: 2600:9000:214f:2c00:d:87ae:bb80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0faa231d2e1618d382b7e2eeed4244ebad6f9c78df86e153b90e6e20d218bfce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 19 Jan 2022 02:47:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Sep 2021 13:53:05 GMT
Server: AmazonS3
Age: 85308
ETag: W/"9e33abcb83f5793fa610130e97588252"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: OaEAErocHGwFmhWaB5SHzeJznP0k-MIdMdHXwTu8jjM-ydSVIX5ciA==

GET
H2 200 loader.min.js Show response
files1.cybba.solutions/planusa.org/ 76 KB
24 KB 393ms
15ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://files1.cybba.solutions/planusa.org/loader.min.js
Requested by: Host: www.rtb123.com
URL: https://www.rtb123.com/tags/F252B1AF-720F-7E91-A7FC-2C1CC8587E1A/btp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 018e10d24baee1ca267c9c1bfc2a2dece02f242bc95f43ebac90c280a4ceee31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:16 GMT
content-encoding: br
cdn-edgestorageid: 756
cdn-cachedat: 01/12/2022 11:53:04
cdn-pullzone: 116099
cdn-requestpullsuccess: True
server: BunnyCDN-DE1-756
last-modified: Wed, 28 Jul 2021 20:12:40 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6101ba38-13013"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: a080e070-2552-4896-b206-e42f1464eeab
cache-control: public, max-age=1800
cdn-requestid: a88101fce2e5254e40e8da6b8b4ac059
cdn-requestcountrycode: DE
cdn-status: 200
expires: Wed, 12 Jan 2022 11:23:04 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

http://secure.adnxs.com/seg?add=20952558&t=2
https://secure.adnxs.com/sbounce?%2Fseg%3Fadd%3D20952558%26t%3D2
https://secure.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D20952558%2526t%253D2

43 B
1021 B

21ms
20ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D20952558%2526t%253D2

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 02:29:16 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0c936417-8bc3-46d7-8f1d-135e3958875a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 02:29:16 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 54344a9a-a513-40a5-98ff-5710fed4e5c6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsbounce%3F%252Fseg%253Fadd%253D20952558%2526t%253D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

http://secure.adnxs.com/px?id=1222827&t=2
https://secure.adnxs.com/sbounce?%2Fpx%3Fid%3D1222827%26t%3D2
https://secure.adnxs.com/bounce?%2Fsbounce%3F%252Fpx%253Fid%253D1222827%2526t%253D2

43 B
1021 B

21ms
21ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsbounce%3F%252Fpx%253Fid%253D1222827%2526t%253D2

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 02:29:16 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3692899b-c15f-4732-8f12-a8ddc43f3639
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 02:29:16 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 4fbd8dff-5b70-410e-b0be-bdedefe3a23b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsbounce%3F%252Fpx%253Fid%253D1222827%2526t%253D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 clarity.js Show response
e.clarity.ms/s/0.6.31/ 52 KB
23 KB 476ms
105ms Script
application/javascript 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/28082325.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:15 GMT
content-encoding: br
etag: "1d7ffcbff747e00"
last-modified: Sun, 02 Jan 2022 11:29:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=5CBBC37A68CA490DB1059CBF8D6BC246&RedC=c.clarity.ms&MXFR=3D9094DA02306DD61D3785E80630631A
https://c.clarity.ms/c.gif?CtsSyncId=5CBBC37A68CA490DB1059CBF8D6BC246&MUID=3F31AFFA4CAE668611B2BEC84D7C6741

42 B
367 B

35ms
35ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=5CBBC37A68CA490DB1059CBF8D6BC246&MUID=3F31AFFA4CAE668611B2BEC84D7C6741
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9ea1ae3587d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9266E1CC851F40289D6D799776F9BC48 Ref B: FRAEDGE1221 Ref C: 2022-01-20T02:29:16Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=5CBBC37A68CA490DB1059CBF8D6BC246&MUID=3F31AFFA4CAE668611B2BEC84D7C6741
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D523 0
18 B 40ms
17ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: http://www.planusa.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/

Response headers

content-type: text/plain
access-control-allow-origin: http://www.planusa.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 20 Jan 2022 02:29:16 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 72ms
29ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-634112-1&cid=796013014.1642645756&jid=604498797&_u=aHDAAEACQAAAAC~&z=289659625

