redapes.org Open in urlscan Pro
157.230.73.179 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://redapes.org/donate
Submission: On December 18 via api (December 18th 2022, 12:09:20 pm UTC) from PL — Scanned from DE

Summary HTTP 187 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 27 domains to perform 187 HTTP transactions. The main IP is 157.230.73.179, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is redapes.org.
TLS certificate: Issued by R3 on November 2nd 2022. Valid for: 3 months.

This is the only time redapes.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	157.230.73.179 157.230.73.179	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	99.86.240.37 99.86.240.37	16509 (AMAZON-02) (AMAZON-02)
1	99.86.247.143 99.86.247.143	16509 (AMAZON-02) (AMAZON-02)
1	52.217.104.94 52.217.104.94	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
23	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 1	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
28	3.135.177.109 3.135.177.109	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	40.114.177.156 40.114.177.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:11a... 2a02:26f0:11a::6867:4832	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
2	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
2	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
2	13.32.110.73 13.32.110.73	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
4	2600:9000:230... 2600:9000:2304:f800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
6 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.66.147.116 18.66.147.116	16509 (AMAZON-02) (AMAZON-02)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	13.32.110.24 13.32.110.24	16509 (AMAZON-02) (AMAZON-02)
187	32

45 157.230.73.179 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

redapes.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.240.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-37.vie50.r.cloudfront.net

dnpl.bgenerous.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.247.143 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-247-143.vie50.r.cloudfront.net

d1ev1rt26nhnwq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.104.94 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.21 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 3.135.177.109 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-177-109.us-east-2.compute.amazonaws.com

tgbwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-backend.tgbwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.114.177.156 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.110.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-73.vie50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2304:f800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 6 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o449083.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.110.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-24.vie50.r.cloudfront.net

static.tgbwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	redapes.org redapes.org	576 KB
42	gstatic.com fonts.gstatic.com www.gstatic.com	2 MB
30	tgbwidget.com tgbwidget.com — Cisco Umbrella Rank: 858581 widget-backend.tgbwidget.com static.tgbwidget.com	3 MB
15	google.com www.google.com — Cisco Umbrella Rank: 2	149 KB
8	linkedin.com 6 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 367 www.linkedin.com — Cisco Umbrella Rank: 633 px4.ads.linkedin.com — Cisco Umbrella Rank: 6484	6 KB
6	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 643 script.hotjar.com — Cisco Umbrella Rank: 811 vars.hotjar.com — Cisco Umbrella Rank: 936	146 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2623	59 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	415 KB
4	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 910	748 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	3 KB
2	sentry.io o449083.ingest.sentry.io	457 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 564	608 B
2	t.co t.co — Cisco Umbrella Rank: 521	581 B
2	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1569	230 B
2	google.de www.google.de — Cisco Umbrella Rank: 6041	656 B
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1448	16 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 636	30 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 788	9 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	3 KB
2	duckduckgo.com api.duckduckgo.com — Cisco Umbrella Rank: 342822	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	89 KB
2	bgenerous.com dnpl.bgenerous.com	4 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2008	4 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 757	83 KB
1	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2180	703 B
1	amazonaws.com s3.amazonaws.com	140 KB
1	cloudfront.net d1ev1rt26nhnwq.cloudfront.net	15 KB
187	27

	Domain	Requested by
45	redapes.org	redapes.org
23	fonts.gstatic.com	fonts.googleapis.com www.google.com tgbwidget.com
20	tgbwidget.com	redapes.org tgbwidget.com
19	www.gstatic.com	www.google.com www.gstatic.com
15	www.google.com	redapes.org tgbwidget.com www.google.com www.gstatic.com
8	widget-backend.tgbwidget.com	tgbwidget.com
5	www.googletagmanager.com	redapes.org www.googletagmanager.com
4	px.ads.linkedin.com	4 redirects
4	cdn.linkedin.oribi.io	tgbwidget.com
4	www.google-analytics.com	redapes.org www.google-analytics.com www.googletagmanager.com
3	fonts.googleapis.com	redapes.org tgbwidget.com
2	static.tgbwidget.com	tgbwidget.com
2	o449083.ingest.sentry.io	tgbwidget.com
2	vars.hotjar.com	static.hotjar.com
2	px4.ads.linkedin.com	tgbwidget.com
2	www.linkedin.com	2 redirects
2	analytics.twitter.com	tgbwidget.com
2	t.co	tgbwidget.com
2	alb.reddit.com	tgbwidget.com
2	script.hotjar.com	static.hotjar.com
2	www.google.de	tgbwidget.com
2	www.redditstatic.com	www.googletagmanager.com
2	static.ads-twitter.com	www.googletagmanager.com
2	static.hotjar.com	www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	api.duckduckgo.com	tgbwidget.com
2	connect.facebook.net	redapes.org connect.facebook.net
2	dnpl.bgenerous.com	redapes.org
2	www.paypalobjects.com	redapes.org
2	maxcdn.bootstrapcdn.com	redapes.org maxcdn.bootstrapcdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.paypal.com	1 redirects
1	s3.amazonaws.com	redapes.org
1	d1ev1rt26nhnwq.cloudfront.net	redapes.org
187	35

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.pinterest.ca
www.youtube.com
www.instagram.com
twitter.com
www.paypal.com
www.thegivingblock.com
dnpl.bgenerous.com
account.venmo.com
wise.com
www.networkforgood.org
smile.amazon.com
givingworks.ebay.com
mediumrareinc.com

Subject Issuer	Validity	Valid
redapes.org R3	`2022-11-02` - `2023-01-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh
bgenerous.com Amazon	`2022-07-20` - `2023-08-18`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-26` - `2022-12-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tgbwidget.com R3	`2022-10-26` - `2023-01-24`	3 months	crt.sh
*.duckduckgo.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.ingest.sentry.io R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://redapes.org/donate
Frame ID: 1328A024A6F04162ACC3B19CF051B923
Requests: 63 HTTP requests in this frame

Frame: https://tgbwidget.com/?charityID=260521285
Frame ID: 85492568645FAFFDE71EE3351BC4A6B2
Requests: 41 HTTP requests in this frame

Frame: https://tgbwidget.com/?charityID=260521285&donationFlow=card
Frame ID: EF2FC555D317985E631929B386F6A417
Requests: 41 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ&co=aHR0cHM6Ly90Z2J3aWRnZXQuY29tOjQ0Mw..&hl=de&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=bottomright&cb=yi3nq7wsdrc4
Frame ID: ED74B63884334B3615B6E6F942CBAF05
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ&co=aHR0cHM6Ly90Z2J3aWRnZXQuY29tOjQ0Mw..&hl=de&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=bottomright&cb=4ht90xbayuk8
Frame ID: B66F5C640018DB3FB93A4FF19AF68ADB
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 14A058C6730C3A8B740273B0D10F10A4
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 7E30BF370C0002BA20F2B7FF1482182C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ
Frame ID: 22B3B11956F9B66AD5281949EAB5318E
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ
Frame ID: 1F9E205C9CE808EC87ED4BE4AC59CA2E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Make a Donation - Orangutan Outreach

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

187
Requests

98 %
HTTPS

45 %
IPv6

27
Domains

35
Subdomains

32
IPs

5
Countries

6224 kB
Transfer

13489 kB
Size

18
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/OrangutanOutreach/

Search URL Search Domain Scan URL

URL: https://www.pinterest.ca/redapes/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC5TtWIiKSBehv3QDvl6xXSQ

