beinginvoice.com Open in urlscan Pro
188.114.96.3  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76771&time=1681101302383&url=https%3A%2F%2Fbeinginvoice.com%2F HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D76771%26time%3D1681101302383%26url%3Dhttps%253A%252F%252Fbeinginvoice.com%252F%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76771&time=1681101302383&url=https%3A%2F%2Fbeinginvoice.com%2F&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=76771&time=1681101302383&url=https%3A%2F%2Fbeinginvoice.com%2F&liSync=true&e_ipv6=AQL3AKNVZH4jCQAAAYdpci0KjLSajikvxwkV08KixOSQFi8OAVkw6Gz-As8gg-ZJiXkkJA

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response beinginvoice.com/	48 KB 10 KB	689ms 561ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 2686f46140551455b69c807f87d66f9ba6808beb502cb2c3dcdd08b8bacd3827 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-edge-cache cache,platform=wordpress cf-ray 7b5847ce8fbd28a1-AMS content-encoding br content-type text/html; charset=UTF-8 date Mon, 10 Apr 2023 04:34:59 GMT link <https://beinginvoice.com/wp-json/>; rel="https://api.w.org/", <https://beinginvoice.com/wp-json/wp/v2/pages/706>; rel="alternate"; type="application/json", <https://beinginvoice.com/>; rel=shortlink nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f84aC%2FQkDbKpzeTuiN4A9Nj5Vb08O82vQKzxJp8O2zirL4xJBu7tXwubb18%2FE6dqE%2B3JIOLN79oQ2kAv6pbtyXbYdKrBlp6i1OiiYB7FfF0wxpr6GVhQyjNvHxHaAugOExQw"}],"group":"cf-nel","max_age":604800} server cloudflare x-pingback https://beinginvoice.com/xmlrpc.php x-powered-by PHP/7.4.33
GET H2	200	o3-social-share-styles.css beinginvoice.com/wp-content/plugins/o3-social-share/	554 B 520 B	136ms 57ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/plugins/o3-social-share/o3-social-share-styles.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbccf91fd7e22389cc2cea70b276b5a48198831f2aad655018d642e4f878d73f Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 19 Jun 2012 06:03:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9%2FqMXuF%2BItUlYg8iSTvyO1U1oZdRGGtMj3%2FzqUG4qfkwl7ZyLGoOjTPsDCeZFwqcqbg3FM2D8jCZhUqPLzbUftZixW0y3cPng9EAtYSEavBC5d67qQ%2B%2B55u1y5KaIOTaRBJ"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d279d628a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	style.min.css beinginvoice.com/wp-includes/css/dist/block-library/	95 KB 13 KB	156ms 78ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Wed, 29 Mar 2023 21:28:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfZm8ul%2FBiksW9UdCrMBvh5R%2BikZ%2BaGd7Q91aC2PWaM3QOG6lbvo8pBCMns%2FL2YJrlABxNEiSDMbs1PvhfJ0w4m%2BhblrMtM%2Fm2UNKXuLAozRFGRjlhSffxFpLPqkowzakhIM"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d279d728a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	mediaelementplayer-legacy.min.css beinginvoice.com/wp-includes/js/mediaelement/	11 KB 3 KB	139ms 61ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Mon, 14 Dec 2020 10:19:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gTouNM3buSZxLF9TD8Ov78l59qr%2FmbnR7CWZuTmo0t68njKHSqEuoulY4QXLhwDYMyi6foJj8l0hnfjCJ9MMLC7%2BjHYbFq9RVKBpJ7HtObFc6jYmaLESzPQN8i8lVsT3gPS"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d279d828a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	wp-mediaelement.min.css beinginvoice.com/wp-includes/js/mediaelement/	4 KB 1 KB	141ms 63ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Fri, 15 Nov 2019 11:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6LucAH3kYVSaJm2l0nhJnsYR5ldGyQGS6WD1ufy%2BsfWvF7IyFJIuR%2BG0wthaB1o2MOa8YrST%2FAzpvy1srTAstYyyt2IEl41or34DS1taDEc6kQgaOi6uNXsyKPG9m03aeMT"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d279d928a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	classic-themes.min.css beinginvoice.com/wp-includes/css/	291 B 472 B	136ms 58ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-includes/css/classic-themes.min.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Wed, 29 Mar 2023 21:28:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fw%2F22rJptPQzbW8U3NqyW%2F2J1jCf8CBHc6N%2FvcM7U8%2BeAvbGcCNeh7I5%2B3kK%2FaeX5LSM3jW%2FY5C8LD67aPyhlQZMgfDNN33ieJlzBVOziibUQd5jqB12W2GXcAziC0FR%2BLdE"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d279da28a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	isell_style.css beinginvoice.com/wp-content/plugins/sell-digital-downloads/css/	1 KB 780 B	137ms 59ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/plugins/sell-digital-downloads/css/isell_style.css?ver=2.2.6 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4ff7efa0726acc1331ed0ff5c4f097c3116bd74c435afa2d8da7b247b9eb142 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Thu, 24 May 2018 10:15:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IttP3K4z%2FcBJ2H7csW%2BJu56NoI%2BWqnvZKKOfhdh0nHwjwKoCSW0Idy6J%2FeOxyo9PRJnQ2K%2FYl40gioxvCDSWls6dmQBhuLxiyGyFNtXSBP%2BUuhVR7uC7uQMRR8F9YRGtAs25"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d279db28a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	owl.carousel.css beinginvoice.com/wp-content/themes/eduvert/assets/css/	5 KB 2 KB	139ms 62ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/css/owl.carousel.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f03f5b6a2de048aa870000db63748154a860cad132a949952aa287f1444b96e8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUZJiVu6n%2ByjNizqjZyT5dujsiSX5Yj6sDpRKyJ1bSHQEcAjOqCggiio8bsEYGGcdM6mmFIJicdo%2FHIuyMYls55bvYFgcmkbpEohFzqfJ8v8kQzIHYah7jq9uwu6Xop0Fqdd"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d279dd28a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	bootstrap.css beinginvoice.com/wp-content/themes/eduvert/assets/css/	212 KB 28 KB	168ms 92ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/css/bootstrap.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25edd0f756257095c71443520141da2d4fca4fa7e63f8bb9218936359df45956 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohGZLdHc3SWmiNWKU7n7SS9nSkvC5F40lDCsOdZnX5VnUQVFvg77QnHTKWxNqusVsksw7ko4I%2B%2BNBn5%2FA2ogTU%2BnejnGC6jF4Cs5KrFM6X6hF9MP4etlu9du3XRoTCGqljr6"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d279de28a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	font-awesome.min.css beinginvoice.com/wp-content/themes/eduvert/assets/css/fonts/font-awesome/css/	28 KB 7 KB	140ms 64ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbQATOBxKXTF2QCQlOGTO0TmDQ34eariL8TN%2FD9MbapwbafYaPdKpzEE0NEnuz0488RyeTgAI9dYv2OQppr6re8vJQmhLYKkJQgJig4qb1YUilu8dLndGiICRz1IDb1FMAnO"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d279df28a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	editor-style.css beinginvoice.com/wp-content/themes/eduvert/assets/css/	5 KB 2 KB	134ms 60ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/css/editor-style.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4433d6b5c7bbeee6d800e5b06de1701dda15a9ab639d12354d6de966b7f2e217 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIuC%2BnYKrc4On%2Fm%2FlVlDr8OWP92Rq0CcQh9fDdw8myRnerulrv0as6h1Y0GAVRFmpv2IQ9XlR50DgkWlOcQWYQwnRQ7z%2FU5O7grmZvVn93HH3wEBIRfI%2F3b14b9lmBfmwVGK"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d279e028a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	color.css beinginvoice.com/wp-content/themes/eduvert/assets/css/	37 KB 5 KB	171ms 97ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/css/color.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb1721e0d06935bcb099938c5db6a5b3d668a516f7f70e490b0e70b8fd656226 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEwONmkJoBkDv0UImNxvgcnffgKM8vVHIrqpnENWQWN8N4nueVqdMDJUN8xeQf2wHVSJGq7lvUts%2BwhkydcK6yoq1kIdpeGqI9RK1BkbNPRBDCc2riyOGsUU9aZwlq8byA8D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d299e628a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	theme.css beinginvoice.com/wp-content/themes/eduvert/assets/css/	31 KB 6 KB	170ms 96ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/css/theme.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f316e50ae98ec81a44240f9f22abbecc6361414cd6b337e6b3976aefc2b7681 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGDTPilB1VAh8COqykNbWTcyVi3EsrRH2mCmkqynLoN1KbXgQAv6SeqynCUdhtcBiovYivPx5HulwsU9czzoHaUVi7uC2vae%2BHVFgB7IMA3lmaFTKxVoxQp8g6Zp%2BZWVELqJ"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d299e728a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	main.css beinginvoice.com/wp-content/themes/eduvert/assets/css/	124 KB 22 KB	185ms 113ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/css/main.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 810b27a993a011d9321485e2993637dee7b1938b8030872556f7d97295716295 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OudTi4ziWnmyxYi4ifrb9N7WjB7FhZmm9jf7kFHa9HeKlsgfnizZe6k5iYPIbd2aqHy%2Bza3FTwBOP5tdBrW0LLsGHs2BdLBHAbN9U%2BkI1bnlHIYTdUFk0xxlWcXdPssUCxxe"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d299e828a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	responsive.css beinginvoice.com/wp-content/themes/eduvert/assets/css/	6 KB 2 KB	155ms 83ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/css/responsive.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d1e8af6c9d3451ee2ffdef26fba71a56e38fbf88c2f7bfca6dd21965f51451b Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9gSttR1E3SpOIW%2F1ZecIyxbblgM7t8HxQD2d2UjhCUBjQ2oTG2zuVzpUXkXjoyC0LeKjuiSQ5WVA79TbYfXEb%2BSc%2FyLbwTeLINWvVA5Zh1o8%2FYM9Jc5p5zbeFLzEsTMy8Ke"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d299ea28a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	style.css beinginvoice.com/wp-content/themes/eduvert/	4 KB 2 KB	157ms 85ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/style.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2ff8c033d147f41156f409933038740e5cc69554a98c450f5bed9930516479a Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgmW%2F550axnHorfm1J50sje3R7w69hegGhSjREX6%2BoX6kzxerCQ3nFgnGibL%2FpgrnQ53BIIy7AhEGN8sqcnvuoaNC58NBcuQw2%2F%2FpWXpvb0Z%2FM6q9Rs8iOhyyitag%2BWmPg%2Fs"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d299eb28a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	0fffd56c3538b9193513100e5d59f50c.css beinginvoice.com/wp-content/fonts/	12 KB 916 B	154ms 84ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/fonts/0fffd56c3538b9193513100e5d59f50c.css Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 261077e76ec213dafbe1ebe41b7cfbd9a6441398b397874076eb837324fdf24c Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Fri, 17 Mar 2023 14:19:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kitnuULU52USKLCPTSJTpPldkoRgGCzHSxADtlYerA9rO3RtcDfU830KrMSvNs5F2TEpwUnpwHCmqpL4A%2BmlgQN7%2B0shsnzOD%2FbvybL8oZXa%2BnnIZIaNurjeu6PYlv1Ax9rM"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d299ec28a1-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	wp-emoji-release.min.js Show response beinginvoice.com/wp-includes/js/	18 KB 5 KB	173ms 152ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:00 GMT content-encoding br cf-cache-status MISS last-modified Wed, 29 Mar 2023 21:28:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDbqOKN2egKW6UuyV0Nnqqj1%2F7x7PCEH%2BW4st4MTX%2B6E7e8cMV0aNzBBOj%2BIZYlWm8pq%2BlZVs1G4KU6ifQe9KVu49p%2Bqup9KsrIGQO1J6s2HinwB6loobNjRHJRJi8f5WR2T"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b5847d4aed50e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jetpack.css beinginvoice.com/wp-content/plugins/jetpack/css/	97 KB 19 KB	172ms 145ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/plugins/jetpack/css/jetpack.css?ver=12.0 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5827ca18d6a69c3470f37b66610fc6b79d7dd1334e7e016ba6e281229f5b16e4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Tue, 04 Apr 2023 21:27:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9NlcF46sJIWOj%2BD%2BOxtg8xfs6rwV7H5aEG%2Fq3hfcAkZGCbaBr%2B41RlxXMjxefQcN91%2B0thjklsAX0zUWooIJsMvgYadTI48eJa7DVTIgobszN1gN9HZRdiiTm%2BrW%2FvDa7cv"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847d29d7e0e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	113 KB 44 KB	255ms 53ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-144102622-1&ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ba0d37fbae1f40a052bc1cbbd0dbfb3d493e01d8474376f7de788677b26bf42a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44960 x-xss-protection 0 last-modified Mon, 10 Apr 2023 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 10 Apr 2023 04:34:59 GMT