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 73ms
30ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-634112-1&cid=796013014.1642645756&jid=604498797&_u=aHDAAEACQAAAAC~&z=289659625

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_sour... Show response
adservice.google.de/ddm/fls/i/ Frame 4271 194 B
870 B 76ms
31ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COikk6akv_UCFWPhEQgdjOMBeQ;src=9879419;type=allpages;cat=allpa0;ord=8282548141615;gtm=2wg1c0;auiddc=562675857.1642645756;u7=%2Fblog%2F;~oref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jan 2022 02:29:16 GMT
expires: Thu, 20 Jan 2022 02:29:16 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 storage.js Show response
static.olark.com/jsclient-bucket5/ Frame 1224 87 KB
28 KB 17ms
17ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient-bucket5/storage.js?v=1639596023950
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket5/storage.html?v=1639596023950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: caa53054dc12f4194410b03956c943038cfc7963c54b95c2fcab47f2aecb6111

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.olark.com/jsclient-bucket5/storage.html?v=1639596023950
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:16 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 19:22:48 GMT
server: ECS (frb/6712)
age: 2084
etag: "61ba4088-15d17"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 28656
via: 1.1 google
expires: Thu, 20 Jan 2022 05:29:16 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072188440/ 42 B
548 B 66ms
27ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072188440/?random=1642645756225&cv=9&fst=1642644000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&data=dynx_pagetype%3Dother%3Bdynx_totalvalue%3D0&frm=0&url=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Our%20Blog%20%7C%20Plan%20International%20USA&async=1&fmt=3&is_vtc=1&random=1885784875&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1072188440/ 42 B
154 B 70ms
31ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072188440/?random=1642645756225&cv=9&fst=1642644000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&data=dynx_pagetype%3Dother%3Bdynx_totalvalue%3D0&frm=0&url=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Our%20Blog%20%7C%20Plan%20International%20USA&async=1&fmt=3&is_vtc=1&random=1885784875&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK user Show response
app.cybba.solutions/ 143 B
453 B 303ms
98ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/user?callback=_vtsdk.User.callbackUser&shopId=1477&email=null&_ts=83300299

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/planusa.org/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

eba3f0fbe78617c55da5c44fdf450e31505dae730bc74809ba3a66a8221405fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:16 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 143
Expires: Thu, 20 Jan 2022 02:29:15 GMT

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 269 B
425 B 58ms
16ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=X8nNh9l0HcVYntp
Requested by: Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/planusa.org/loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 3a5dd6dacdf469f0a11ade9f05aebb0b0e7baf9b7c46cfabe362362e067f9760

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Jan 2022 02:29:16 GMT
Content-Length: 269
Content-Type: application/json; charset=utf-8

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/608274385/ 2 KB
1 KB 59ms
34ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/608274385/?random=1642645756768&cv=9&fst=1642645756768&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Our%20Blog%20%7C%20Plan%20International%20USA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39eff28c4008f0eabe3c221a45010d2362ef8a2380bd7464805c645c24f6ac45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1103
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 visits Show response
api.olark.com/2.0/sites/2290-981-10-8705/ Frame 9D25 112 B
419 B 165ms
127ms Script
application/javascript 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.olark.com/2.0/sites/2290-981-10-8705/visits?_callback=_olark_callback_22541b8f_e474_439a_8025_97b37223535f&_method=POST&_data=%7B%22conversation_id%22%3A%22XCUxh31geVB0R1Vm588Ba0P7abj4bkoa%22%2C%22cache%22%3A%220.4387410137333916%22%7D
Requested by: Host: static.olark.com
URL: http://static.olark.com/jsclient-bucket5/application2.js?v=1639596023950
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: NotARealServer/1.33.7 /
Resource Hash: 100de4d9d5034b9141de7435ec1a60e1d630bfd83fbbab35cb25c20a86c815fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 02:29:16 GMT
via: 1.1 google
server: NotARealServer/1.33.7
access-control-allow-headers: X-Access-Token, X-CSRF-Token, Content-Type, Authorization
access-control-max-age: 432000
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/javascript
access-control-allow-origin: *
content-disposition: inline; filename="api.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 206
Partial Content olark-chimes.ogg
static.olark.com/jsclient/sounds/ Frame 9D25 11 KB
11 KB 18ms
18ms Media
audio/ogg 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://static.olark.com/jsclient/sounds/olark-chimes.ogg
Requested by: Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField
Protocol: HTTP/1.1
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: b1fa55944d393c97b9d9c938e639e532e95ccb046440b9adfffca4e1b0a2bcae