Search URL Search Domain Scan URL

URL: https://www.instagram.com/orangutanoutreach/

Search URL Search Domain Scan URL

URL: https://twitter.com/redapes

Search URL Search Domain Scan URL

URL: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=LH4GDNHLHSTGY&source=url
Title: here

Search URL Search Domain Scan URL

URL: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=9NYPFX62QUZPG&source=url
Title: here

Search URL Search Domain Scan URL

URL: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=TZBDXDJPQBC74&source=url
Title: here

Search URL Search Domain Scan URL

URL: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=R3GSGQH4U7QBJ&source=url
Title: here

Search URL Search Domain Scan URL

URL: https://www.thegivingblock.com/donate-bitcoin-orangutanoutreach
Title: The Giving Block

Search URL Search Domain Scan URL

URL: https://dnpl.bgenerous.com/?organizationID=109d0239-f6dc-4b3a-bcaa-c521da514043
Title: B Generous website

Search URL Search Domain Scan URL

URL: https://account.venmo.com/u/orangutanoutreach

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OrangutanOutreach

Search URL Search Domain Scan URL

URL: https://www.youtube.com/redapes

Search URL Search Domain Scan URL

URL: https://wise.com/us

Search URL Search Domain Scan URL

URL: https://www.networkforgood.org/donation/MakeDonation.aspx?ORGID2=260521285&vlrStratCode=ERFETknIEjlew222GpjB7r8Fj2BNOYrUV4TWTorN2RCCeAIj6aDRzxcSvIvAzXJP
Title: Learn more about this safe, secure way to donate online-- and make a donation today!

Search URL Search Domain Scan URL

URL: https://www.networkforgood.org/donation/MakeDonation.aspx?ORGID2=260521285

Search URL Search Domain Scan URL

URL: http://smile.amazon.com/ch/26-0521285

Search URL Search Domain Scan URL

URL: http://givingworks.ebay.com/charity-auctions/charity/orangutan-outreach/40914/?favorite=link

Search URL Search Domain Scan URL

URL: http://mediumrareinc.com/
Title: MediumRare Interactive, Inc.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Request Chain 138

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355140&url=https%3A%2F%2Fredapes.org%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3516122%26time%3D1671365355140%26url%3Dhttps%253A%252F%252Fredapes.org%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355140&url=https%3A%2F%2Fredapes.org%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355140&url=https%3A%2F%2Fredapes.org%2F&liSync=true&e_ipv6=AQLnfVjjtTkZxgAAAYUlI2lgBA39GPHAIWSzFF0Nsn-Rag2qllcCqync-_S939WNwrF8NOg

Request Chain 140

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355142&url=https%3A%2F%2Fredapes.org%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3516122%26time%3D1671365355142%26url%3Dhttps%253A%252F%252Fredapes.org%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355142&url=https%3A%2F%2Fredapes.org%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355142&url=https%3A%2F%2Fredapes.org%2F&liSync=true&e_ipv6=AQLYU9jNakpiTwAAAYUlI2kSPVM1Ko3kQDzXyqC12XOjWCZy5Y8dPQH0ZNsy1UmVK8EGG8s

187 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request donate Show response
redapes.org/ 75 KB
16 KB 676ms
287ms Document
text/html 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3b2fb41bf9df4bd85f55ff1ba9ad96b07c5983e6dfdcae241896470593eed98d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 18 Dec 2022 12:09:11 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://redapes.org/wp-json/>; rel="https://api.w.org/" <https://redapes.org/wp-json/wp/v2/pages/59>; rel="alternate"; type="application/json" <https://redapes.org/?p=59>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 shadowbox.css
redapes.org/wp-content/uploads/shadowbox-js/src/ 2 KB
733 B 184ms
182ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/uploads/shadowbox-js/src/shadowbox.css?ver=3.0.3
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 47d9dda43b555ce77b567e701dcc222e911c4c0ece866450047b74f8e747b3d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Thu, 17 Dec 2020 00:26:51 GMT
server: LiteSpeed
etag: "7cf-5fdaa5cb-ff378;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 569
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 extras.css
redapes.org/wp-content/plugins/shadowbox-js/css/ 153 B
238 B 184ms
183ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/shadowbox-js/css/extras.css?ver=3.0.3.10
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 18952865dbf129feb79fbdb05fcb8a6a2c5981343209925dc097de246322d5ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
last-modified: Tue, 29 Nov 2022 05:21:16 GMT
server: LiteSpeed
etag: "99-638596cc-13c176;;;"
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 153
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 sbi-styles.min.css
redapes.org/wp-content/plugins/instagram-feed/css/ 21 KB
3 KB 184ms
183ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: eb3666c237dfc004679d0009a45702814420164d6248978309842dfdf6fcda23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:15 GMT
server: LiteSpeed
etag: "545e-638596cb-7f3a0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3047
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 style.min.css
redapes.org/wp-includes/css/dist/block-library/ 93 KB
11 KB 185ms
184ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:20 GMT
server: LiteSpeed
etag: "172a9-638596d0-13b753;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 11434
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 classic-themes.min.css
redapes.org/wp-includes/css/ 217 B
280 B 185ms
185ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 05:21:20 GMT
server: LiteSpeed
etag: "d9-638596d0-ffa6b;gz"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 styles.css
redapes.org/wp-content/plugins/contact-form-7/includes/css/ 3 KB
938 B 230ms
226ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:14 GMT
server: LiteSpeed
etag: "aab-638596ca-7f1a1;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 849
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 style.css
redapes.org/wp-content/plugins/floating-social-media-icon/css/ 497 B
258 B 231ms
227ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/floating-social-media-icon/css/style.css?v=4.3.5&ver=6.1.1
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9197fd92a33219d62814c38de1637a18cf1052d52f337ad4e780a5fa224f805f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:15 GMT
server: LiteSpeed
etag: "1f1-638596cb-7f207;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 193
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 wdsi.css
redapes.org/wp-content/plugins/slide-in/css/ 33 KB
4 KB 231ms
227ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/slide-in/css/wdsi.css?ver=1.1.3
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a610fa4a574223c2842a63f8b54bb13180e9331a2d1b855b27b12213dd37221f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:16 GMT
server: LiteSpeed
etag: "85e9-638596cc-7f974;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3861
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 style.css
redapes.org/wp-content/themes/redapes/ 25 KB
5 KB 343ms
339ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/themes/redapes/style.css?ver=1669699279
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 72b8cbc631b5576f035a0095ae978a368e6e7ee14d41a9f440e47fcf897a2058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:19 GMT
server: LiteSpeed
etag: "62ea-638596cf-80735;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5003
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 colorbox.css
redapes.org/wp-content/plugins/wordpress-ecommerce/ui/css/ 21 KB
14 KB 344ms
340ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/wordpress-ecommerce/ui/css/colorbox.css?ver=3.3.0
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c8bf0b7b39503f5e6d0fa650041146a0e6c03ec60b5717c45482f768ec4c2961