GET H3	200	jquery.min.js Show response beinginvoice.com/wp-includes/js/jquery/	88 KB 32 KB	164ms 137ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 29 Mar 2023 21:28:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVo6YKPe2UruRTKlZcefJtXAcvWOi7lRU41NbnVtE79awd3fjB2ke1xQEuXwZ%2FlQf%2Bm8u1GOTl0gGqR0cXxkdSQnpyYPkNaAwjPVLdyW%2FisWsha8ZndPANM8jALKEa2cnTW2"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b5847d29d7f0e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jquery-migrate.min.js Show response beinginvoice.com/wp-includes/js/jquery/	13 KB 5 KB	163ms 136ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 29 Mar 2023 21:28:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niLClGOgZz%2F5KY3ApqwqT2NJkwRtqUqtIqZqkopA6pvOhFKa4bzqPlgh82BHLaUyTWD2kRhPQJ3Jy4o445XmnQ2jKOlSIj6Wyq45QS7DTjhrlrF%2BDIgqScsdG0E3Py69w6G8"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b5847d29d800e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	bootstrap.js Show response beinginvoice.com/wp-content/themes/eduvert/assets/js/	150 KB 30 KB	176ms 150ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/js/bootstrap.js?ver=1 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f54e8af7b6079fa9f3f43c6a534427e8d6b7da0113c82f2d95a052da3057397 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTxChXkYauUEPrWSZHM8urFb8YA89psTaYnL1WHg4n7JHQp1C%2FGfc7g4LgMTG%2FCi0j8aAWq%2F4npGf2Fr%2F9GsIXThsC%2F1cyC1p6gMDjqRpX%2BehAQMYanlYcSgpijlW7iaWJDF"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b5847d29d820e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	owl.carousel.min.js Show response beinginvoice.com/wp-content/themes/eduvert/assets/js/	43 KB 12 KB	172ms 145ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/js/owl.carousel.min.js?ver=1 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZQZg5pxiku%2Fh42MW0vCekSoBbqU1Cf1z%2FYr7fErZ%2Fawh4vyETKwSZWYynQFLBarSEJKwov1S0zF5uNJg6pRZNZvSDR08vqjZwyAwjLVNM7Bt4iDOkKbrDbl%2Fc0OJV1lKeWi"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b5847d29d830e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	113 KB 44 KB	75ms 44ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-144102622-1 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a379d6ed6ac50bc52a2cca01c4583dfd871a17787fd0de4e88ef56661e52afa0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44995 x-xss-protection 0 last-modified Mon, 10 Apr 2023 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 10 Apr 2023 04:34:59 GMT
GET H3	200	cropped-being-in-voice-logo-4.png beinginvoice.com/wp-content/uploads/2019/02/	66 KB 66 KB	202ms 181ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/uploads/2019/02/cropped-being-in-voice-logo-4.png Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16e06d24cd01bed700b291a7f7a8251c33f34707d03437904c52146374ffdbae Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:00 GMT cf-cache-status MISS last-modified Thu, 13 Aug 2020 09:34:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RQyJIxyo8n2yMJfIYWwnbN5l92%2FhAM2FkIvSEwBQd57x9cRNF5KrH2HM%2Bs7FG2TdwwXYXA4PEjCWAOq4fE%2B%2FGbfJXOboMhcm2WmxIye2AhqFajatXHxA2fYK4k13QJeDwWV"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d4aed60e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 67219
GET H3	200	group-2.png beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/	11 KB 11 KB	159ms 138ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/group-2.png Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2150a20dd09ef2d945d149963d5d4338e0c93cc826dd4944e2020c83c401ba2f Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsoGVIEaWF3ol8Be%2FyFCAllwV0n8%2BZ5GHbHTdvE7H8tuZ3MdcgL1pZ5VlYHJX%2FOwvgVic2Bp0CeWE%2BOs18TfjojMZ0ZxrOtlAP9evCxNIx0NYIaPSdmeUX77w7iG7BbMRnII"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d4aed70e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10844
GET H3	200	Vector-2.png beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/	267 B 722 B	164ms 143ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/Vector-2.png Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 571f31adfa6309330632390cdffbd156b22ed36477e640520fdb91f36b5209aa Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXo%2FdoqQwc0jH7xeIK%2F2mdlLW0PKLyZ9PmkZ7bq4YZ2t22LEwhwo5FImuvqAm4xI%2BlWMB4sZZHp7EATfa8EJM5uvN6qVrlpvmSfnWhH08V6HsAfpH%2F%2FWtducfUrV6nQT%2BvCe"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d4aed80e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 267
GET H3	200	Vector-9.png beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/	214 B 661 B	168ms 147ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/Vector-9.png Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc5dc94df0e8f044e305e6d68762e00fcbb3dda6e5bbbde24c5d55ff4259c874 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5Hbdn5xvEwwYLUPUOMidmOdJseztOE9rtIlxztjY2dq0QLXwTo9UGIEgZiKTbng2vKlBoYEE04b90VRNRj5b8ijraefhVkImXGJ3NFBAZH%2F62TJEg1WbxbQj6kp7m8CthOg"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d4aedb0e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 214
GET H3	200	Vector.png beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/	952 B 1 KB	163ms 142ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/Vector.png Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 679c42f7a2a88299bbc4a201fdd3a78b51495900a4ae2f94a1aca7b89521a60e Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Btlzff75%2Bu07q5Ker6%2BasP2CIFRYGkbDmCeoOraXFraICCRdPvPKgXkD%2BNICT7uiNT%2FPBIVWVuIUPoOjv%2BaKQUgKnbv5b1mdBiN%2B48Pz6qXQSNPTPxukcSpheJGLDtp8EKMk"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d4aedc0e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 952
GET H3	200	Group-6.png beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/	2 KB 3 KB	163ms 142ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/Group-6.png Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46d0f5e3ea8fb00df84dd68989deebf6f7dd1c4790465a47e5a00df4e5010957 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PWGhFiPGGh7gcmeLc4UeRLDd1lTs3m8XW5yrpkN3WSFUzLLMoGiCKZ%2BE%2BwgQ2hg8kTI3MIDrHuQApRBTKnwmF6HqobV6Ipvxm6d8ehWMbfdxUkx%2BOPYQavm7niriQqPC7rJ"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d4aedd0e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2232
GET H3	200	Group-3.png beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/	2 KB 2 KB	166ms 145ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/Group-3.png Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 284cff35fce6715820cecc9abc90ba23fca73866779a6113d68a6a2899d34d6c Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUd4z8kRwL3r%2B%2F%2FjMktdbCO%2BwRvX9PUt96GU1fx1nZadVMp64m38MrlRYzaXeeD2tIAuuVxy7qIpiltT4LRfOGlpnoQtFcO7Adv4syJGVt4cTtiLeJOnI1XjxiI8h22qCfOT"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d4aedf0e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1671
GET H3	200	Group.png beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/	4 KB 4 KB	169ms 148ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/Group.png Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b567a702e3cec4df09ef223d6bd1ba0ef3b5099c15e4d7967f9f1217dcf4c98 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:00 GMT cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dhr%2BK6qNTB%2B2ZCLWtvvpN085ZtKM0RWA4kCCKIHqhAiWCJPFPXMs2zKD%2BBe29N07SfcPc1cTiGFLMGw%2Baoxk9mjFCNWf6BqA%2FYVJ62jtoLgPFaQspGV%2BN8D2z0DWbFsDFwWw"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d4aee00e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4034
GET H3	200	Group-1.png beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/	3 KB 4 KB	154ms 133ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/Group-1.png Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d32bac9fd50a12b08b4525d1265c0623da71b5b99a47b3c68f73d606afee31a Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZ%2B4Hhv%2BDYQjzDAR4ZPyxIo1%2BTAtgxTaVHgm9nOOccjOJB1zDUjS4XabMDSMy27FbR6cCaj3LdXUiTrXYoD1xbijf1ITafea1fQYN5BB9BBhzYRXmIErxG0s6mLAZRldMnR1"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d4aee40e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3184
GET H3	200	Group-5.png beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/	2 KB 3 KB	168ms 147ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/images/element1/Group-5.png Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb70f7c594ba42b7cf11aa086feecda7b28ef64c234a1db44824906f7e1b2ba7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmPuy%2BlsEzs%2BpOpLaoPviHCeQpvGIYiswJwnzJoIpqNw1JRzyc0K7WnyzegHpl9RCAx7gWa4qUDlXAmWDLe33Y3T4%2BZcEYZJdXn7eSPtfPdD%2BJvUJnPMbc1jw4TV0yfHzofa"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d4aee50e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2366
GET H3	200	lgNbwHeNTbGjnJGKKV3NaA_mini_187e.jpg beinginvoice.com/wp-content/uploads/2019/07/	22 KB 22 KB	173ms 152ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/uploads/2019/07/lgNbwHeNTbGjnJGKKV3NaA_mini_187e.jpg Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29ded9e5dffcc82f91aa82582b860b15686513406228625ecfad9321de5f9b54 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:00 GMT cf-cache-status MISS last-modified Wed, 03 Jul 2019 19:33:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGqE7YF5cuWq7fc7Gc6u592N5qRCcb8lYa%2FpdRigb0XQrv72yDpWCWZ50IbL5QUnqvPPC42qh5AnLheu7KNRV9gHgp6EWoPxUiaxiCJ6gXqEi5435fc%2BGjqbEUIzLOtxwHzn"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d4aee60e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 22279
GET H2	200	in.js Show response platform.linkedin.com/	509 KB 160 KB	193ms 34ms	Script text/javascript	2a02:26f0:480:e::210:f108 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://platform.linkedin.com/in.js Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:e::210:f108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Play / Resource Hash b820ca27127163e2d3feba895bc2722878e51c676c44b9d52f89dacdf24a01f6 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding gzip x-content-type-options nosniff x-cdn-client-ip-version IPV6 server Play x-li-pop prod-lva1-x x-cdn AKAM vary Accept-Encoding content-type text/javascript; charset=UTF-8 x-li-fabric prod-lva1 cache-control public, max-age=3600 x-li-proto http/1.1 content-length 163382 x-li-uuid AAX487p3TlB5BH2H7ONGMA== expires Mon, 10 Apr 2023 05:22:52 GMT
GET H2	200	embed.js Show response www.gofundme.com/static/js/	704 B 1 KB	262ms 0ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/static/js/embed.js Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash c47c1d105ddb366167adbe690d8df532256209722ec16e3fc098b37e8dacea0a Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 26 Nov 2022 06:14:08 GMT via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Wed, 22 Nov 2023 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Mon, 21 Nov 2022 22:47:03 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 11658053 etag "fdd5bd638a91736670e6cf7c115e4069" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31557600,public accept-ranges bytes content-length 704 x-amz-cf-id 3eJRIWCFGOkX623b2CmuOO0HaxDSbLonJB4qvYwC_8Dn5lXyShnAfQ==
GET H2	200	checkout_iframe_helper.js Show response assets.cademy.co.uk/scripts/	8 KB 3 KB	274ms 14ms	Script application/javascript	13.32.121.87 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.cademy.co.uk/scripts/checkout_iframe_helper.js Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.121.87 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-121-87.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 942499b9137f7d70c7b82ef8ee8c4fb8194564a666b09bf003cf4968e1ce0362 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id 573HuHHezhlCPHLekrT8Cy6rsXR0nJPB content-encoding gzip via 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront) date Sun, 09 Apr 2023 05:42:15 GMT last-modified Tue, 27 Sep 2022 12:16:37 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 82366 etag W/"3470bd0c641fbd0bf16a044becacdd51" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id svtjXmFRBKcccMcBC08Vdbm83X6kn_ZGU8Qhg8TxW2ezlPJ-aGI8pQ==