Request headers

Referer: http://www.planusa.org/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 20 Jan 2022 02:29:16 GMT
Via: 1.1 google
Last-Modified: Wed, 15 Dec 2021 19:22:52 GMT
Server: ECS (frb/6731)
Age: 5730
Etag: "61ba408c-2a35"
X-Cache: HIT
Content-Type: audio/ogg
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Content-Range: bytes 0-10804/10805
Accept-Ranges: bytes
Content-Length: 10805
Expires: Thu, 20 Jan 2022 05:29:16 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/608274385/ 42 B
64 B 61ms
29ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/608274385/?random=1642645756768&cv=9&fst=1642644000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Our%20Blog%20%7C%20Plan%20International%20USA&async=1&fmt=3&is_vtc=1&random=737786769&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/608274385/ 42 B
64 B 60ms
29ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/608274385/?random=1642645756768&cv=9&fst=1642644000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Our%20Blog%20%7C%20Plan%20International%20USA&async=1&fmt=3&is_vtc=1&random=737786769&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.planusa.org
URL: http://www.planusa.org/blog/?utm_source=MC&utm_medium=email&utm_campaign=Notes&utm_content=NotesFromTheField

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
93 B 322ms
321ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: http://www.planusa.org
date: Thu, 20 Jan 2022 02:29:16 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1 200
OK conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 26ms
26ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF

Protocol

HTTP/1.1

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 20 Jan 2022 02:29:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 1633785920527017951
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 14846
X-XSS-Protection: 0
Expires: Thu, 20 Jan 2022 02:29:17 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 30AB 0
182 B 131ms
41ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=2mlbed5&ref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&upid=3gs34vr&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/

Response headers

date: Thu, 20 Jan 2022 02:29:17 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 9D4E 0
181 B 123ms
42ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=4toff13&ref=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&upid=16dhzbf&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/

Response headers

date: Thu, 20 Jan 2022 02:29:17 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1042929713/ 2 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1042929713/?random=1642645757064&cv=9&fst=1642645757064&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&ig=1&data=dynx_pagetype%3Dother&frm=0&url=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Our%20Blog%20%7C%20Plan%20International%20USA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06257181c9542e5dfb2aa25c0b31bab9f2de4cf589065384efe3efabbe130578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1096
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1042929713/ 42 B
64 B 33ms
33ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1042929713/?random=1642645757064&cv=9&fst=1642644000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&data=dynx_pagetype%3Dother&frm=0&url=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Our%20Blog%20%7C%20Plan%20International%20USA&async=1&fmt=3&is_vtc=1&random=109996243&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1042929713/ 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1042929713/?random=1642645757064&cv=9&fst=1642644000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1c0&sendb=1&data=dynx_pagetype%3Dother&frm=0&url=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField&tiba=Our%20Blog%20%7C%20Plan%20International%20USA&async=1&fmt=3&is_vtc=1&random=109996243&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 02:29:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK update Show response
app.cybba.solutions/event/1477/ 200 B
510 B 303ms
105ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/1477/update?data=%7B%22userId%22%3A%225334910167965153%22%2C%22sessionId%22%3A%22306102216796566975%22%2C%22type%22%3A%22update%22%2C%22lastVisitDate%22%3A1642645756711%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=48109482

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/planusa.org/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

25fa56755af5c9dbb54d54f75a8d7c6b6fb0f8e819ae6c81c4744191e349e861

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:17 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Thu, 20 Jan 2022 02:29:16 GMT

GET
H/1.1 200
OK theme.css
static.olark.com/jsclient/styles/cryptic-capybara/ 165 KB
20 KB 16ms
16ms Stylesheet
text/css 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Requested by: Host: static.olark.com
URL: http://static.olark.com/jsclient-bucket5/application2.js?v=1639596023950
Protocol: HTTP/1.1
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: 252c73425a721718d649ac01db44e5d9834a4d4dd9316608cb4e3303b75eca77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 19:22:52 GMT
Server: ECS (frb/67C1)
Age: 4708
Etag: W/"61ba408c-294a5"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Accept-Ranges: bytes
Content-Length: 19753
Via: 1.1 google
Expires: Thu, 20 Jan 2022 05:29:17 GMT