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:17 GMT
server: LiteSpeed
etag: "5361-638596cd-7fc08;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13896
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 dashicons.min.css
redapes.org/wp-includes/css/ 58 KB
34 KB 345ms
341ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-includes/css/dashicons.min.css?ver=6.1.1
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:20 GMT
server: LiteSpeed
etag: "e688-638596d0-ff7f3;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 35099
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 jquery-ui.min.css
redapes.org/wp-content/plugins/wordpress-ecommerce/ui/css/ 15 KB
4 KB 525ms
522ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/wordpress-ecommerce/ui/css/jquery-ui.min.css?ver=3.3.0
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: fdaa2e999b369973f2a1e961b2200a12d554543b9d9b65f736110ed4e789820d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:17 GMT
server: LiteSpeed
etag: "3aa6-638596cd-7fc0a;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4435
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 select2.css
redapes.org/wp-content/plugins/wordpress-ecommerce/ui/select2/ 19 KB
3 KB 526ms
522ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/wordpress-ecommerce/ui/select2/select2.css?ver=3.3.0
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0408ac2c3d878bcd112b5139ba73fe5bbd64ae17efa39c75d39258cb036e1411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:17 GMT
server: LiteSpeed
etag: "4b8a-638596cd-7fc83;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3035
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 marketpress.css
redapes.org/wp-content/plugins/wordpress-ecommerce/ui/css/ 54 KB
18 KB 526ms
523ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/wordpress-ecommerce/ui/css/marketpress.css?ver=3.3.0
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9729e68478ecb2827bef8da778dc66c039fc1ae98393b886af959515370d38aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:17 GMT
server: LiteSpeed
etag: "d938-638596cd-7fc0b;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 18795
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 s2member-o.php
redapes.org/wp-content/plugins/s2member/ 36 KB
4 KB 703ms
700ms Stylesheet
text/css 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/s2member/s2member-o.php?ws_plugin__s2member_css=1&qcABC=1&ver=221103-221103-2496523317
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 955c8d51f75a512e1dc235dab020337aad5da99aa8649b4ca8f1a0b996d281d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: gzip
last-modified: Sun, 18 Dec 2022 12:09:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=604800
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 jquery.min.js Show response
redapes.org/wp-includes/js/jquery/ 88 KB
30 KB 527ms
524ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:20 GMT
server: LiteSpeed
etag: "15e54-638596d0-13b1d8;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 30176
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 jquery-migrate.min.js Show response
redapes.org/wp-includes/js/jquery/ 11 KB
4 KB 527ms
524ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:20 GMT
server: LiteSpeed
etag: "2bd8-638596d0-13b1d0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3992
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 wdsi.js Show response
redapes.org/wp-content/plugins/slide-in/js/ 12 KB
3 KB 527ms
524ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/slide-in/js/wdsi.js?ver=1.1.3
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 13fea13d5143726aa8694f984e591dec69cf21c60a95cce09ff308b4269023d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:16 GMT
server: LiteSpeed
etag: "2f78-638596cc-7f986;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3214
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 ajaxq.min.js Show response
redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/ 1 KB
683 B 527ms
524ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/ajaxq.min.js?ver=3.3.0
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c0c09e22c8babd35ee7a264de88b25f0b107142f354b345fea55de331625d472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:17 GMT
server: LiteSpeed
etag: "53d-638596cd-7fc59;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 617
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 jquery.colorbox-min.js Show response
redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/ 12 KB
4 KB 527ms
525ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/jquery.colorbox-min.js?ver=3.3.0
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 04313b6b0285b9d83023f33e3a606c603b91cfc57ad400436ccb4570c1098bcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:17 GMT
server: LiteSpeed
etag: "2e31-638596cd-7fc5c;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4487
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 jquery.validate.min.js Show response
redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/ 21 KB
6 KB 528ms
526ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/jquery.validate.min.js?ver=3.3.0
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 094e00b708e00a1de8c8fe1c172a1319792657720d8cc18a96232f7f2e862036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:17 GMT
server: LiteSpeed
etag: "5417-638596cd-7fc60;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6483
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 mp-cart.js Show response
redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/ 23 KB
5 KB 528ms
526ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/mp-cart.js?ver=3.3.0
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f04cf177a61fae5326e8860f42099ed3b7a340a9c8424fc995b99c7cbf18a138

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:17 GMT
server: LiteSpeed
etag: "5a3d-638596cd-7fc61;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4618
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 core.min.js Show response
redapes.org/wp-includes/js/jquery/ui/ 21 KB
7 KB 529ms
527ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:20 GMT
server: LiteSpeed
etag: "53c0-638596d0-13b1ea;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6787
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 tooltip.min.js Show response
redapes.org/wp-includes/js/jquery/ui/ 6 KB
2 KB 529ms
527ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 033e0749f8158d222c10ec42a544afb64e164468b3343b87dbbd6717e380b7d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:20 GMT
server: LiteSpeed
etag: "1828-638596d0-13b7a4;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1990
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 hoverintent.min.js Show response
redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/ 2 KB
965 B 530ms
528ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/hoverintent.min.js?ver=3.3.0
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 95059e51f5a108265de5cab0ccd85f163e55a59511afc42316934aa917fb5286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:17 GMT
server: LiteSpeed
etag: "916-638596cd-7fc5b;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 899
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 select2.min.js Show response
redapes.org/wp-content/plugins/wordpress-ecommerce/ui/select2/ 61 KB
17 KB 530ms
528ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/wordpress-ecommerce/ui/select2/select2.min.js?ver=3.3.0
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: d3fabe6803882d75252028bde8db65f11732d535febf3cdd409cb7b7563b5299

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:17 GMT
server: LiteSpeed
etag: "f451-638596cd-7fc86;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 17051
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 frontend.js Show response
redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/ 15 KB
3 KB 592ms
590ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/frontend.js?ver=3.3.0
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 32af1a95566d6bf4eff00bb7ca5ca1b030da03a46e38e6ee4eab9da58875f3b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:17 GMT
server: LiteSpeed
etag: "3cde-638596cd-7fc5a;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3290
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 mp-equal-height.js Show response
redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/ 1 KB
342 B 592ms
591ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/wordpress-ecommerce/ui/js/mp-equal-height.js?ver=3.3.0
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 57e232d1b27a6d6be9f30df89f5b2c7e2b4e9ab2c0c851e7a748fe1a9d37b966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:17 GMT
server: LiteSpeed
etag: "4db-638596cd-7fc63;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 276
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 171ms
52ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EREZ71WMDH

Requested by

Host: redapes.org
URL: https://redapes.org/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

887ce1b3d1028654e6199929b7462012a04e3e8c2dd88eaab4607e607ffa4c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76904
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Dec 2022 12:09:13 GMT

GET
H3 200 logo2016-type-orange.svg
redapes.org/wp-content/themes/redapes/images/ 5 KB
2 KB 735ms
731ms Image
image/svg+xml 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redapes.org/wp-content/themes/redapes/images/logo2016-type-orange.svg
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 37e10aaf9bceecaa57ac0b06e2b44bce06ac12e4b066d4985f46deb96c329b2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:20 GMT
server: LiteSpeed
etag: "1213-638596d0-8094c;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1719
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
949 B 130ms
47ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand:400,700

Requested by

Host: redapes.org
URL: https://redapes.org/wp-content/themes/redapes/style.css?ver=1669699279

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f991e5aa2c5aa46c23c0ccb985c352139e6637aa6fd03b26e3b08d8b4572c2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Dec 2022 11:41:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Dec 2022 12:09:12 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 131ms
51ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: redapes.org
URL: https://redapes.org/wp-content/themes/redapes/style.css?ver=1669699279