GET H3	200	wow.min.js Show response beinginvoice.com/wp-content/themes/eduvert/assets/js/	8 KB 3 KB	164ms 142ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/js/wow.min.js?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1d758da6c5cdcd2a88ef2531d28185cc02812dd538d66f1b1fb0b7a7c6be025 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cS%2F0kgVQ5yw1oFyvh%2Fgc5ddw3d9xbxdBUrTf6z7RNOXM7%2BfxZwkcllgcqMAYBRR%2BYqvZG3BIY8QNSEA27nh21l7wCiMnJVPWjOliSnQwRnRt6yLng7GJSUIZ3BxBt%2F80WEX"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b5847d4aed20e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	custom.js Show response beinginvoice.com/wp-content/themes/eduvert/assets/js/	5 KB 2 KB	169ms 147ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/js/custom.js?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b16089d8f67e6d074b20961d4822947a90c8dce5264e99ca4a1eb8210a0b1c7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT content-encoding br cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ifrYit8vU7k59AyIVul2WaWhlz5w3FGksTENzK0DmbQAcMm%2FY%2FUOVF30hNdWquLk0Y4mtCsrMXS63XNntl5D3jeF7hWUeYkiMIgLQ2fPqBlUUHoNZAb1dLYp9Cev%2F1Ubu%2BO"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b5847d4aed30e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	wp-embed.min.js Show response beinginvoice.com/wp-includes/js/	1 KB 1 KB	172ms 151ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-includes/js/wp-embed.min.js?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f82f941e3d2db13e9164e3684e3eb2f804bd2696841468f44351db65d400cca Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:00 GMT content-encoding br cf-cache-status MISS last-modified Tue, 07 Jun 2022 09:46:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xk0igIs15eFxXZXyAJQXkEn1c2dLFyvN39rMxaARKvI3e5ej%2FtBd%2FiMyDSF6VRU63vIOzmTTg3kRMhJMpFl%2FyI54S0pm4y8iv6tTzLkYseOPSIrcyJkzEMAqDfEqTAfn%2Fp%2Bg"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b5847d4aed40e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	266ms 0ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-144102622-1&ver=6.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 10 Apr 2023 04:05:12 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 1788 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Mon, 10 Apr 2023 06:05:12 GMT
GET H/1.1	200 OK	widgets.js Show response platform.twitter.com/	91 KB 28 KB	232ms 29ms	Script application/javascript	2606:2800:234:46c:e8b:1e2f:2bd:694 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets.js Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6B9C) / Resource Hash 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 04:35:00 GMT Content-Encoding gzip Age 1042 x-amz-server-side-encryption AES256 X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Content-Length 27630 Last-Modified Tue, 24 Jan 2023 21:41:51 GMT Server ECS (amb/6B9C) Etag "9e99725b7a4cd730a934afba2a438bb5+gzip" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * x-tw-cdn VZ Cache-Control public, max-age=1800 Vary Accept-Encoding
GET H2	200	all.js Show response connect.facebook.net/en_US/	3 KB 2 KB	253ms 0ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 2b4b14e9309cf0bdddef74bf77cec0921b9fbe95eb19d5f72abfdcccb997d439 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Mon, 10 Apr 2023 04:35:00 GMT content-md5 /GFsL/kN6iDb1bVo2fSLDQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1686 x-fb-rlafr 0 x-fb-debug xgNEwH+j7XJ2N7ah8t08y0Wg061WwPzNHGt+EwLtvfsfYaH4/mkzqYP/EG877jx+ms3mGI4E3c9UUobS/zZonA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1679558926 x-fb-content-md5 9a143abab9aa171bca34040a40d99f01 cross-origin-opener-policy same-origin-allow-popups etag "c905d6e63e6884baa411873b19bedf43" vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 x-frame-options DENY timing-allow-origin * expires Mon, 10 Apr 2023 04:37:24 GMT
GET H3	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 beinginvoice.com/wp-content/fonts/montserrat/	30 KB 31 KB	145ms 131ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/fonts/montserrat/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/wp-content/fonts/0fffd56c3538b9193513100e5d59f50c.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Request headers Referer https://beinginvoice.com/wp-content/fonts/0fffd56c3538b9193513100e5d59f50c.css Origin https://beinginvoice.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:34:59 GMT cf-cache-status MISS last-modified Fri, 17 Mar 2023 14:19:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRnN6AmxYc9zVgZreLmiDPNjMPgcj%2BeXGyVVuVURpYSB4kct0FqiI7l%2FMB6AatqNHywEHJc%2FmWC3ULcOkAhg1YCqPOUA2lrqLse0D9nG8R7K6YMPpfM%2FOLZcJpqtvbgXEp0t"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d4bee90e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 30928
GET H3	200	fontawesome-webfont.woff2 beinginvoice.com/wp-content/themes/eduvert/assets/css/fonts/font-awesome/fonts/	70 KB 71 KB	188ms 174ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/css/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/wp-content/themes/eduvert/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=6.2 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73 Request headers Referer https://beinginvoice.com/wp-content/themes/eduvert/assets/css/fonts/font-awesome/css/font-awesome.min.css?ver=6.2 Origin https://beinginvoice.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:00 GMT cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9flBSPt8iI72FtLI%2Bk3UnWPx8Lr9qbAiVlz1c%2BD6Vj54yWzxSgw6oqmM2ZvTalKW3lgT1FJUHCPSeGf%2B8UOFCNjoYziCOw9EJ7Rtx9mmvIx5i5cguFG1yCUQv%2F97Jt%2FlXyk6"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d4beeb0e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 71896
GET H3	200	all.js Show response connect.facebook.net/en_US/	303 KB 85 KB	201ms 78ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=185f875fc5d06d13606ba4c88a18a0fc Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9f4bbe870d5ae2a0245edf2c801de04c13d05d47cc13bfc3283e7621cfd6a280 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://beinginvoice.com/ Origin https://beinginvoice.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Mon, 10 Apr 2023 04:35:00 GMT content-md5 gIWeubkXet/LQvaAqQFVEA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 86943 x-fb-rlafr 0 x-fb-debug lQb6v6KMfHCX5KGEP24W25NTpzbDkgTleXvuyvV2gVEk3nZWxJBuN7luLmFMXBQaicwg0DHkpHhljtrYi/9y+g== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 183f0b8f76d46013969537113e9ba684 cross-origin-opener-policy same-origin-allow-popups etag "592a8beb26d57062a4c3524fefc89bcd" vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable x-frame-options DENY timing-allow-origin * priority u=3,i expires Tue, 09 Apr 2024 02:54:01 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 206 B	109ms 18ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1602409752&t=pageview&_s=1&dl=https%3A%2F%2Fbeinginvoice.com%2F&ul=en-us&de=UTF-8&dt=Being%20in%20Voice%20%E2%80%93%20with%20Flloyd%20Kennedy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=518749070&gjid=587624901&cid=1562123245.1681101300&tid=UA-144102622-1&_gid=235606803.1681101300&_r=1&gtm=457e3430&jsscut=1&z=1389085596 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://beinginvoice.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 10 Apr 2023 04:35:00 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://beinginvoice.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 132 B	126ms 0ms	Image image/gif	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1602409752&t=pageview&_s=2&dl=https%3A%2F%2Fbeinginvoice.com%2F&ul=en-us&de=UTF-8&dt=Being%20in%20Voice%20%E2%80%93%20with%20Flloyd%20Kennedy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1562123245.1681101300&tid=UA-144102622-1&_gid=235606803.1681101300&gtm=457e3430&jsscut=1&z=498429345 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Sun, 09 Apr 2023 18:05:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 37788 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response beinginvoice.com/training/embed/ Frame EFE3	18 KB 6 KB	665ms 568ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/training/embed/ Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 03b1afc2e65c0aa2717144519349e0595688c97082739a86e37fc282c2dc9590 Request headers Referer https://beinginvoice.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-edge-cache cache,platform=wordpress cf-ray 7b5847d8093a0e31-AMS content-encoding br content-type text/html; charset=UTF-8 date Mon, 10 Apr 2023 04:35:00 GMT link <https://beinginvoice.com/wp-json/>; rel="https://api.w.org/", <https://beinginvoice.com/wp-json/wp/v2/pages/3168>; rel="alternate"; type="application/json", <https://beinginvoice.com/?p=3168>; rel=shortlink nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BcfBMZmDv62u69u80LpfGXfbDDbSc2G85qkfe0aWDxSvUJyVFCFQS2R1V4ZOUuMTzQm%2FUQuxNgBGRz0%2BjCBcTwuEMpVvHJKbE%2Bqrodb8M%2FQ2Rc4DNOrQVeUewDD%2BLJ80Odz"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 x-wp-embed true
GET H2	200	checkout_iframe_helper.css assets.cademy.co.uk/scripts/	950 B 1 KB	157ms 19ms	Stylesheet text/css	13.32.121.87 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.cademy.co.uk/scripts/checkout_iframe_helper.css Requested by Host: assets.cademy.co.uk URL: https://assets.cademy.co.uk/scripts/checkout_iframe_helper.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.121.87 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-121-87.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 7ffa8e0f1d2317ccb8b9aa219a520fdfd990bea8dfd875e37ad3ade1348fd097 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id LBbE7looRYOPg.mrchQ0SKz.bkn3.IG8 date Sun, 09 Apr 2023 06:04:48 GMT via 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront) last-modified Mon, 21 Mar 2022 05:18:21 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 81013 etag "4a6226ae6eee92c6d6fdc6b171b9d8d3" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css content-length 950 x-amz-cf-id WR_S10kP_1rme1mO0Du0_BZKMprQcIFX7N4aa3Xx8bQaLNRCUWF9hA==
GET H3	200	Shape9.png beinginvoice.com/wp-content/themes/eduvert/assets/images/elements/	275 KB 275 KB	175ms 82ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/themes/eduvert/assets/images/elements/Shape9.png Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 032ecc82139ad644552afd8f51ca919545139121eaa49958ca0b5edd58d59d11 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:00 GMT cf-cache-status MISS last-modified Wed, 22 Mar 2023 07:36:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhltnGgp8pfNOA030iSPFmtXeh8WmiE2pwyoyQ6oFSoVW4NkocA7t%2BrrOu%2BZJat0%2BUJVk7uyp8P%2FQfgMsj6ryedxSl%2F9zwyOBt8GiiGFdcTztNWDldEDKySAI9nmh10vyXUD"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d8093c0e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 281335
GET H3	200	316667201_471983861703767_531599639852333704_n-296x300.jpg beinginvoice.com/wp-content/uploads/2023/02/	30 KB 30 KB	153ms 67ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/uploads/2023/02/316667201_471983861703767_531599639852333704_n-296x300.jpg Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e7e92a9325d875daf6000cd67992daf0487c9a0b2195c9e19200c5702e7dde9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:00 GMT cf-cache-status MISS last-modified Thu, 16 Feb 2023 16:23:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myFLGc8sUI3WrRj22cCLmo90p8%2BzqZauSAKlKHNXEsTCJIaxOpchxdwZ6diUgMpb62TkGG6OqPiMcWBLh13nVI682Y65AFJLgIZoE1FgUipMU6EXrYqHqLMpQEoHs8lyP14R"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847d809400e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 30498