GET
H/1.1 200
OK log.png
log.olark.com/jslog/ 2 B
135 B 143ms
126ms Image
text/plain 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://log.olark.com/jslog/log.png?version=-bucket5&location=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_med&message=%23chatbox-size-md%20%23using_theme.cryptic_capybara%20%23using_theme%20&tabname=oktab30069630145710735&conversation_id=XCUxh31geVB0R1Vm588Ba0P7abj4bkoa&visitor_id=av4Z0sf1tk8FEjsQ588Ba0PoaaRZb47F&site_id=2290-981-10-8705&bucket=bucket5&level=count&timestamp=1642645757260&properties=%7B%7D&recent_logs=%5B%5D
Protocol: HTTP/1.1
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:17 GMT
Via: 1.1 google
Server: nginx
Content-Length: 2
Content-Type: text/plain

GET
H/1.1 200
OK plan-usa-favicon.jpg
planusa-org-staging.s3.amazonaws.com/public/uploads/2021/05/ Frame 9D25 0
565 B 443ms
129ms Image
application/octet-stream 52.216.128.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://planusa-org-staging.s3.amazonaws.com/public/uploads/2021/05/plan-usa-favicon.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.128.35 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.planusa.org/
Origin: http://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:18 GMT
Last-Modified: Wed, 15 Dec 2021 16:36:11 GMT
Server: AmazonS3
x-amz-request-id: D8T71VJCBZ8FM0HE
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
x-amz-version-id: hfPaN2q0R1r5bzxKXYqr8Ob6CzT_9S2v
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Type: application/octet-stream
Content-Length: 0
x-amz-id-2: Z9lEsFe0pGF0aVFdC6CAYcvsdS4WUdrsN5+E7fVNgjjkgXfeJcYJyWncWEuCmJBNt7Igcjx0VYI=

GET
H/1.1 200
OK noto-sans-v11-latin-700.woff2
static.olark.com/jsclient/fonts/ 16 KB
16 KB 34ms
18ms Font
application/octet-stream 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://static.olark.com/jsclient/fonts/noto-sans-v11-latin-700.woff2
Requested by: Host: static.olark.com
URL: http://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Protocol: HTTP/1.1
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Request headers

Referer: http://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Origin: http://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:17 GMT
Via: 1.1 google
Last-Modified: Wed, 15 Dec 2021 19:23:06 GMT
Server: ECS (frb/669E)
Age: 6504
Etag: "61ba409a-3f34"
X-Cache: HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Accept-Ranges: bytes
Content-Length: 16180
Expires: Thu, 20 Jan 2022 05:29:17 GMT

GET
H/1.1 200
OK noto-sans-v11-latin-regular.woff2
static.olark.com/jsclient/fonts/ 16 KB
16 KB 33ms
17ms Font
application/octet-stream 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://static.olark.com/jsclient/fonts/noto-sans-v11-latin-regular.woff2
Requested by: Host: static.olark.com
URL: http://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Protocol: HTTP/1.1
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Request headers

Referer: http://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Origin: http://www.planusa.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:17 GMT
Via: 1.1 google
Last-Modified: Wed, 15 Dec 2021 19:22:52 GMT
Server: ECS (frb/675D)
Age: 6497
Etag: "61ba408c-3eb8"
X-Cache: HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Accept-Ranges: bytes
Content-Length: 16056
Expires: Thu, 20 Jan 2022 05:29:17 GMT

GET
H/1.1 200
OK log.png
log.olark.com/jslog/ 2 B
135 B 141ms
124ms Image
text/plain 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://log.olark.com/jslog/log.png?version=-bucket5&location=http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_med&message=%23loaded_theme.cryptic_capybara%20%23loaded_theme%20&tabname=oktab30069630145710735&conversation_id=XCUxh31geVB0R1Vm588Ba0P7abj4bkoa&visitor_id=av4Z0sf1tk8FEjsQ588Ba0PoaaRZb47F&site_id=2290-981-10-8705&bucket=bucket5&level=count&timestamp=1642645757324&properties=%7B%7D&recent_logs=%5B%5D
Protocol: HTTP/1.1
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:17 GMT
Via: 1.1 google
Server: nginx
Content-Length: 2
Content-Type: text/plain