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 5677421
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 77b7c9cdc9a9917c-FRA
cdn-requestpullsuccess: True

GET
H3 200 359942543601.png
redapes.org/wp-content/uploads/2012/05/ 200 KB
200 KB 737ms
733ms Image
image/png 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redapes.org/wp-content/uploads/2012/05/359942543601.png
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: fda98e5e3e388026c10e32ab4ab42226c58d469bb8c7fe339ca9043ebcbbc8ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
last-modified: Thu, 17 Dec 2020 00:22:11 GMT
server: LiteSpeed
etag: "31feb-5fdaa4b3-80d8b;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 204779
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 3 KB
3 KB 223ms
14ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: redapes.org
URL: https://redapes.org/donate

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF2) /

Resource Hash

33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 14:20:07 GMT
server: ECAcc (frc/4CF2)
etag: "60afaa97-c1b"
x-cache: HIT
content-type: image/gif
paypal-debug-id: 2b4c172ba8a6d
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 3099
expires: Sun, 18 Dec 2022 13:09:13 GMT

GET
H2 200 style.min.css
dnpl.bgenerous.com/sdk/1.0.0/ 1 KB
2 KB 1182ms
711ms Stylesheet
text/css 99.86.240.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnpl.bgenerous.com/sdk/1.0.0/style.min.css
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-37.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b30cf083849f00aa25dee922477fb1fb7494e485da4c96d6dbc402006304ef0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
x-amz-version-id: KlflY5NBl5.KyR.RZD86gER80BaVSva.
via: 1.1 f1944380c787841c28b16df91c1ec34e.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 07:33:45 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C1
etag: "13f1b9a56bb126798313d5ce989a82d4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 1119
x-amz-cf-id: 7kDwyXa-ts1jhF0Ilu60gPFSZUZF1zXgknjNTwHBhLLXEmaGILK61g==

GET
H2 200 donationSDK.min.js Show response
dnpl.bgenerous.com/sdk/1.0.0/ 2 KB
3 KB 1157ms
708ms Script
application/javascript 99.86.240.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnpl.bgenerous.com/sdk/1.0.0/donationSDK.min.js
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-37.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e4d21081159105f95278aaef548ae6c0b8d8761b5443c8294aea005a37ca97b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
x-amz-version-id: smW7jC3_n5IERbv16s4U5VfSmNd3RNeW
via: 1.1 f1944380c787841c28b16df91c1ec34e.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 07:33:45 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C1
etag: "dd28b43ffc427941eddbff0b07aed877"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 2538
x-amz-cf-id: qxXag_cE5XK9XBfSARv5cyJSOhQ-wjLTufdzFau5BFyt5EMlJFhtxA==

GET
H/1.1 200
OK ccmtblv2.png
d1ev1rt26nhnwq.cloudfront.net/ 14 KB
15 KB 208ms
91ms Image
image/png 99.86.247.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ev1rt26nhnwq.cloudfront.net/ccmtblv2.png
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-143.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f236b73779a0ec411a9dc85e59c8a13e34d437f3ccb8e034d20635a7185b2edd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 07:47:45 GMT
Via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 May 2015 00:54:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: VIE50-C1
Age: 15689
ETag: "7788e2f1c2bd46db8926f17c9849bd40"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14471
X-Amz-Cf-Id: XeQ-SjpEicJzOqia1EDmxR859wYs4rvxJD2-HXyJ_6jlw5uhaHpn4Q==

GET
H/1.1 200
OK mc-validate.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 140 KB
140 KB 396ms
130ms Script
application/javascript 52.217.104.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.104.94 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 18 Dec 2022 12:09:14 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:38 GMT
Server: AmazonS3
x-amz-request-id: EZ7Z60ECEHT2AWN3
ETag: "6465dd4a8331265e6629cd069e03504c"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 143249
x-amz-id-2: w1Z3GlngNbYyVxYOGt8X1LzMixCw4lpnGXjDWGByPNIWZHQVrLZ8JoQzwAEzSWHaoDzACw6GGic=

GET
H3 200 admin-ajax.php Show response
redapes.org/wp-admin/ 41 KB
13 KB 501ms
498ms Script
text/javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://redapes.org/wp-admin/admin-ajax.php?action=shadowboxjs&cache=47eb1d3361ca61b83ec5f0ea9479a715&ver=3.0.3

Requested by

Host: redapes.org
URL: https://redapes.org/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a1a62c6c9272a7616facba3b10b689902fc3091924d321fbe8d750e70ea4101a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: LiteSpeed
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0, no-store
x-robots-tag: noindex
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires: Wed, 28 Dec 2022 12:09:13 GMT

GET
H3 200 index.js Show response
redapes.org/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 210ms
206ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:14 GMT
server: LiteSpeed
etag: "26d1-638596ca-13bbfa;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2811
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H3 200 index.js Show response
redapes.org/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 211ms
207ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:14 GMT
server: LiteSpeed
etag: "3016-638596ca-7f1a3;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3707
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 919 B
993 B 211ms
83ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Requested by

Host: redapes.org
URL: https://redapes.org/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

783f88cc99aa644c7ca0af0bd9aa0e2252edf02a108abefc35de68dbc10629f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:13 GMT

GET
H3 200 site.js Show response
redapes.org/wp-content/themes/redapes/ 39 KB
12 KB 211ms
207ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/themes/redapes/site.js?ver=1669699279
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9c5993933707bbb7cc37ba93866aea5aebade9a741ef318ba469a093391df8cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
content-encoding: br
last-modified: Tue, 29 Nov 2022 05:21:19 GMT
server: LiteSpeed
etag: "9c78-638596cf-80734;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 12610
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H3 200 s2member-o.php Show response
redapes.org/wp-content/plugins/s2member/ 117 KB
20 KB 367ms
363ms Script
application/x-javascript 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://redapes.org/wp-content/plugins/s2member/s2member-o.php?ws_plugin__s2member_js_w_globals=1&qcABC=1&ver=221103-221103-2496523317
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a35099a3bb02004cc2d2894e54663c8dcd06ea7d0a1be23f69f46ea4f0d27028

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Sun, 18 Dec 2022 12:09:13 GMT
content-encoding: gzip
last-modified: Sun, 18 Dec 2022 12:09:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: max-age=604800
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires: Sun, 25 Dec 2022 12:09:13 GMT

GET
H3 200 loading.gif
redapes.org/wp-content/plugins/wordpress-ecommerce/ui/images/ 4 KB
4 KB 716ms
712ms Image
image/gif 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redapes.org/wp-content/plugins/wordpress-ecommerce/ui/images/loading.gif
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 35b980519fa1e97adf6543969e336b33d28347bd26d87926865510ac4ff150d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
last-modified: Tue, 29 Nov 2022 05:21:17 GMT
server: LiteSpeed
etag: "1177-638596cd-7fc43;;;"
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4471
expires: Sun, 25 Dec 2022 12:09:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 180ms
51ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: redapes.org
URL: https://redapes.org/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Dec 2022 10:27:24 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6109
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 18 Dec 2022 12:27:24 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 145ms
47ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: redapes.org
URL: https://redapes.org/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ac7c8938804ed63ff9eff159b2ce006b37c76a18af0d801e1fb973e3427855f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Dec 2022 12:09:13 GMT
content-md5: iRa0CqqyJZxZSnNUH6geIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: jMGyfhNi2KKSCyJMegwYL/3pPVRsZS84XOfxDL9gbN/RSDEj3/oWvWGe8UEgtovy0qzaW+Eem8ED6/TlTENMww==
x-fb-trip-id: 720026100
x-fb-content-md5: d555dd9e5dbe2f8b56b5544d381484f5
cross-origin-opener-policy: same-origin-allow-popups
etag: "d80ae906e770c5bfe8b0cddfdb7609d5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 18 Dec 2022 12:28:27 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 101ms
54ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://redapes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752
age: 62913
cdn-cachedat: 08/17/2022 18:20:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 531943f8451260665df52c8546978d1b
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 77b7c9d00cad91ef-FRA
cdn-requestpullsuccess: True