GET H/1.1	200 OK	widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response platform.twitter.com/widgets/ Frame D15F	320 KB 104 KB	114ms 25ms	Document text/html	2606:2800:234:46c:e8b:1e2f:2bd:694 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fbeinginvoice.com Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6BB8) / Resource Hash 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf Request headers Referer https://beinginvoice.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 2187734 Cache-Control public, max-age=315360000 Content-Encoding gzip Content-Length 105435 Content-Type text/html; charset=utf-8 Date Mon, 10 Apr 2023 04:35:00 GMT Etag "95e1b50b0c179aefb47b5b211bb347b5+gzip" Last-Modified Tue, 24 Jan 2023 21:41:13 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (amb/6BB8) Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Vary Accept-Encoding X-Cache HIT x-amz-server-side-encryption AES256 x-tw-cdn VZ
GET H2	200	medium Show response www.gofundme.com/f/poets-of-ukraine/widget/ Frame D1F4	2 MB 316 KB	392ms 272ms	Document text/html	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/f/poets-of-ukraine/widget/medium Requested by Host: www.gofundme.com URL: https://www.gofundme.com/static/js/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software nginx / Resource Hash 5e2f578a4b3dd87db5c4d20705cbd87782bf0091e210d32e298c16070d4a807c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://beinginvoice.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control no-store content-encoding gzip content-security-policy-report-only frame-ancestors gofundme.com *.gofundme.com *.hopin.com; content-type text/html; charset=utf-8 date Mon, 10 Apr 2023 04:35:00 GMT etag "1980bb-+ezFRVwagY/dbNVG60+wDP/+O+o" server nginx strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-cf-id 2Zj3ICincotwu0TDiwvmKiC3kGbO3BHnATxH9UyBOjOVpMptGLKO2g== x-amz-cf-pop FRA56-C2 x-cache Miss from cloudfront
GET H2	200	status www.facebook.com/x/oauth/	0 0	204ms 31ms	Fetch text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/x/oauth/status?client_id=126445887469807&input_token&origin=1&redirect_uri=https%3A%2F%2Fbeinginvoice.com%2F&sdk=joey&wants_cookie_data=false Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js?hash=185f875fc5d06d13606ba4c88a18a0fc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=15552000; preload date Mon, 10 Apr 2023 04:35:00 GMT x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 x-fb-rlafr 0 pragma no-cache x-fb-debug J9Zydnmk5aF0EAcuEvNOGMGw9ivf4brieYY9hM+R1bOiG+i2tWKEl0SnKRNwMbjAFzsAzp5qPetsdHWDZRM3wA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" fb-s unknown report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type text/plain; charset=UTF-8 access-control-allow-origin https://beinginvoice.com origin-agent-cluster ?0 access-control-expose-headers fb-s cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	settings Show response syndication.twitter.com/ Frame D15F	663 B 604 B	317ms 132ms	Fetch application/json	104.244.42.200 TWITTER
General Check archive.org Show headers Download Go to Full URL https://syndication.twitter.com/settings?session_id=4b7db54366c8b42ede4b2d46cda72f11a9c54bd0 Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fbeinginvoice.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.200 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_f / Resource Hash 92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language nl-NL,nl;q=0.9 Referer https://platform.twitter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-response-time 104 date Mon, 10 Apr 2023 04:35:00 GMT content-encoding gzip strict-transport-security max-age=631138519 last-modified Mon, 10 Apr 2023 04:35:00 GMT server tsa_f vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://platform.twitter.com x-transaction-id 02a688004614452a cache-control must-revalidate, max-age=600 access-control-allow-credentials true perf 7626143928 x-connection-hash c254e79ccb871ce49afa3c9ec8fa3ee34ff64212b8d26cd79ff28f2678bd2002 content-length 284
GET H2	200	CircularXXWeb-Bold.woff2 www.gofundme.com/fonts/ Frame D1F4	72 KB 73 KB	214ms 122ms	Font font/woff2	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/fonts/CircularXXWeb-Bold.woff2 Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 7387021408574afb13687c47d583f43c70cf9511d5dfd772be64f8ec975895a8 Request headers Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium Origin https://www.gofundme.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 03:50:15 GMT via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 2686 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 74059 last-modified Tue, 23 Nov 2021 21:37:34 GMT server AmazonS3 etag "0796c564b3ca9bbf97c065949d757d6c" access-control-max-age 0 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * cache-control public, immutable, max-age=31536000 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id hxcCdojND7CMfNyjptkTmd2RQZlVk8sZ0FuFCYYxhruzkju7eMTCbg==
GET H2	200	CircularXXWeb-Regular.woff2 www.gofundme.com/fonts/ Frame D1F4	69 KB 69 KB	123ms 31ms	Font font/woff2	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/fonts/CircularXXWeb-Regular.woff2 Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 52ae61c0720ae779b166ba75eb15923913725a390383be86868c33bfc191c1fe Request headers Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium Origin https://www.gofundme.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 09 Apr 2023 05:52:57 GMT via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 85216 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 70287 last-modified Tue, 23 Nov 2021 21:37:13 GMT server AmazonS3 etag "c65bc20b5c2102386f484979b51049a6" access-control-max-age 0 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * cache-control public, immutable, max-age=31536000 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id vd3QZ2igA5c-kzIqkYLn5ThTx7MHhx8FJ4i39YMJLRcIyFf39k3yQw==
GET H2	200	87fcb10a00de44d4.css www.gofundme.com/ssr/_next/static/css/ Frame D1F4	17 KB 4 KB	115ms 23ms	Stylesheet text/css	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/css/87fcb10a00de44d4.css Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 1d58920ee617840214631d0cb3055435ca2c97a118f44fa36453d92066a587b9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 20 Mar 2023 17:07:41 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Wed, 20 Mar 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Mon, 20 Mar 2023 16:56:21 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 1769240 etag W/"493b717b2a4d3474beaf8ad03536b5d9" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id 33KKsNuJ0p62zwDILYbe12RA4xCC6F5gIEPwrXq_oPPR3eixdsKhgA==
GET H2	200	08ef544ddebd62a6.css www.gofundme.com/ssr/_next/static/css/ Frame D1F4	59 KB 9 KB	116ms 24ms	Stylesheet text/css	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/css/08ef544ddebd62a6.css Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f8f05005c11a709119edbd0343c27186d9140d549d4c29b9f477a46286aacd97 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 05 Apr 2023 18:51:56 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Fri, 05 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Wed, 05 Apr 2023 18:39:37 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 380585 etag W/"344d89edc9bf7c8a9727b25d53b17c63" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id EPGrNuZrJLMYeYUazGTnPQD0DVo758p66x6hpWZZA5OCgwid38CiHg==
GET H2	200	f15435421042f8c1.css www.gofundme.com/ssr/_next/static/css/ Frame D1F4	41 KB 11 KB	212ms 120ms	Stylesheet text/css	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/css/f15435421042f8c1.css Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash ad15c48a7bee0fbd4dbf371f7e5f43401268af10c6923e586c306dcf530dd962 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 09 Mar 2023 23:37:10 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sat, 09 Mar 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Thu, 09 Mar 2023 23:27:32 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 2696271 etag W/"637d17a22e4180328300c5ece9907ce8" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id E_v_lkv3c1jiUYNfAjthrLqNQc00AhWWDWLisusQA9QTkS7kkPYbFQ==
GET H2	200	46e982d2c4115a65.css www.gofundme.com/ssr/_next/static/css/ Frame D1F4	87 KB 11 KB	121ms 29ms	Stylesheet text/css	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/css/46e982d2c4115a65.css Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash db0ef43c221f8cfb527c78099afeff6571605007d0f3286a8fc893de94484b5d Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 03 Apr 2023 17:20:20 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Wed, 03 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Mon, 03 Apr 2023 17:10:41 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 558881 etag W/"aa378bb33030032ff677e0cf35d3c22b" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id 2o3zq6AUb9Rl-B0AzTDbKAJeT18hdhvsrY889lj1Q4vEmdMFTSwHkA==
GET H2	200	32edb28b351b4afe.css www.gofundme.com/ssr/_next/static/css/ Frame D1F4	17 KB 4 KB	120ms 30ms	Stylesheet text/css	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/css/32edb28b351b4afe.css Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 8e07cc57f77a05f3d61341dbd4ca48cca642828d1e33d52fb533fc443daec4d4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 23 Mar 2023 22:16:06 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sat, 23 Mar 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Thu, 23 Mar 2023 22:04:01 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 1491535 etag W/"c813b3a9c8454a477f292b8a0a612428" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id II5VwlE37YfP0-jz_DeHPDGiXfmkcVhm7kRX6OPfehHFfBOeST0yng==
GET H2	200	airgap.js Show response cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/ Frame D1F4	97 KB 39 KB	269ms 33ms	Script application/javascript	2600:9000:2250:5c00:2:8531:afc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/airgap.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:5c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 15bb9e7e7587509ec6aa5d051894d9f8e2b40c732895d3ed43073f0aef7b7c75 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 09 Apr 2023 16:48:14 GMT content-encoding br via 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront) referrer-policy strict-origin-when-cross-origin server CloudFront strict-transport-security max-age=31536000 x-amz-cf-pop FRA60-P2 age 42407 vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript x-frame-options SAMEORIGIN x-content-type-options nosniff x-amz-cf-id gmHFQDth6Dfx7l5X1y04d9KBA4KebcAjzP4O_I3F9iKWRZMgTTaBWA== x-xss-protection 1; mode=block
GET H2	200	webpack-93da348fad93c67b.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	10 KB 5 KB	138ms 64ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/webpack-93da348fad93c67b.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d16f568836e8cf734ea8fc2ceb294c7f524a8059f2418c966cc193938092776d Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:40:52 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sat, 06 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Thu, 06 Apr 2023 22:30:19 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 280449 etag W/"2f5c089082ca25c426b8a84bbcb9345a" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id qH5t3E00C_Fu8vWBvs_N_Nso--3NIVRHpnmp92g80QQtrzwmtPTT0Q==
GET H2	200	framework-560765ab0625ba27.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	127 KB 42 KB	152ms 78ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/framework-560765ab0625ba27.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 4ac51ffc4bca5ed831338ca7656a8446f9dd02fb72c7c70e0440a6cffd8cdf99 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 16 Jan 2023 13:29:01 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sun, 14 Jan 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Fri, 13 Jan 2023 22:39:01 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 7225560 etag W/"575f0dd2d17bbece23c4e3266a51a5c2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id YY6wgrxn2DRnxDFx3nCvdqfFlXRYBvgEQ1ySGOvHVs6tBDRFfNTG2w==