GET
H/1.1 200
OK referer Show response
app.cybba.solutions/event/1477/ 200 B
510 B 300ms
104ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/1477/referer?data=%7B%22userId%22%3A%225334910167965153%22%2C%22sessionId%22%3A%22306102216796566975%22%2C%22type%22%3A%22referer%22%2C%22domain%22%3A%22%22%2C%22url%22%3A%22%22%2C%22utm_source%22%3A%22MC%22%2C%22utm_term%22%3Anull%2C%22utm_campaign%22%3A%22Notes%22%2C%22utm_content%22%3A%22NotesFromTheField%22%2C%22utm_medium%22%3A%22email%22%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=78920489

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/planusa.org/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

25fa56755af5c9dbb54d54f75a8d7c6b6fb0f8e819ae6c81c4744191e349e861

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:17 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Thu, 20 Jan 2022 02:29:16 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 105ms
105ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: http://www.planusa.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: http://www.planusa.org
date: Thu, 20 Jan 2022 02:29:17 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 29 B
861 B 47ms
15ms Fetch
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: d2rp1k1dldbai6.cloudfront.net
URL: http://d2rp1k1dldbai6.cloudfront.net/cybba_latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

ddad93f49f64d17f601c4fb09f18586a0801c5d99d8f0350639184dc84668bd8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 02:29:18 GMT
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f03d9026-d121-43d9-b825-93ee50baaa69
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://www.planusa.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 29
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK generic Show response
app.cybba.solutions/event/1477/ 200 B
510 B 313ms
111ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/1477/generic?data=%7B%22userId%22%3A%225334910167965153%22%2C%22sessionId%22%3A%22306102216796566975%22%2C%22type%22%3A%22generic%22%2C%22generic%22%3A%7B%22event_name%22%3A%22zandruid%22%2C%22itemId%22%3A%221077067627007354507%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=3573593

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/planusa.org/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

25fa56755af5c9dbb54d54f75a8d7c6b6fb0f8e819ae6c81c4744191e349e861

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:18 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Thu, 20 Jan 2022 02:29:17 GMT

GET
H/1.1 200
OK pageview Show response
app.cybba.solutions/event/1477/ 200 B
510 B 294ms
101ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/1477/pageview?data=%7B%22userId%22%3A%225334910167965153%22%2C%22sessionId%22%3A%22306102216796566975%22%2C%22type%22%3A%22pageview%22%2C%22url%22%3A%22http%3A%2F%2Fwww.planusa.org%2Fblog%2F%3Futm_source%3DMC%26utm_medium%3Demail%26utm_campaign%3DNotes%26utm_content%3DNotesFromTheField%22%2C%22generic%22%3A%7B%22itemId%22%3A%22DE%7CHesse%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=12205802

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/planusa.org/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

25fa56755af5c9dbb54d54f75a8d7c6b6fb0f8e819ae6c81c4744191e349e861

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.planusa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 02:29:19 GMT
Server: nginx, nginx
X-Frame-Options: deny
Connection: close
Content-Type: text/javascript;
Cache-Control: no-cache
Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Content-Length: 200
Expires: Thu, 20 Jan 2022 02:29:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.planusa.org
URL: http://www.planusa.org/wp-json/plan/v1/posts?page=1&post-type=310&portal-type=