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v30/ 25 KB
26 KB 121ms
38ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://redapes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 12:09:41 GMT
x-content-type-options: nosniff
age: 86372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25672
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:09:41 GMT

GET
H3 200 paypal.jpg
redapes.org/wp-content/uploads/2012/05/ 5 KB
5 KB 683ms
683ms Image
image/jpeg 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redapes.org/wp-content/uploads/2012/05/paypal.jpg
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a9e5316c8b96f9b7e521e0bfcb86792111f09e8e3556c9b9ba85a7ba79f6ff24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:13 GMT
last-modified: Thu, 17 Dec 2020 00:22:35 GMT
server: LiteSpeed
etag: "1354-5fdaa4cb-8174f;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4948
expires: Sun, 25 Dec 2022 12:09:13 GMT

GET
H2

200

pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain

https://www.paypal.com/en_US/i/scr/pixel.gif
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

43 B
199 B

40ms
40ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: redapes.org
URL: https://redapes.org/donate

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBC) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (frc/4CBC)
etag: "5d5637be-2b"
x-cache: HIT
content-type: image/gif
paypal-debug-id: d1c4cfe1ff620
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 43
expires: Sun, 18 Dec 2022 13:09:13 GMT

Redirect headers

x-served-by: cache-hhn-etou8220041-HHN
date: Sun, 18 Dec 2022 12:09:13 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f896468e4c295-43546d5acf8a10a9-01
x-timer: S1671365353.064573,VS0,VE153
x-cache: MISS
location: https://www.paypalobjects.com/en_US/i/scr/pixel.gif
paypal-debug-id: f896468e4c295
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-cache-hits: 0

GET
H3 200 logo-b-generous-100x100.png
redapes.org/wp-content/uploads/2022/11/ 4 KB
4 KB 688ms
688ms Image
image/png 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redapes.org/wp-content/uploads/2022/11/logo-b-generous-100x100.png
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 1323834ee219528c33b3b553da57488fbc0fdfbe838bc8fee341529f7f7e6877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:13 GMT
last-modified: Mon, 28 Nov 2022 21:17:01 GMT
server: LiteSpeed
etag: "108b-6385254d-13ec4e;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4235
expires: Sun, 25 Dec 2022 12:09:13 GMT

GET
H2 200 / Show response
tgbwidget.com/ Frame 8549 695 B
978 B 491ms
127ms Document
text/html 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/?charityID=260521285

Requested by

Host: redapes.org
URL: https://redapes.org/donate

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

d10ae989a4210199a0bb0cbe200a7c13cd6e89100b6995cf448964abc3b7ec6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redapes.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 695
content-type: text/html
date: Sun, 18 Dec 2022 12:09:13 GMT
etag: "63972a5d-2b7"
expires: Sun, 18 Dec 2022 12:09:12 GMT
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
tgbwidget.com/ Frame EF2F 695 B
977 B 492ms
129ms Document
text/html 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/?charityID=260521285&donationFlow=card

Requested by

Host: redapes.org
URL: https://redapes.org/donate

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

d10ae989a4210199a0bb0cbe200a7c13cd6e89100b6995cf448964abc3b7ec6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redapes.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 695
content-type: text/html
date: Sun, 18 Dec 2022 12:09:13 GMT
etag: "63972a5d-2b7"
expires: Sun, 18 Dec 2022 12:09:12 GMT
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 1; mode=block

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 114ms
49ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=27e5a86689bcf5a46484b7052cf1e431

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0077fc57b878e3a8f8640b188901e628c6045033ed15ef7859d0a866c3ee52b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://redapes.org/
Origin: https://redapes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Dec 2022 12:09:13 GMT
content-md5: zMoIdFFs+bymiYeDOc0QSg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88480
x-fb-rlafr: 0
x-fb-debug: x7AKDyfJ+xBnrINkmlSFkSyHwjzdDZfuciwmMqElxjYj3PCrBUR/++KpJD4fEXg75ap12Qhd9gQs/THRuTPYoQ==
x-fb-content-md5: 4aa6b5ed88c291bea34316063b785b08
cross-origin-opener-policy: same-origin-allow-popups
etag: "5acb93f7dfd9c223c7a5abcade20c9a1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 18 Dec 2023 10:51:24 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 176ms
72ms XHR
text/plain 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2053044866&t=pageview&_s=1&dl=https%3A%2F%2Fredapes.org%2Fdonate&ul=en-us&de=UTF-8&dt=Make%20a%20Donation%20-%20Orangutan%20Outreach&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1699331223&gjid=183534380&cid=1803861180.1671365353&tid=UA-2580782-1&_gid=1347829672.1671365353&_r=1&_slc=1&z=1464590270

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://redapes.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 12:09:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://redapes.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
335 B 160ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EREZ71WMDH&gtm=2oebu0&_p=2053044866&cid=1803861180.1671365353&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671365353&sct=1&seg=0&dl=https%3A%2F%2Fredapes.org%2Fdonate&dt=Make%20a%20Donation%20-%20Orangutan%20Outreach&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EREZ71WMDH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 12:09:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://redapes.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.js Show response
tgbwidget.com/ Frame 8549 340 B
631 B 226ms
225ms Script
application/javascript 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/config.js

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

7e79e2d9312e920ecb9cd45bd47540f025e30f7c95b1fdbcd9e03fbb8f10b617

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=260521285
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:20:20 GMT
etag: "63972a94-154"
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 340
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:12 GMT

GET
H2 200 main.d21b3df6.js Show response
tgbwidget.com/static/js/ Frame 8549 2 MB
737 KB 231ms
230ms Script
application/javascript 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/js/main.d21b3df6.js

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

4de96f2c9c51fdecccc6f78fae45cd32892ec297f08cead16e7184c495198042

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=260521285
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: W/"63972a5d-22ab61"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:12 GMT

GET
H2 200 main.6ec5f7b3.css
tgbwidget.com/static/css/ Frame 8549 6 KB
2 KB 226ms
225ms Stylesheet
text/css 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/css/main.6ec5f7b3.css

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

f327351dad9a78df6d2ca5dd9faf919de74f00efacdaedc4a6c8046f77c58035

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=260521285
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: W/"63972a5d-162e"
vary: Accept-Encoding
content-type: text/css
cache-control: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:12 GMT

GET
H2 200 config.js Show response
tgbwidget.com/ Frame EF2F 340 B
631 B 601ms
601ms Script
application/javascript 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/config.js