GET H2	200	main-8821c5f692d5ea55.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	119 KB 33 KB	229ms 156ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/main-8821c5f692d5ea55.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 74ef24ed5c89c8388a332ca1744302b6528db41496341e4c6b68ead4780104d8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 24 Jan 2023 01:27:01 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Thu, 18 Jan 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Tue, 17 Jan 2023 21:48:32 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 6577679 etag W/"2c90ba8e4732caa59de6d731bd485001" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id aoZAN_3Oker8bmUNbLsdZSj_eIh2C5sWEwzKvWCOAhmCS99_QWmCWA==
GET H2	200	_app-f4a82a0f705409b9.js Show response www.gofundme.com/ssr/_next/static/chunks/pages/ Frame D1F4	1 MB 354 KB	239ms 166ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/pages/_app-f4a82a0f705409b9.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 3c1dbbf9dca5719d00043939f1c128bb4ef1a0f566acc859e2c3187d85ece046 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 04 Apr 2023 16:47:32 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Thu, 04 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Tue, 04 Apr 2023 16:33:45 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 474448 etag W/"0dbe75f9027f5734bfa6a5f3696ac0b1" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id fL6vyp9bUoREX2c6rWlk4jLvZ9A4sw1uAR5WcdGt2D_6thPsn6SpHw==
GET H2	200	071c3687-634c57f1f0279de1.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	685 KB 190 KB	264ms 191ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/071c3687-634c57f1f0279de1.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 53bfda8269c46948b06298e77e6d77f9aa4f7422c7621708d2c55e5b0745292d Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 25 Jan 2023 02:01:02 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Thu, 25 Jan 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Tue, 24 Jan 2023 20:55:45 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 6489239 etag W/"e9b65853d99238f512b501baba817164" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id ij_IZIPB0cyermcHZ75tvsOOSWwg5LSJuz-j-ZEZH_PR_MNeNpjlDA==
GET H2	200	4663-06bf001edaa3af34.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	353 KB 83 KB	277ms 207ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/4663-06bf001edaa3af34.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 77f0baf5ab922ef56f9280b30784af479c6e62ef4d057c2bdbd4f294740cce7c Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 16:37:01 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sat, 06 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Thu, 06 Apr 2023 16:24:32 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 302279 etag W/"4f7e2bd04583c64815498f7db52b93af" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id hFTMOHnr-xc2QvWB420EiJ2awVRzlmxZ2h8GYFI8_lRTmK9U7yW-BQ==
GET H2	200	7577-65c5614b3b4d5ce5.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	25 KB 8 KB	298ms 228ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/7577-65c5614b3b4d5ce5.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 9ad59754a71b160ba78f1681802ade42f38e517ca5e596daa63e5e7f0c72806e Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 20 Mar 2023 17:07:41 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Wed, 20 Mar 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Mon, 20 Mar 2023 16:56:18 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 1769240 etag W/"07eec92baf699f94074ca73ccb208aff" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id dARQZomet2enJOsNMbMPdkYaWqz39_GcuqNOt2RG18Yt9JsJ-IVJDA==
GET H2	200	1664-d38a8af1c829d526.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	7 KB 3 KB	299ms 230ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/1664-d38a8af1c829d526.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 22d6a0067edcd1f6e6816c32c6ad4e565c0427bd5e93308da5802b81e076b90a Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 18 Mar 2023 08:34:52 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Fri, 15 Mar 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Wed, 15 Mar 2023 18:26:24 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 1972809 etag W/"24ab69ee0f1aa7e056c22ef132cd4f56" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id 3CqlG9oh7D8FEi1NLAnxJecx-d4NoVApDYQ2Ur5xLBmkHekBo6r9xw==
GET H2	200	2739-f8a737c86dd9b56f.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	9 KB 5 KB	286ms 231ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/2739-f8a737c86dd9b56f.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash b8d876c82ab3a3402cefe1caee5b56453a31e4ba5c4c1b00f26ad711adc41906 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 16:37:01 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sat, 06 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Thu, 06 Apr 2023 16:24:31 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 302279 etag W/"1cf9cedbaab3015a7873226fc6df8f72" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id CylOy9hKyhW5mXocRL4z39ECwNhERSRSyC4RQ6B3zis0DGAofsD8_g==
GET H2	200	6764-9bfce75c6090f415.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	28 KB 6 KB	287ms 232ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/6764-9bfce75c6090f415.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 04e75605f61c7a8dc21e078b7b86cf65f95730890080b8ac2bc22245706b2163 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 03 Apr 2023 17:20:21 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Wed, 03 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Mon, 03 Apr 2023 17:10:38 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 558880 etag W/"0595f1dce6997fd4e3fcc356dc800d7f" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id LDFY_ty0JwwfmbsU_Nr3dfVCEJxslpgVnNidFZ0GjeppSgd2qIKtyA==
GET H2	200	1008-812f36777d9e17d1.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	28 KB 9 KB	288ms 233ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/1008-812f36777d9e17d1.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 174566cb3a7ae46d66dbd01e96d4b0352b9580e0db765ef1e52cd2e7a334f293 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 21 Jan 2023 01:20:43 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Thu, 18 Jan 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Tue, 17 Jan 2023 21:48:30 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 6837257 etag W/"51186424696460bc48a643108926def3" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id e09iRTcSmvk7n53nnOuVXUrJ2GS_RtTUFnILVnWiMmRE6Jwa8LUv2Q==
GET H2	200	9318-8e13f805ac67f4f1.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	2 KB 1 KB	292ms 241ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/9318-8e13f805ac67f4f1.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 7c6709b073d63315e66f7ecf4fa60ffdb0f142d2f22ec1e50fa837d0ef6a2c1d Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 23 Mar 2023 22:15:51 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sat, 23 Mar 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Thu, 23 Mar 2023 22:03:59 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 1491550 etag W/"4cc1264f6f01055a52a1dff4faaa7531" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id kSAe8d80v8bHMnpGqn4B7CdNIj5Q8BC6lbzL1y505S8YKa6EL8hgUg==
GET H2	200	9920-433daf13a8b3c9c1.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	50 KB 19 KB	294ms 243ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/9920-433daf13a8b3c9c1.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d92dd3539db0454da8b63681c0e85ee0f734e974a5bdafd18ef99e39f6a7eeef Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 03 Apr 2023 17:20:21 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Wed, 03 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Mon, 03 Apr 2023 17:10:39 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 558880 etag W/"b8943b64859506489c5eb9a4e3f75cd6" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id FDA7kchShQuUhS-PT0xXmuf4sv5SVuYO0B4Q8qlyMmHDhNZieQQnDw==
GET H2	200	2637-80d6b5dba80379df.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	14 KB 5 KB	295ms 244ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/2637-80d6b5dba80379df.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash dd85d67c444bc0048bc726541cae657cb21cfe5597031894615ce0b91d60bd57 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 03 Apr 2023 17:20:21 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Wed, 03 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Mon, 03 Apr 2023 17:10:37 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 558880 etag W/"ce57db54558e59c60fda0bb930953eac" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id giQKCzkGLfkG3s1LBcWRT5Auxs6AmhgEipVTcQxZN8J8rv3GuCGB1Q==
GET H2	200	1032-fb46633027794a36.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	7 KB 3 KB	295ms 245ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/1032-fb46633027794a36.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash a089dcfa24c8f4f4870d481712711b481478cea3c6e549b266878dcd9f8d5fec Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 08 Mar 2023 16:38:28 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sun, 03 Mar 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Fri, 03 Mar 2023 18:25:12 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 2807793 etag W/"4bbd262479de4855f520175b27899dbf" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id LgYKQIbmli5vOAN2xkly6xOk_tKIlFSYCpT3-V0IP17__XHfVbTjhw==
GET H2	200	4883-9500468f3ba2f1fc.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	39 KB 13 KB	295ms 245ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/4883-9500468f3ba2f1fc.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 54508792b1ec588298c179c2be04a08ad1797de8a49f432eca70b18bfe42f7a9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 03 Apr 2023 17:20:21 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Wed, 03 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Mon, 03 Apr 2023 17:10:38 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 558880 etag W/"c3e0b8ecf821d6f11a73a711da02c097" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id kJINi5KrUlN_2giUf-boyJ_zp38UG22whdKPxQ3dTf3uikK0_9Yv6w==
GET H2	200	4614-eec4402b39820fa6.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	18 KB 6 KB	304ms 254ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/4614-eec4402b39820fa6.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 7c17d10802f3b3d32a99105d104eafb14a64a722fcc586075dba23fdd6ae7c74 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 03 Apr 2023 17:20:22 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Wed, 03 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Mon, 03 Apr 2023 17:10:38 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 558878 etag W/"7ab16dc2346a8050c3c30765a215cb8e" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id 897nw3z6fsASSnX9jNOZGnxiKhpt4HSImW01rLRDl1HIvxN0hW9IxA==
GET H2	200	9727-089f3476e5060a40.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	73 KB 19 KB	305ms 255ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/9727-089f3476e5060a40.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash fbe435a96f6cb4f5cc71ac587891705d728e50f13c24e37576ed1544749253ec Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 16:37:02 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sat, 06 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Thu, 06 Apr 2023 16:24:33 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 302279 etag W/"9b34672b49257a936b1c76569c17fc9b" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id aKGEin1_TOYwbY_ler9vsAzRjkK8Ehp-wrxl9YtM_srSqmrfF_EvyQ==
GET H2	200	6053-78185fefd2c86037.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	10 KB 4 KB	306ms 256ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/6053-78185fefd2c86037.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 515fffe4189f647f4a7a3b5aea9abd061442ce7fa19acc0d06b02f6b9643f74e Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 29 Mar 2023 16:58:56 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Fri, 29 Mar 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Wed, 29 Mar 2023 16:35:04 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 992165 etag W/"5a1f078dffb122bba07f52691b534019" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id TMvlMIPRSThQYWyWuyKJ2XXq8dYWYktoG5jkaOoRKhKKdjJfwgNbfg==