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.planusa.org/	1969-12-31 23:59:59	Name: SESS1e7120dc8ecb1446093041828d8955a5 Value: k6rk4tlpitsljr5phhpnfuldk8kqudnn
.planusa.org/	1970-01-20 02:27:01	Name: _gcl_au Value: 1.1.562675857.1642645756
www.planusa.org/	1970-01-20 00:27:30	Name: fpmxUTM Value: %7B%22utm_campaign%22%3A%22Notes%22%2C%22utm_content%22%3A%22NotesFromTheField%22%2C%22utm_keyword%22%3Anull%2C%22utm_medium%22%3A%22email%22%2C%22utm_source%22%3A%22MC%22%7D
www.planusa.org/	1969-12-31 23:59:59	Name: wcsid Value: XCUxh31geVB0R1Vm588Ba0P7abj4bkoa
www.planusa.org/	1970-01-20 17:48:37	Name: hblid Value: av4Z0sf1tk8FEjsQ588Ba0PoaaRZb47F
www.planusa.org/	1969-12-31 23:59:59	Name: _oklv Value: 1642645755876%2CXCUxh31geVB0R1Vm588Ba0P7abj4bkoa
.bing.com/	1970-01-20 09:39:01	Name: MUID Value: 3F31AFFA4CAE668611B2BEC84D7C6741
.planusa.org/	1970-01-20 00:18:52	Name: _gid Value: GA1.2.670851466.1642645756
.planusa.org/	1970-01-20 17:48:37	Name: _ga_P02S4VE0VS Value: GS1.1.1642645755.1.0.1642645755.0
.planusa.org/	1970-01-20 00:18:52	Name: _uetsid Value: c356f430799811ecbc3cc1e469145d29
.planusa.org/	1970-01-20 09:39:01	Name: _uetvid Value: c356ffa0799811ecb61b0135c0c10814
.planusa.org/	1970-01-20 02:27:01	Name: _fbp Value: fb.1.1642645756147.1719024549
www.planusa.org/	1969-12-31 23:59:59	Name: _okdetect Value: %7B%22token%22%3A%2216426457561970%22%2C%22proto%22%3A%22about%3A%22%2C%22host%22%3A%22%22%7D
.planusa.org/	1970-01-20 17:48:37	Name: _ga Value: GA1.2.796013014.1642645756
.planusa.org/	1970-01-20 00:17:25	Name: _gat_UA-634112-1 Value: 1
.adnxs.com/	1970-01-20 02:27:01	Name: uuid2 Value: 1077067627007354507
.adnxs.com/	1970-01-20 02:27:01	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Il`s_iD'!]tbP6j2F-XstGt!@Dc$$k_nI
.www.planusa.org/	1969-12-31 23:59:59	Name: _vt_shop Value: 1477
.c.bing.com/	1970-01-20 09:39:01	Name: SRM_B Value: 3F31AFFA4CAE668611B2BEC84D7C6741
www.planusa.org/	1970-01-20 17:48:37	Name: olfsk Value: olfsk7427438738986987
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:39:01	Name: MUID Value: 3F31AFFA4CAE668611B2BEC84D7C6741
.c.clarity.ms/	1970-01-20 00:17:26	Name: ANONCHK Value: 0
www.planusa.org/	1969-12-31 23:59:59	Name: _okbk Value: cd4%3Dtrue%2Cvi5%3D0%2Cvi4%3D1642645756788%2Cvi3%3Dactive%2Cvi2%3Dfalse%2Cvi1%3Dfalse%2Ccd8%3Dchat%2Ccd6%3D0%2Ccd5%3Daway%2Ccd3%3Dfalse%2Ccd2%3D0%2Ccd1%3D0%2C
www.planusa.org/	1969-12-31 23:59:59	Name: _ok Value: 2290-981-10-8705
.doubleclick.net/	1970-01-20 09:39:01	Name: IDE Value: AHWqTUlXoFm2OE2wjN19S9eb_GaCADlu4Z2hepGmZWYQXwO3LVVMrtsmqfP9-bXJ
.planusa.org/	1970-01-20 09:03:01	Name: _clck Value: w6944p\|1\|eya\|0
.www.planusa.org/	1970-01-20 09:03:01	Name: _vt_user Value: 5334910167965153_306102216796566975_false_false
.planusa.org/	1970-01-20 00:18:52	Name: _clsk Value: 1s7rs23\|1642645757334\|1\|1\|e.clarity.ms/collect
.planusa.org/	1970-01-20 00:18:08	Name: CYB_ID Value: 5334910167965153
.planusa.org/	1970-01-20 00:17:33	Name: c_64ei Value: ZmFsc2U=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF(Line 49) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCM2NF(Line 49) Message: Unrecognized feature: 'conversion-measurement'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2e07d875b89549cf92917817c484f293.js.ubembed.com
9879419.fls.doubleclick.net
adservice.google.com
adservice.google.de
analytics.tiktok.com