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285&donationFlow=card

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

7e79e2d9312e920ecb9cd45bd47540f025e30f7c95b1fdbcd9e03fbb8f10b617

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=260521285&donationFlow=card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:20:20 GMT
etag: "63972a94-154"
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 340
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:12 GMT

GET
H2 200 main.d21b3df6.js Show response
tgbwidget.com/static/js/ Frame EF2F 2 MB
737 KB 722ms
721ms Script
application/javascript 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/js/main.d21b3df6.js

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285&donationFlow=card

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

4de96f2c9c51fdecccc6f78fae45cd32892ec297f08cead16e7184c495198042

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=260521285&donationFlow=card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: W/"63972a5d-22ab61"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:12 GMT

GET
H2 200 main.6ec5f7b3.css
tgbwidget.com/static/css/ Frame EF2F 6 KB
2 KB 990ms
990ms Stylesheet
text/css 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/css/main.6ec5f7b3.css

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285&donationFlow=card

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

f327351dad9a78df6d2ca5dd9faf919de74f00efacdaedc4a6c8046f77c58035

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=260521285&donationFlow=card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:13 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: W/"63972a5d-162e"
vary: Accept-Encoding
content-type: text/css
cache-control: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:12 GMT

GET
H3 200 Venmo-Logo-768x432-1-300x169.png
redapes.org/wp-content/uploads/2022/11/ 7 KB
7 KB 186ms
185ms Image
image/png 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redapes.org/wp-content/uploads/2022/11/Venmo-Logo-768x432-1-300x169.png
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: febed89c1405e0ff8e6cf6cd0cf319f6e7307ff8380cd98380d6e94d3cee6207

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
last-modified: Fri, 11 Nov 2022 21:13:26 GMT
server: LiteSpeed
etag: "1a30-636ebaf6-13c87c;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6704
expires: Sun, 25 Dec 2022 12:09:14 GMT

GET
H3 200 Facebook-Donate-Button-300x227.png
redapes.org/wp-content/uploads/2012/05/ 82 KB
82 KB 190ms
189ms Image
image/png 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redapes.org/wp-content/uploads/2012/05/Facebook-Donate-Button-300x227.png
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ffd2b47ceaea69679ad831fc8e470dde7f5b2b86c69c3802ef3f15c5a9040ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
last-modified: Thu, 17 Dec 2020 00:22:14 GMT
server: LiteSpeed
etag: "1460a-5fdaa4b6-80e97;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 83466
expires: Sun, 25 Dec 2022 12:09:14 GMT

GET
H3 200 instagram-logo-100x100.jpeg
redapes.org/wp-content/uploads/2021/12/ 3 KB
3 KB 244ms
243ms Image
image/jpeg 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redapes.org/wp-content/uploads/2021/12/instagram-logo-100x100.jpeg
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3d51e9d965c98e073d86fc4c9cff3b118c0fcadc9bb56a7509001b839ce0c71e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
last-modified: Thu, 02 Dec 2021 04:20:37 GMT
server: LiteSpeed
etag: "d31-61a84995-17c6d0;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3377
expires: Sun, 25 Dec 2022 12:09:14 GMT

GET
H3 200 youtube-logo-100x100.png
redapes.org/wp-content/uploads/2021/12/ 5 KB
5 KB 245ms
244ms Image
image/png 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redapes.org/wp-content/uploads/2021/12/youtube-logo-100x100.png
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a2c97966993bbfb7dc07eadfd6767d63ba7aefc3481cd73a733d4290a2154931

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
last-modified: Thu, 02 Dec 2021 04:25:31 GMT
server: LiteSpeed
etag: "13be-61a84abb-17c6d4;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 5054
expires: Sun, 25 Dec 2022 12:09:14 GMT

GET
H3 200 wise-logo-300x182.jpeg
redapes.org/wp-content/uploads/2021/04/ 7 KB
7 KB 246ms
245ms Image
image/jpeg 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redapes.org/wp-content/uploads/2021/04/wise-logo-300x182.jpeg
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: da2ba5fcae94c877d856275972eefc605000c5c19c45c61e02b592083ccea2c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
last-modified: Mon, 19 Apr 2021 17:23:47 GMT
server: LiteSpeed
etag: "1a4a-607dbca3-1f9470;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6730
expires: Sun, 25 Dec 2022 12:09:14 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 133ms
37ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redapes.org/
Origin: https://redapes.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 11:24:39 GMT

GET
H3 200 ajax-loader.gif
redapes.org/wp-content/plugins/s2member/src/images/ 1 KB
1 KB 187ms
186ms Image
image/gif 157.230.73.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redapes.org/wp-content/plugins/s2member/src/images/ajax-loader.gif
Requested by: Host: redapes.org
URL: https://redapes.org/donate
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 157.230.73.179 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9b5c37c80ccd103c8075d88ed542ac53ac2ad2f84ad000626d8ea8c6094f063a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://redapes.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
last-modified: Tue, 29 Nov 2022 05:21:16 GMT
server: LiteSpeed
etag: "5b0-638596cc-7f75b;;;"
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1456
expires: Sun, 25 Dec 2022 12:09:14 GMT

GET
H2 200 / Show response
api.duckduckgo.com/ Frame 8549 2 KB
2 KB 235ms
72ms Fetch
application/x-javascript 40.114.177.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.duckduckgo.com/?q=whats+my+user+agent&format=json&pretty=1

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.177.156 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

75a727f0c950afca7a0ba0120eca849982cf36272abfcace4f4294b7959a9790

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
content-encoding: br
server-timing: total;dur=28;desc="Backend Total"
x-xss-protection: 1;mode=block
x-duckduckgo-locale: de_DE
referrer-policy: origin
server: nginx
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
x-duckduckgo-results: 1
cache-control: max-age=1
permissions-policy: interest-cohort=()
expires: Sun, 18 Dec 2022 12:09:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8549 9 KB
841 B 125ms
47ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f8a6fa77f789e675740f6e7d8410a4688dcd0f031df5bba440a24ea4b2b8fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Dec 2022 12:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Dec 2022 12:09:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Dec 2022 12:09:14 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8549 287 KB
93 KB 134ms
58ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: redapes.org
URL: https://redapes.org/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f67fb79c43353e95dc5eaf63fa0aaf08a0861d1b3cdac147dce570f358210c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94894
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Dec 2022 12:09:14 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 8549 909 B
597 B 181ms
75ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4976158c0f29953fe1f2dfd3c7d7cebb56de7fa39bff4c63bdf5939a185ffa41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 576
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:14 GMT

GET
H2 200 charity-logo.59df9c7ed75f9c787561.jpg
tgbwidget.com/static/media/ Frame 8549 10 KB
10 KB 131ms
130ms Image
image/jpeg 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tgbwidget.com/static/media/charity-logo.59df9c7ed75f9c787561.jpg

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

acf248fe0795120ec1119705b4fde86c6d8a52a71988bfbd34e40194b11df933

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=260521285
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: "63972a5d-276f"
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
content-length: 10095
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:13 GMT

GET
DATA 200
OK truncated
/ Frame 8549 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 122555c03065b07b4d64d57ca9f3b6f242d0c0912b38b118a9aa9906b53e0b56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 powered-by-tgb-logo.8549fba1b762989623b9.png
tgbwidget.com/static/media/ Frame 8549 61 KB
61 KB 132ms
131ms Image
image/png 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tgbwidget.com/static/media/powered-by-tgb-logo.8549fba1b762989623b9.png