GET H2	200	7059-18346e5e14d0d88e.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	66 KB 17 KB	307ms 258ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/7059-18346e5e14d0d88e.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 577246205262718027d9aac9da40fac6aeb7c371d8a4d760045d2568d2f874fa Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 16:37:02 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sat, 06 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Thu, 06 Apr 2023 16:24:32 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 302279 etag W/"9cc1e1a19a31ad1e2db007cf2a030dde" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id UXKjJVxBywv_l_eOVYx62PnOIgQk_ucIfHivVABWtBG6Ivek1A7MwQ==
GET H2	200	2201-486ec2bba66bd221.js Show response www.gofundme.com/ssr/_next/static/chunks/ Frame D1F4	61 KB 17 KB	328ms 280ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/2201-486ec2bba66bd221.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash abfafd8dfe5dc0beca702d0eab11ea80bfa27d2a1299bd8236900ca1c2e43329 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 05 Apr 2023 18:51:56 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Fri, 05 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Wed, 05 Apr 2023 18:39:34 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 380584 etag W/"374fe02bbb1c3adabaf8f414841f0241" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id R3qaU2d_awt0HrVYe-QUBMDhALu5JHJOVuOB6yKxsIjLu1i_fs0yQQ==
GET H2	200	%5Btype%5D-4417553d3988bf13.js Show response www.gofundme.com/ssr/_next/static/chunks/pages/f/%5BcampaignUrl%5D/widget/ Frame D1F4	3 KB 2 KB	329ms 280ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/chunks/pages/f/%5BcampaignUrl%5D/widget/%5Btype%5D-4417553d3988bf13.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e17629ab0c4c8aa6e2bfd3783f2b1fac3cd5f4a46b94c23e8285ca7210486854 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 16:37:05 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sat, 06 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Thu, 06 Apr 2023 16:24:34 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 302276 etag W/"ad32f8e6559b11d9257445c0f2a8e99b" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id 7PpXZemuHndZVgTGg6Exjsi9_AaIxYLG_Qu5skumw_WzZvwhEWLuQA==
GET H2	200	_buildManifest.js Show response www.gofundme.com/ssr/_next/static/fsBuXqjwhHtuR4N4ufCCr/ Frame D1F4	26 KB 6 KB	329ms 281ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/fsBuXqjwhHtuR4N4ufCCr/_buildManifest.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e7adf292cc2fa8f24e3bab89b29c89b4aaf4246d252045414818fc234584e97b Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:40:52 GMT content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sat, 06 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Thu, 06 Apr 2023 22:30:20 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 280449 etag W/"b9d0c91fdb3f6cee87fbdbf26b23fa17" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id z03DohwuSI9GD3eU39PWdmw2IGPwLr8T2ujX1uG985SYJUaBVAewgA==
GET H2	200	_ssgManifest.js Show response www.gofundme.com/ssr/_next/static/fsBuXqjwhHtuR4N4ufCCr/ Frame D1F4	77 B 500 B	332ms 286ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/fsBuXqjwhHtuR4N4ufCCr/_ssgManifest.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:40:52 GMT via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sat, 06 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Thu, 06 Apr 2023 22:30:20 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 280449 etag "b6652df95db52feb4daf4eca35380933" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 77 x-amz-cf-id eC20n9y7k_bauZvCVh4D_2wfDX32t1M5bNkq63JI-8Q1UArLruMRKA==
GET H2	200	_middlewareManifest.js Show response www.gofundme.com/ssr/_next/static/fsBuXqjwhHtuR4N4ufCCr/ Frame D1F4	92 B 515 B	328ms 282ms	Script application/javascript	13.32.27.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.gofundme.com/ssr/_next/static/fsBuXqjwhHtuR4N4ufCCr/_middlewareManifest.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-40.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/f/poets-of-ukraine/widget/medium User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 06 Apr 2023 22:40:52 GMT via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) x-amz-expiration expiry-date="Sat, 06 Apr 2024 00:00:00 GMT", rule-id="expire-at-one-year" last-modified Thu, 06 Apr 2023 22:30:20 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 280449 etag "7c3f7e060745668041278118c0bb3d6d" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 92 x-amz-cf-id YHuavf9sz7jHhAzdhid4atLYAeIpbHHvX8d5sysX_ofd2xhkEincgg==
GET H/1.1	200 OK	button.e7f9415a2e000feaab02c86dd5802747.js Show response platform.twitter.com/js/	8 KB 3 KB	99ms 26ms	Script application/javascript	2606:2800:234:46c:e8b:1e2f:2bd:694 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6B9C) / Resource Hash ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Mon, 10 Apr 2023 04:35:01 GMT Content-Encoding gzip Age 2187732 x-amz-server-side-encryption AES256 X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Content-Length 2618 Last-Modified Tue, 24 Jan 2023 21:41:06 GMT Server ECS (amb/6B9C) Etag "506673dbdb9085e7201e137e893cc152+gzip" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * x-tw-cdn VZ Cache-Control public, max-age=315360000
GET H3	200	o3-social-share-styles.css beinginvoice.com/wp-content/plugins/o3-social-share/ Frame EFE3	554 B 640 B	131ms 105ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/plugins/o3-social-share/o3-social-share-styles.css?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/training/embed/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbccf91fd7e22389cc2cea70b276b5a48198831f2aad655018d642e4f878d73f Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:01 GMT content-encoding br cf-cache-status MISS last-modified Tue, 19 Jun 2012 06:03:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJ4U3IkoIcJ%2BGQ5TUuySQbCtyUoyBoHGmDpnwZGsGcZ%2B%2FhqUKA4Z4HwqmMl%2FyaaHa6BBbWcwb7PSTtnpDKep9JX3V90iNCEVfrLiS9JPKEqynrEb6qNnCLQBX4DGtG99PSuB"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847dbcc590e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jetpack.css beinginvoice.com/wp-content/plugins/jetpack/css/ Frame EFE3	97 KB 19 KB	63ms 38ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-content/plugins/jetpack/css/jetpack.css?ver=12.0 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/training/embed/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2224d46897f4b4fbb521d260e6991becc4f1ed322d0b7869e83dc0585268025 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:01 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 04 Apr 2023 21:27:48 GMT server cloudflare age 2 cf-polished origSize=99714 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdqOQBkPI%2FEwnTIkep5pfzLrdNtviB3NBf%2BGyDv6IwVZ86YRfdVWDRUQghZwm02xqjzCPHn8gcOxNayq%2FlvSsKbB25bcCnAXNdkLv%2BtDTDGD30oQQ3tGAlu33diovMfe6eG2"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5847dbcc5a0e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	cropped-being-in-voice-logo-4-32x32.png beinginvoice.com/wp-content/uploads/2019/02/ Frame EFE3	2 KB 2 KB	253ms 231ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beinginvoice.com/wp-content/uploads/2019/02/cropped-being-in-voice-logo-4-32x32.png Requested by Host: beinginvoice.com URL: https://beinginvoice.com/training/embed/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14084ec6d60cb689dcaef13b42efeee3bc1151057db2f8961efd05e0c2a66598 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:01 GMT cf-cache-status MISS last-modified Thu, 13 Aug 2020 09:34:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qZkn1HQAG2B%2BQ0NRIBXy84x1%2BORBTxWL66i7b5CnRtnJZWJQUgPRMcZpfcDVrhQu9TObR1FaXi3w0jpqKVQIVu5IQXoCvZby6ZsDmIVO4n24ai1z%2BUm%2F4AwbTTTNwUMZd0t"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b5847dbdc600e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1687
GET H3	200	wp-emoji-release.min.js Show response beinginvoice.com/wp-includes/js/ Frame EFE3	18 KB 5 KB	57ms 35ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://beinginvoice.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/training/embed/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:01 GMT content-encoding br cf-cache-status HIT last-modified Wed, 29 Mar 2023 21:28:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJMq0hShDOoYCGSgp3m4qYvrD81fNmmCjTwj13o4K%2Be0tthrPgThaeGP8qyGMhp8Vln9cfLrtkcWIvxU21WwU%2FpVrRduAbUS5yx4OohA9xwHXq13Q%2FCe64nxvMPFhHSRXuxR"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b5847dbdc610e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	tweet_button.2b2d73daf636805223fb11d48f3e94f7.en-gb.html Show response platform.twitter.com/widgets/ Frame 5BEF	37 KB 14 KB	57ms 26ms	Document text/html	2606:2800:234:46c:e8b:1e2f:2bd:694 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en-gb.html Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (amb/6B9C) / Resource Hash bfce697b64b1057c8ab6b0f6e45fa41ae901d778e0f1a23a84645f3867a23c7b Request headers Referer https://beinginvoice.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 2187596 Cache-Control public, max-age=315360000 Content-Encoding gzip Content-Length 13598 Content-Type text/html; charset=utf-8 Date Mon, 10 Apr 2023 04:35:01 GMT Etag "3f4232101e36a0c7fb2401af0fa576d8+gzip" Last-Modified Tue, 24 Jan 2023 21:41:10 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (amb/6B9C) Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Vary Accept-Encoding X-Cache HIT x-amz-server-side-encryption AES256 x-tw-cdn VZ
GET H2	200	embeds syndication.twitter.com/i/jot/	43 B 127 B	175ms 122ms	Image image/gif	104.244.42.200 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fbeinginvoice.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en-gb%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1681101301216%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=4b7db54366c8b42ede4b2d46cda72f11a9c54bd0 Requested by Host: beinginvoice.com URL: https://beinginvoice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.200 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_f / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language nl-NL,nl;q=0.9 Referer https://beinginvoice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-response-time 105 date Mon, 10 Apr 2023 04:35:00 GMT strict-transport-security max-age=631138519 last-modified Mon, 10 Apr 2023 04:35:01 GMT server tsa_f vary Origin content-type image/gif x-transaction-id 7be18c4a66a14d38 cache-control must-revalidate, max-age=600 perf 7626143928 x-connection-hash c254e79ccb871ce49afa3c9ec8fa3ee34ff64212b8d26cd79ff28f2678bd2002 content-length 43
GET H2	200	xdi.js Show response cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/ Frame D1F4	25 KB 12 KB	256ms 82ms	Script text/javascript	2600:9000:2250:5c00:2:8531:afc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/xdi.js Requested by Host: cdn.transcend.io URL: https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/airgap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:5c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 37968e307df3e19e5697d2cab65950e9da24bd3483badd134bd4526baa7fdfad Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.gofundme.com/ Origin https://www.gofundme.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id jeJG_KpgR4e0Rj1sENGufzgMKFPEARyg content-encoding gzip via 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront) date Mon, 10 Apr 2023 03:02:36 GMT x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop FRA60-P2 age 9356 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-disposition inline x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Mon, 03 Apr 2023 20:40:12 GMT server AmazonS3 etag W/"e1e60623627c4a57e8575e7d81629688-1" x-frame-options SAMEORIGIN access-control-max-age 3600 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * access-control-expose-headers ETag cache-control max-age=60,s-maxage=86400 vary Accept-Encoding x-amz-cf-id P4wwzZJo9lTfqgaNdazG5C-OafKUYQiWQ5i9FXHiNfIcy4ftmo-xhQ==