api.olark.com
app.cybba.solutions
assets.ubembed.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.rawgit.com
click.email.planusa.org
connect.facebook.net
d2rp1k1dldbai6.cloudfront.net
e.clarity.ms
fast.fonts.net
files1.cybba.solutions
fonts.googleapis.com
googleads.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
knrpc.olark.com
log.olark.com
planusa-org-staging.s3.amazonaws.com
pro.ip-api.com
secure.adnxs.com
static.olark.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.planusa.org
www.rtb123.com
www.planusa.org
13.111.18.12
138.197.61.175
142.250.184.226
142.250.186.38
15.197.193.217
151.101.129.131
2.16.186.242
20.62.48.180
2600:9000:214f:2c00:d:87ae:bb80:21
2606:4700:3037::6815:4da4
2606:4700::6810:5714
2606:4700::6811:e14e
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:803::2004
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:810::200a
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c07::9c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.96.127.16
37.252.172.123
37.252.173.215
51.77.64.70
52.142.114.2
52.216.128.35
65.9.58.40
65.9.65.116
67.225.220.126
89.187.169.47
93.184.220.42
018e10d24baee1ca267c9c1bfc2a2dece02f242bc95f43ebac90c280a4ceee31
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02b1d98819b55a56dc97a22a2c9e6e2a2a67c765e62afcd8f4945f6f96e0cfe1
036b49ed361056525e591016b3f969f4badd515f96116015a04dfba75a51b34c
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05e7a6adde929e7d731550f9d3d957b6754e7a2bf2fb475794a6e5f74f6f61e9
06257181c9542e5dfb2aa25c0b31bab9f2de4cf589065384efe3efabbe130578
0824e35cfc0209edf067d13c8776eefdb291ec4381ba18ffc7754bec8ed22197
0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22
0e7cf9a9f7bb1bbb6e732a1541b1d0f26f46cfda65e2098c2b2085e8ae1ccf52
0faa231d2e1618d382b7e2eeed4244ebad6f9c78df86e153b90e6e20d218bfce
100de4d9d5034b9141de7435ec1a60e1d630bfd83fbbab35cb25c20a86c815fc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116121dee1f11af6653cf653ffd4ed1471b09ba0e06c22abe3edd2ccb7c630b1
167460e9b51be0c421eb438d592183e577fcfaa453c89137ea7426ce14c3c928
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
17e9588688a15c515b224e4c7633242f64a364e515df9f365f9f923f7bd5c1c8
252c73425a721718d649ac01db44e5d9834a4d4dd9316608cb4e3303b75eca77
25fa56755af5c9dbb54d54f75a8d7c6b6fb0f8e819ae6c81c4744191e349e861
272c08ccba5f883006400f7d490a1393f8114e239b97043e0d2d018a257ca368
284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
36aa72c2e9a35811b1021156761155c5093b3b01abc1f411f155d4a8d16c9497
39eff28c4008f0eabe3c221a45010d2362ef8a2380bd7464805c645c24f6ac45
3a5dd6dacdf469f0a11ade9f05aebb0b0e7baf9b7c46cfabe362362e067f9760
3fa7bddaeac151c28d400e002ef0f5e40f7b6f1a6caf52de9a4f6d1626a8c086
42fb3a01b6f7048cffb9e83c78308051db77491eb72eeeca6fb5f50c95d16301
488f0037e7d36e54fa24655cd5294b223ac6444638065d5fb8a883c78ef4042a
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f60551109a5502a1fb601b2b16872fef5232e7f92bac1c3b779a75e819d3f16
4fc3dc353e44ae364d1dc0ebf2b40e1118ca7b7c45c43b02844b6d57fe458bda
506e190d894a15318bb3f0c60d700a21432f0e57275b9c3d8c44ef45f31b6674
5a04c223ab64cea7b63f08059699088afb013dd51aadc0eecda77a6b345f3f89
5cd7a6d09ab80c4bb79a6677c409fd6f170ec38492d207bf86d48c738f6b64f0
5dc89846fca2c8051e0c805735e48d3b31f23359dbd47f6b9c47b6ae41969236
60e0357e9e5bebd6128e71e8b5e6bc154692316fa317fcd8c84a83ccad2d179f