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

9b88f620688228fe83d5cfd2c327325267f5130868b6d8fd6768d86fedf3a7fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=260521285
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: "63972a5d-f372"
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 62322
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:13 GMT

GET
H2 200 Poppins-SemiBold.ac8d04b620e54be9b0f0.ttf
tgbwidget.com/static/media/ Frame 8549 152 KB
152 KB 128ms
128ms Font
application/octet-stream 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/media/Poppins-SemiBold.ac8d04b620e54be9b0f0.ttf

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/css/main.6ec5f7b3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/static/css/main.6ec5f7b3.css
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: "63972a5d-25e60"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 155232
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
api.duckduckgo.com/ Frame EF2F 2 KB
2 KB 123ms
71ms Fetch
application/x-javascript 40.114.177.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.duckduckgo.com/?q=whats+my+user+agent&format=json&pretty=1

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.177.156 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

75a727f0c950afca7a0ba0120eca849982cf36272abfcace4f4294b7959a9790

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
content-encoding: br
server-timing: total;dur=27;desc="Backend Total"
x-xss-protection: 1;mode=block
x-duckduckgo-locale: de_DE
referrer-policy: origin
server: nginx
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
x-duckduckgo-results: 1
cache-control: max-age=1
permissions-policy: interest-cohort=()
expires: Sun, 18 Dec 2022 12:09:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EF2F 9 KB
841 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f8a6fa77f789e675740f6e7d8410a4688dcd0f031df5bba440a24ea4b2b8fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Dec 2022 12:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 18 Dec 2022 12:09:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Dec 2022 12:09:14 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame EF2F 287 KB
93 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: redapes.org
URL: https://redapes.org/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa55c55d49c3d3eb4a247f4a7cdd4f082da357f85c7f8fbe88ef918f722b412e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94893
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Dec 2022 12:09:14 GMT

GET
H2 200 charity-logo.59df9c7ed75f9c787561.jpg
tgbwidget.com/static/media/ Frame EF2F 10 KB
10 KB 128ms
128ms Image
image/jpeg 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tgbwidget.com/static/media/charity-logo.59df9c7ed75f9c787561.jpg

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

acf248fe0795120ec1119705b4fde86c6d8a52a71988bfbd34e40194b11df933

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=260521285&donationFlow=card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: "63972a5d-276f"
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
content-length: 10095
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:13 GMT

GET
DATA 200
OK truncated
/ Frame EF2F 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 122555c03065b07b4d64d57ca9f3b6f242d0c0912b38b118a9aa9906b53e0b56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 powered-by-tgb-logo.8549fba1b762989623b9.png
tgbwidget.com/static/media/ Frame EF2F 61 KB
61 KB 129ms
128ms Image
image/png 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tgbwidget.com/static/media/powered-by-tgb-logo.8549fba1b762989623b9.png

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

9b88f620688228fe83d5cfd2c327325267f5130868b6d8fd6768d86fedf3a7fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=260521285&donationFlow=card
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: "63972a5d-f372"
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 62322
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:13 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame EF2F 909 B
597 B 110ms
74ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4976158c0f29953fe1f2dfd3c7d7cebb56de7fa39bff4c63bdf5939a185ffa41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 576
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:14 GMT

GET
H2 200 Poppins-SemiBold.ac8d04b620e54be9b0f0.ttf
tgbwidget.com/static/media/ Frame EF2F 152 KB
152 KB 128ms
128ms Font
application/octet-stream 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/media/Poppins-SemiBold.ac8d04b620e54be9b0f0.ttf

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/css/main.6ec5f7b3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/static/css/main.6ec5f7b3.css
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: "63972a5d-25e60"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 155232
x-xss-protection: 1; mode=block

POST
H2 200 list Show response
widget-backend.tgbwidget.com/v1/currencies/ Frame 8549 19 KB
19 KB 184ms
184ms Fetch
application/json 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-backend.tgbwidget.com/v1/currencies/list

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

97c3334a1c9b3ca6dba8eb56ad2eeb7cd353abdf423afc07838d7d5db05a237a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

x-response-time: 45ms
date: Sun, 18 Dec 2022 12:09:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-rate-limit-limit: 10
x-rate-limit-remaining: 9
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-rate-limit-reset: 1671365356
request-id: 3c436fdf-665c-4723-a7b4-c1440f7af757
content-length: 19376
x-xss-protection: 1; mode=block

OPTIONS
H2 204 list
widget-backend.tgbwidget.com/v1/currencies/ Frame 0
0 465ms
166ms Preflight 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-backend.tgbwidget.com/v1/currencies/list

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tgbwidget.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Content-Language,Cache-Control
access-control-allow-methods: PUT,GET,POST,DELETE,OPTIONS
access-control-allow-origin: *
date: Sun, 18 Dec 2022 12:09:15 GMT
request-id: 890cee84-3bbe-49a3-9062-685a75aa4166
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 38ms
x-xss-protection: 1; mode=block

POST
H2 200 list Show response
widget-backend.tgbwidget.com/v1/currencies/ Frame EF2F 19 KB
19 KB 280ms
280ms Fetch
application/json 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-backend.tgbwidget.com/v1/currencies/list

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

1522003bdab0da4dbaa87da4498c01ec852bd2460c2082dae93f70623bb6eda8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

x-response-time: 84ms
date: Sun, 18 Dec 2022 12:09:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-rate-limit-limit: 10
x-rate-limit-remaining: 8
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-rate-limit-reset: 1671365356
request-id: 3429ad53-708f-4894-846a-6ead44f39368
content-length: 19376
x-xss-protection: 1; mode=block

OPTIONS
H2 204 list
widget-backend.tgbwidget.com/v1/currencies/ Frame 0
0 448ms
197ms Preflight 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-backend.tgbwidget.com/v1/currencies/list

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tgbwidget.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Content-Language,Cache-Control
access-control-allow-methods: PUT,GET,POST,DELETE,OPTIONS
access-control-allow-origin: *
date: Sun, 18 Dec 2022 12:09:15 GMT
request-id: a85944be-b82e-4403-a003-f28f639f0996
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 68ms
x-xss-protection: 1; mode=block

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EF2F 15 KB
15 KB 193ms
116ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 232019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:42:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EF2F 16 KB
16 KB 133ms
59ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 09:07:05 GMT
x-content-type-options: nosniff
age: 97329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 09:07:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8549 15 KB
15 KB 172ms
108ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 142110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:40:44 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8549 15 KB
15 KB 185ms
120ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 232019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:42:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8549 16 KB
16 KB 101ms
37ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 09:07:05 GMT
x-content-type-options: nosniff
age: 97329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 09:07:05 GMT

GET
H3 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 8549 8 KB
8 KB 160ms
97ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:09:49 GMT
x-content-type-options: nosniff
age: 478765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:09:49 GMT

GET
H2 200 Poppins-Light.7641a0f76ca9ef6c252c.ttf
tgbwidget.com/static/media/ Frame 8549 156 KB
157 KB 132ms
128ms Font
application/octet-stream 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/media/Poppins-Light.7641a0f76ca9ef6c252c.ttf

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/css/main.6ec5f7b3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