GET H2	200	ui.js Show response cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/ Frame D1F4	265 KB 76 KB	206ms 35ms	Script text/javascript	2600:9000:2250:5c00:2:8531:afc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/ui.js Requested by Host: cdn.transcend.io URL: https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/airgap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:5c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1282b3f9f92fe68c83f902edecf3d4022d38531fab24dea19237c32320de2125 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.gofundme.com/ Origin https://www.gofundme.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id luL3UN5KpQ05UG1WxcYUWLDxd4tMoiyj content-encoding gzip via 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront) date Sun, 09 Apr 2023 04:52:26 GMT x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop FRA60-P2 age 85357 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-disposition inline x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Mon, 03 Apr 2023 20:40:12 GMT server AmazonS3 etag W/"ae1c11a8a7932b29ee7a392dcfecf9ae-1" x-frame-options SAMEORIGIN access-control-max-age 3600 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * access-control-expose-headers ETag cache-control max-age=60,s-maxage=86400 vary Accept-Encoding x-amz-cf-id nSEpls48gG__TYPxIhCl0vCFHqYO7vJRg78TZbFEfjn7ZvaWDdZcvQ==
GET DATA	200 OK	truncated / Frame EFE3	213 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f83bf22ed091fe689e0c008e1b85aea6c0a191f0d3ba62813def77ef7ce63e01 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated / Frame 5BEF	822 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame EFE3	397 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2021c9a3df6a24f3f9d63a0425d90a2bb24cd97de905abf230f13d4dbc46c147 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
OPTIONS H2	200	/ api.amplitude.com/ Frame	0 0	665ms 132ms	Preflight	52.27.202.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.amplitude.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.202.107 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-27-202-107.us-west-2.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept */* Access-Control-Request-Headers cross-origin-resource-policy Access-Control-Request-Method POST Origin https://www.gofundme.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers access-control-allow-headers cross-origin-resource-policy access-control-allow-methods GET, POST access-control-allow-origin * content-length 0 date Mon, 10 Apr 2023 04:35:02 GMT strict-transport-security max-age=15768000
GET H2	200	sdk.js Show response connect.facebook.net/en_US/ Frame D1F4	3 KB 2 KB	65ms 24ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f802add9af30879a9d888e14af1491e49ecd7b7e34516a565a5d5650b2b45a4a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Mon, 10 Apr 2023 04:35:01 GMT content-md5 dQ7JH2CvdMmgrAKSh4CTdQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1684 x-fb-rlafr 0 x-fb-debug oZDHP6hdjwmHJQco8LrePsMlpTKn2lPsahpZxJRqxaONxc6X4Mx48zILIzjfEX66wrB/pb+b2Oy8nFvv4rJBFg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1679558926 x-fb-content-md5 716c6fb17411eed3e88358f88d5381b6 cross-origin-opener-policy same-origin-allow-popups etag "b5780ac0f67e1057a3e552b5662a5e7e" vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 x-frame-options DENY timing-allow-origin * expires Mon, 10 Apr 2023 04:52:56 GMT
POST H2	200	/ Show response api.amplitude.com/ Frame D1F4	7 B 205 B	206ms 184ms	XHR text/html	52.27.202.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.amplitude.com/ Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.202.107 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-27-202-107.us-west-2.compute.amazonaws.com Software / Resource Hash aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://www.gofundme.com/ Cross-Origin-Resource-Policy cross-origin accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin * date Mon, 10 Apr 2023 04:35:02 GMT strict-transport-security max-age=15768000 trace-id Root=1-643391f6-05b484c02c612d9818cd9206 content-length 7 access-control-allow-methods GET, POST content-type text/html;charset=utf-8
GET H3	200	gtm.js Show response www.googletagmanager.com/ Frame D1F4	454 KB 112 KB	167ms 112ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TDTFTZ Requested by Host: www.gofundme.com URL: https://www.gofundme.com/ssr/_next/static/chunks/pages/_app-f4a82a0f705409b9.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0da24ed99a66d139363e2fabff13182fff9441dec13e7fd92d0fb82002435118 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 114216 x-xss-protection 0 last-modified Mon, 10 Apr 2023 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 10 Apr 2023 04:35:01 GMT
GET H2	200	cm.css cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/ Frame D1F4	15 KB 4 KB	57ms 54ms	Stylesheet text/css	2600:9000:2250:5c00:2:8531:afc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/cm.css Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:5c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 67042ecb09a9f201dd298c4bb1b29f3493f5028b181e03792bc5c18c626e6b3a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id ffGiqqZ68fEGJq0yZmsrBo.R5AF8L6Fi content-encoding gzip via 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront) date Sun, 09 Apr 2023 10:22:58 GMT x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop FRA60-P2 age 65524 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-disposition inline x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Mon, 03 Apr 2023 20:40:12 GMT server AmazonS3 etag W/"f9f84c5e024c8b62d194983e6f1df398-1" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type text/css cache-control max-age=60,s-maxage=86400 x-amz-cf-id 3lyd-MZ2dA7-eHQuIWy7kDD108P0YFLzn7Ogc6bpgKmzNDdSHAnAPA==
GET H3	200	sdk.js Show response connect.facebook.net/en_US/ Frame D1F4	306 KB 87 KB	65ms 65ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=86ecb42dd77c008fedfaef0a79785a04 Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b6916b96b05cadb0321bda72062fdd32fe1f249d2f3be1ed606ba11902163d44 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.gofundme.com/ Origin https://www.gofundme.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Mon, 10 Apr 2023 04:35:01 GMT content-md5 XY2IX6NX6OrnCdRg/ITEaQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 88580 x-fb-rlafr 0 x-fb-debug oqaBr7MS6hQqehK/usS8PLwSpKPP2tO5FlLR+Jl0Xg4xDTzjRvdtLXEHsajfDSHZs3UGadf+OUmd6Bxf8AjWqg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 99b1df9eac243c5c12ea11be9948952f cross-origin-opener-policy same-origin-allow-popups etag "5ac3611c0238e9c3801633a00790f6a8" vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable x-frame-options DENY timing-allow-origin * priority u=3,i expires Tue, 09 Apr 2024 02:55:46 GMT
GET H2	200	en.json Show response cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/translations/ Frame D1F4	6 KB 2 KB	49ms 47ms	Fetch application/json	2600:9000:2250:5c00:2:8531:afc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/translations/en.json Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:5c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b7481327d9ed4beea67264a39df1b726128c0c0d4da4c0209a3455e4b74e162e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id pn6rwidfDaHa8JsuefjxIWA8FF7.AEz_ content-encoding gzip via 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront) date Sun, 09 Apr 2023 05:32:30 GMT x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop FRA60-P2 age 82952 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-disposition inline x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Mon, 03 Apr 2023 20:40:12 GMT server AmazonS3 etag W/"d8960afd5cdf4af6fbcdb3e8befce5c4-1" x-frame-options SAMEORIGIN access-control-max-age 3600 access-control-allow-methods GET content-type application/json access-control-allow-origin * access-control-expose-headers ETag cache-control max-age=60,s-maxage=86400 vary Accept-Encoding x-amz-cf-id MzfhYuLUSINyimUPuchCzqmYwqUo0xqdlJCjHze1oMsMQpiWDYVezg==
GET H3	200	analytics.js Show response www.google-analytics.com/ Frame D1F4	49 KB 20 KB	72ms 36ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 10 Apr 2023 04:05:12 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 1789 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Mon, 10 Apr 2023 06:05:12 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame D1F4	233 KB 80 KB	62ms 52ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-WF86BFEZ5L&l=dataLayer&cx=c Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f2bca869051e4edddb449f98d86499de67f2b4e64ac12cf67813ba26f7c44f38 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:01 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 81617 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 10 Apr 2023 04:35:01 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/955875456/ Frame D1F4	3 KB 2 KB	310ms 51ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/955875456/?random=1681101302004&cv=11&fst=1681101302004&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gofundme.com%2Ff%2Fpoets-of-ukraine%2Fwidget%2Fmedium&ref=https%3A%2F%2Fbeinginvoice.com%2F&hn=www.googleadservices.com&frm=2&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 450acfcf2970ce7b212aa0d7208efe3ff73bfb87e3e417eaf70140a9cc09d940 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 04:35:02 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1202 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/ Frame D1F4	13 KB 5 KB	296ms 25ms	Script application/x-javascript	2a02:26f0:480:e::210:f108 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:e::210:f108 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:02 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 10 Jan 2023 17:22:56 GMT x-cdn AKAM vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=44314 accept-ranges bytes content-length 4777
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/ Frame D1F4	107 KB 27 KB	134ms 87ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 10 Apr 2023 04:35:02 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27909 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug tF4NhvBUPrwYJRSbX6bN37c4ExBUzCuTTuXb/1CvptSv8FFGi0MWqadh2ak5K5p/F0npRoXxbmO0SUf2sqhgCg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	linkid.js Show response www.google-analytics.com/plugins/ua/ Frame D1F4	2 KB 884 B	169ms 86ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 03:38:01 GMT content-encoding gzip x-content-type-options nosniff age 3421 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 859 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 10 Apr 2023 04:38:01 GMT
GET H3	200	819737484732040 Show response connect.facebook.net/signals/config/ Frame D1F4	150 KB 41 KB	57ms 38ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/819737484732040?v=2.9.100&r=stable Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 81340e55b03985e2770fffe98b26bf58d04a95863f2f7bd44f81ab807e4ef777 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 10 Apr 2023 04:35:02 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 42393 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug RK1GfjbvkcWWJRw9kZeE97TIPFGGBWOHnjYQWG6atnfnJXLP0GtKxyMT4XRKh0IuLJFrM2mnuIw8gFOI0HupvA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/76771/domain/gofundme.com/ Frame D1F4	36 B 366 B	172ms 26ms	XHR application/json	2600:9000:20eb:8a00:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/76771/domain/gofundme.com/token Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:8a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://www.gofundme.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 03:55:52 GMT content-encoding gzip via 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 2350 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id NtMxFUcedFR8KJ6XmploXXrVe3Uxi7NUIyhphfu01nVnRwglZYtjKg==