661ef2a25c5ddbb64b8819ebe4a078fa23e8eae9676f567e4138448ae685893f
6c4c6c1720cd70cd89d6e86a7bc98250de7004deab5df8e90f736213aa49e7fc
6cef54b115861c341cbaf1ac0baa3bfc74d72e4154ea41815b88d81284a31b47
6ff81a1d1383d77bf6e6c307a02105b2b7f0dedcade233d203e6f8975266043d
73453b75ceda9365eb4e26e2b5d2457fed511e365ae4c21585e65419cb4021bb
765878db2008fd3751bb16c1189a6fbc4e72631a7b63e11729c2a75c386a63e8
78071040007909b1bad4eca5467cd67e33fab5802cb43178e6e42b2b3ed2a175
7c3873e9e42bae983548a7c47aa2d39c872adb1744b9b9ed052b3313f487d53d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
857ad2091f006457a9430c0d437a96ffe6d7d7b75a2aa898a6e169d10ad4256d
88e5b17ab82f63e9df62aa13d4fdb8be83c2fc1288120df4944e2126dea15456
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8dd5b33af440ffa40f58cdafd7da626e38baa7dcbf5a0ef72c163d0938114bd9
8fb8804e2f55d962a7ab2c7ea7e2b39220b05964d6f770ee7c35579af5e32096
98817c9af505be714bd9dd7c2ac619597eb181959f379743c01120156d591109
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a27fc46e2fd27c37d7472734f4324cf00bd2ca7ebadcb2af058b3eaaeaa7c26
a0c9247009d3bcd0d8f7fe80ea839ee32042c31e98de7459d8f67d79c7879b4a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20cd460709095cb95769f66d91eba8bbb81e61d45cd79cce981eb3a5f2a057e
a96ca8021c420d64c7a5cd71509940586c77d3e129acd6e52e780033da10ef5c
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
a9cf578656c6c3d88130bc3b64768066d27712b0f54a5a0d834c4fc1902e69ba
afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b1fa55944d393c97b9d9c938e639e532e95ccb046440b9adfffca4e1b0a2bcae
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b6a0bd74072c70519c01e1e224b71681e4515e1fc79d4a4c09f63060cb2f0dbd
b889c3ba20d61a1dbf81230dcb46989cb433fe33926fbc2da19db0be3279581f
bcff0a0ce2e020657abcc4eb811920cb99fd387a06c3548d9ec10c42e6a0fb6e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c06a9fce687add357d9a228f8995e367efebd5ad7521d0bc0c300776f86d03c6
c5529c0e96ec7e0586aaf8abac45b2607fef96a6a6e3f6e4d390c4bb8f7dceb0
c69b2064a720570d3f0fee1f024367c3393d1303989b1c629a611f12cab9c6d2
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
caa53054dc12f4194410b03956c943038cfc7963c54b95c2fcab47f2aecb6111
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93
d1c43d589534b2c550c72b4bfdbf49674b0aa0e09c6f8b521a8b89954f58fced
d401f2661f8fa38103e44cc57c2cf846a2f36d3e5aecdc537d0b4caa0ba54a74
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
ddad93f49f64d17f601c4fb09f18586a0801c5d99d8f0350639184dc84668bd8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
eba3f0fbe78617c55da5c44fdf450e31505dae730bc74809ba3a66a8221405fc
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef575efc1400b24a23a13d57e42f46527c2d4ebebad010b9f50e4371d2a3e10e
f60b7b366414177e5dd1097793aa4da5271bdd44388758781a33e9c25c87a48f
fa6a5d3bccff8f77197267f6c79c4472a29bb47f94738230af90e0c88a942b3b

www.planusa.org Open in urlscan Pro 2606:4700:3037::6815:4da4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

53 %HTTPS

46 %IPv6

25 Domains

39 Subdomains

35 IPs

5 Countries

3817 kBTransfer

9613 kBSize

31 Cookies

15 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.planusa.org Open in urlscan Pro
2606:4700:3037::6815:4da4 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

53 %
HTTPS

46 %
IPv6

25
Domains

39
Subdomains

35
IPs

5
Countries

3817 kB
Transfer

9613 kB
Size

31
Cookies

112 HTTP transactions
5 data transactions