GET H2	200	collect px4.ads.linkedin.com/ Frame D1F4 Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76771&time=1681101302383&url=https%3A%2F%2Fbeinginvoice.com%2F https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D76771%26time%3D1681101302383%26url%3Dhttps%253A%252F%252Fbeinginvoice.com%252F%26... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=76771&time=1681101302383&url=https%3A%2F%2Fbeinginvoice.com%2F&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=76771&time=1681101302383&url=https%3A%2F%2Fbeinginvoice.com%2F&liSync=true&e_ipv6=AQL3AKNVZH4jCQAAAYdpci0KjLSajikvxwkV08KixOSQFi8OAVkw6Gz-As8gg-Z...	0 267 B	265ms 170ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=76771&time=1681101302383&url=https%3A%2F%2Fbeinginvoice.com%2F&liSync=true&e_ipv6=AQL3AKNVZH4jCQAAAYdpci0KjLSajikvxwkV08KixOSQFi8OAVkw6Gz-As8gg-ZJiXkkJA Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:03 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: E94E23FBEE1249EB8166A3F92A5A05EF Ref B: AMS04EDGE1421 Ref C: 2023-04-10T04:35:03Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAX48+YEGFPHpNFe1cLg4w== Redirect headers date Mon, 10 Apr 2023 04:35:02 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 77E3EC25BC104192872DB84D46AE24B7 Ref B: DUS30EDGE0706 Ref C: 2023-04-10T04:35:02Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=76771&time=1681101302383&url=https%3A%2F%2Fbeinginvoice.com%2F&liSync=true&e_ipv6=AQL3AKNVZH4jCQAAAYdpci0KjLSajikvxwkV08KixOSQFi8OAVkw6Gz-As8gg-ZJiXkkJA x-li-proto http/2 content-length 0 x-li-uuid AAX48+X/3Jc7uw9FbQV/Ow==
GET H2	200	/ www.google.com/pagead/1p-user-list/955875456/ Frame D1F4	42 B 455 B	177ms 36ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/955875456/?random=1681101302004&cv=11&fst=1681099200000&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gofundme.com%2Ff%2Fpoets-of-ukraine%2Fwidget%2Fmedium&ref=https%3A%2F%2Fbeinginvoice.com%2F&frm=2&fmt=3&is_vtc=1&random=2333704513&rmt_tld=0&ipr=y Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 04:35:02 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.nl/pagead/1p-user-list/955875456/ Frame D1F4	42 B 455 B	178ms 38ms	Image image/gif	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/pagead/1p-user-list/955875456/?random=1681101302004&cv=11&fst=1681099200000&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gofundme.com%2Ff%2Fpoets-of-ukraine%2Fwidget%2Fmedium&ref=https%3A%2F%2Fbeinginvoice.com%2F&frm=2&fmt=3&is_vtc=1&random=2333704513&rmt_tld=1&ipr=y Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers pragma no-cache date Mon, 10 Apr 2023 04:35:02 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ Show response api.amplitude.com/ Frame D1F4	7 B 205 B	214ms 190ms	XHR text/html	52.27.202.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.amplitude.com/ Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.202.107 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-27-202-107.us-west-2.compute.amazonaws.com Software / Resource Hash aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://www.gofundme.com/ Cross-Origin-Resource-Policy cross-origin accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin * date Mon, 10 Apr 2023 04:35:02 GMT strict-transport-security max-age=15768000 trace-id Root=1-643391f6-4e1a24482ed8bd6456546811 content-length 7 access-control-allow-methods GET, POST content-type text/html;charset=utf-8
OPTIONS H2	200	/ api.amplitude.com/ Frame	0 0	204ms 175ms	Preflight	52.27.202.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.amplitude.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.202.107 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-27-202-107.us-west-2.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept */* Access-Control-Request-Headers cross-origin-resource-policy Access-Control-Request-Method POST Origin https://www.gofundme.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers access-control-allow-headers cross-origin-resource-policy access-control-allow-methods GET, POST access-control-allow-origin * content-length 0 date Mon, 10 Apr 2023 04:35:02 GMT strict-transport-security max-age=15768000
GET H3	200	inferredevents.js Show response connect.facebook.net/signals/plugins/ Frame D1F4	72 KB 21 KB	49ms 36ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.100 Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 10 Apr 2023 04:35:02 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 21972 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug wGrtaoJr3hO8f76Olvn7aL3m3wTlzFI4m7i1KuCzc+wXqin1wKitHwp/NszfNZXILUTVhvBqFKKtOnUko+pldw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/ Frame D1F4	0 100 B	56ms 50ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=819737484732040&ev=PageView&dl=https%3A%2F%2Fwww.gofundme.com%2Ff%2Fpoets-of-ukraine%2Fwidget%2Fmedium&rl=https%3A%2F%2Fbeinginvoice.com%2F&if=true&ts=1681101302629&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=28&cs_est=true&it=1681101302347&coo=false&rqm=GET Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 10 Apr 2023 04:35:02 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	nr-spa-1210.min.js Show response js-agent.newrelic.com/ Frame D1F4	41 KB 16 KB	324ms 96ms	Script application/javascript	151.101.130.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1210.min.js Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id S2ZWAVF_bOLxH9dSP4fxyD9xCbMCwnq9 content-encoding gzip via 1.1 varnish date Mon, 10 Apr 2023 04:35:03 GMT x-amz-request-id 39MYE52YAJZPXAY9 x-cache HIT cross-origin-resource-policy cross-origin content-length 15563 x-amz-id-2 c8ibeWEn87JpQD8VEWWrpHazTJxgtRmCTmQFHLcoA5251STnchA+0mdSXzksAoaGhWz6SGK72Jk= x-served-by cache-ewr18134-EWR last-modified Tue, 22 Jun 2021 22:47:08 GMT server AmazonS3 x-timer S1681101304.718182,VS0,VE0 etag "d5eff122d09ab2c851fb1780f0287cbf" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 154
GET H3	200	like.php Show response www.facebook.com/plugins/ Frame C795	0 23 B	55ms 53ms	Document text/html	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?app_id=126445887469807&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df961e05a87d714%26domain%3Dbeinginvoice.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbeinginvoice.com%252Ff3609b7518b25cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fbeinginvoice.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js?hash=185f875fc5d06d13606ba4c88a18a0fc Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://beinginvoice.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-length 0 content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html;charset=utf-8 cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups date Mon, 10 Apr 2023 04:35:03 GMT expires Sat, 01 Jan 2000 00:00:00 GMT pragma no-cache priority u=0,i report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} x-content-type-options nosniff x-fb-debug /LJuapsCBZGcprRTxLKao21xSOW4kLS9rF6KYOXXyHnUJhFrGTo2wPoGVdovyoo4DGzUnYgZ54bmvB67AvuSNw== x-xss-protection 0
GET H2	200	8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc Show response sync.transcend.io/consent-manager/ Frame 1563	318 B 748 B	130ms 33ms	Document application/xhtml+xml	2600:9000:21f3:4600:a:de49:b100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sync.transcend.io/consent-manager/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc Requested by Host: cdn.transcend.io URL: https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/airgap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:4600:a:de49:b100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b730c05f91aa0d25ef4c73eafa802c67eee4ec81aab76d2355690796cf1c17 Request headers Referer https://www.gofundme.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 81292 content-disposition inline content-length 318 content-type application/xhtml+xml date Sun, 09 Apr 2023 06:00:12 GMT etag "fb098950c27355df296b1d7e7ac1beb4-1" last-modified Wed, 05 Apr 2023 17:10:53 GMT server AmazonS3 vary Origin via 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront) x-amz-cf-id 1qlvIpCy-XI0TPDY-OGsOM6SqTBe5Pwf7IfLlgCutdtIhggH3_pIGQ== x-amz-cf-pop FRA2-C2 x-amz-server-side-encryption AES256 x-amz-version-id zbTQeU7wwJ2nPczYdZ2.IUm.WFUuKCLZ x-cache Hit from cloudfront
GET H2	200	xdi.js Show response cdn.transcend.io/cm-test/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/ Frame 1563	25 KB 12 KB	35ms 34ms	Script text/javascript	2600:9000:2250:5c00:2:8531:afc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.transcend.io/cm-test/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/xdi.js Requested by Host: sync.transcend.io URL: https://sync.transcend.io/consent-manager/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:5c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ea3680553d8bdcc6d9be0d27071fa8351c4ffb304a6a4a79f69cfee21600fb25 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://sync.transcend.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-amz-version-id ro.eDqwAzP2rlBVcBRc0R63s1okukBpb content-encoding gzip via 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront) date Sun, 09 Apr 2023 17:11:01 GMT x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop FRA60-P2 age 41043 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-disposition inline x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Wed, 05 Apr 2023 17:10:54 GMT server AmazonS3 etag W/"41f6d717daf4196bac9bbced4d244eac-1" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type text/javascript cache-control max-age=60,s-maxage=86400 x-amz-cf-id mQ089CB9QVaztlDn7hcvWRc4VOb2DbXEzl0yQ0k1WvSBaCq1wx8X5w==
GET H/1.1	200 OK	313ceb8fb7 Show response bam-cell.nr-data.net/1/ Frame D1F4	49 B 482 B	424ms 176ms	Script text/javascript	162.247.243.30 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/1/313ceb8fb7?a=1538388375&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=3402&ck=1&ref=https://www.gofundme.com/f/poets-of-ukraine/widget/medium&be=427&fe=3027&dc=1238&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1681101300396,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:92,%22rp%22:395,%22rpe%22:729,%22dl%22:398,%22di%22:828,%22ds%22:1237,%22de%22:1237,%22dc%22:3024,%22l%22:3026,%22le%22:3032%7D,%22navigation%22:%7B%7D%7D&fp=700&fcp=700&jsonp=NREUM.setToken Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.30 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.gofundme.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 04:35:04 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type text/javascript access-control-allow-origin * access-control-allow-credentials true cross-origin-resource-policy cross-origin Connection keep-alive Content-Length 49 x-served-by cache-ewr18137-EWR
POST H/1.1	200 OK	313ceb8fb7 Show response bam-cell.nr-data.net/events/1/ Frame D1F4	24 B 338 B	182ms 172ms	XHR image/gif	162.247.243.30 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/events/1/313ceb8fb7?a=1538388375&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=3853&ck=1&ref=https://www.gofundme.com/f/poets-of-ukraine/widget/medium Requested by Host: www.gofundme.com URL: https://www.gofundme.com/f/poets-of-ukraine/widget/medium Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.30 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300 Request headers Referer https://www.gofundme.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 content-type text/plain Response headers date Mon, 10 Apr 2023 04:35:04 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type image/gif access-control-allow-origin https://www.gofundme.com access-control-allow-credentials true Connection keep-alive Content-Length 24 x-served-by cache-ewr18137-EWR