647f014d36822ef7e0413ffbb65598ae0cb57fb798e635c63912c93d94eb356a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/static/css/main.6ec5f7b3.css
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: "63972a5d-27094"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 159892
x-xss-protection: 1; mode=block

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 8549 8 KB
8 KB 114ms
51ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 319461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:24:53 GMT

GET
H2 200 Poppins-Regular.35d26b781dc5fda684cc.ttf
tgbwidget.com/static/media/ Frame 8549 155 KB
155 KB 141ms
137ms Font
application/octet-stream 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/media/Poppins-Regular.35d26b781dc5fda684cc.ttf

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/css/main.6ec5f7b3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/static/css/main.6ec5f7b3.css
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: "63972a5d-26a20"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 158240
x-xss-protection: 1; mode=block

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 8549 8 KB
8 KB 140ms
78ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 17:14:46 GMT
x-content-type-options: nosniff
age: 154468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 17:14:46 GMT

GET
H2 200 Poppins-Medium.673ed42382ab264e0bf5.ttf
tgbwidget.com/static/media/ Frame 8549 153 KB
153 KB 149ms
146ms Font
application/octet-stream 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/media/Poppins-Medium.673ed42382ab264e0bf5.ttf

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/css/main.6ec5f7b3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

8d909883de81344e0fbcfef30e931872e92d9aeecdf85b6dcf6e0b28c078e98e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/static/css/main.6ec5f7b3.css
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: "63972a5d-26368"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 156520
x-xss-protection: 1; mode=block

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EF2F 15 KB
15 KB 148ms
86ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 142110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:40:44 GMT

GET
H3 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame EF2F 8 KB
8 KB 175ms
114ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 23:09:49 GMT
x-content-type-options: nosniff
age: 478765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:09:49 GMT

GET
H2 200 Poppins-Light.7641a0f76ca9ef6c252c.ttf
tgbwidget.com/static/media/ Frame EF2F 156 KB
157 KB 137ms
135ms Font
application/octet-stream 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/media/Poppins-Light.7641a0f76ca9ef6c252c.ttf

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/css/main.6ec5f7b3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

647f014d36822ef7e0413ffbb65598ae0cb57fb798e635c63912c93d94eb356a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/static/css/main.6ec5f7b3.css
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: "63972a5d-27094"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 159892
x-xss-protection: 1; mode=block

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame EF2F 8 KB
8 KB 133ms
73ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 319461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:24:53 GMT

GET
H2 200 Poppins-Regular.35d26b781dc5fda684cc.ttf
tgbwidget.com/static/media/ Frame EF2F 155 KB
155 KB 172ms
170ms Font
application/octet-stream 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/media/Poppins-Regular.35d26b781dc5fda684cc.ttf

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/css/main.6ec5f7b3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/static/css/main.6ec5f7b3.css
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: "63972a5d-26a20"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 158240
x-xss-protection: 1; mode=block

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame EF2F 8 KB
8 KB 163ms
102ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 17:14:46 GMT
x-content-type-options: nosniff
age: 154468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 17:14:46 GMT

GET
H2 200 Poppins-Medium.673ed42382ab264e0bf5.ttf
tgbwidget.com/static/media/ Frame EF2F 153 KB
153 KB 167ms
165ms Font
application/octet-stream 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/media/Poppins-Medium.673ed42382ab264e0bf5.ttf

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/css/main.6ec5f7b3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

8d909883de81344e0fbcfef30e931872e92d9aeecdf85b6dcf6e0b28c078e98e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/static/css/main.6ec5f7b3.css
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 12 Dec 2022 13:19:25 GMT
etag: "63972a5d-26368"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 156520
x-xss-protection: 1; mode=block

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame EF2F 407 KB
163 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tgbwidget.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 11:24:39 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 8549 407 KB
163 KB 120ms
40ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tgbwidget.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 11:24:39 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/692125522/ Frame 8549 2 KB
1 KB 137ms
48ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/692125522/?random=1671365354886&cv=11&fst=1671365354886&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D260521285&ref=https%3A%2F%2Fredapes.org%2F&tiba=The%20Giving%20Block&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bbc25830288f8e84e78cdadb7dd2fa18a5899e456e62cf5116bc8f6f508a325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 12:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 886
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 8549 49 KB
20 KB 51ms
51ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Dec 2022 10:27:24 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6110
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 18 Dec 2022 12:27:24 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 8549 13 KB
5 KB 178ms
49ms Script
application/x-javascript 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 18:31:06 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=83510
accept-ranges: bytes
content-length: 4654

GET
H2 200 hotjar-2773626.js Show response
static.hotjar.com/c/ Frame 8549 8 KB
4 KB 141ms
41ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2773626.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

a02022ca7bbafdf6ba6bd74d58f8b91196413234e3fd06c27c2cbb4710709c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 51
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/1592d2e416264d614f43a4a32fc65631
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: wBX5l2WPuiUKn1vmKANIhmHFhxi_vouBe3zLKyrt-IUAlb23XPxBxQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 8549 56 KB
15 KB 153ms
47ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6348-VIE

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ Frame 8549 25 KB
8 KB 161ms
40ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "3528fd00b652f61a266eb584d96f4fcc"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7722

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8549 224 KB
77 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B61YEXCGZ2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05e7e30ae2cb563135b879924a0d85a8476414ff43299e58089f895bc6e69047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Dec 2022 12:09:14 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/692125522/ Frame EF2F 2 KB
1 KB 110ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/692125522/?random=1671365354920&cv=11&fst=1671365354920&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D260521285%26donationFlow%3Dcard&ref=https%3A%2F%2Fredapes.org%2F&tiba=The%20Giving%20Block&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a87b303f6f4821c83c3bc86373df42db93ec20c0af064ff52e6932777e3540f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 12:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 904
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame EF2F 49 KB
20 KB 52ms
51ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 18 Dec 2022 10:27:24 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6110
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 18 Dec 2022 12:27:24 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame EF2F 13 KB
5 KB 142ms
47ms Script
application/x-javascript 2a02:26f0:11a::6867:4832
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 18:31:06 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=83510
accept-ranges: bytes
content-length: 4654

GET
H2 200 hotjar-2773626.js Show response
static.hotjar.com/c/ Frame EF2F 8 KB
4 KB 109ms
43ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2773626.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

a02022ca7bbafdf6ba6bd74d58f8b91196413234e3fd06c27c2cbb4710709c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 51
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/1592d2e416264d614f43a4a32fc65631
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: S0N0ZC9M8YL7OZNE9n85cp-wUC-lbOvcve9GhiQdFr5eSg_vU7lONQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame EF2F 56 KB
15 KB 127ms
55ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6348-VIE

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ Frame EF2F 25 KB
8 KB 128ms
42ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "3528fd00b652f61a266eb584d96f4fcc"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7722

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame EF2F 224 KB
77 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B61YEXCGZ2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75d9f05cecfea321aad3f347cdc20dca64d4d61c2e1dd1e668d8be9eb409f82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78688
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 18 Dec 2022 12:09:14 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/692125522/ Frame 8549 42 B
64 B 78ms
77ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/692125522/?random=1671365354886&cv=11&fst=1671364800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D260521285&ref=https%3A%2F%2Fredapes.org%2F&tiba=The%20Giving%20Block&fmt=3&is_vtc=1&random=2427412041&rmt_tld=0&ipr=y

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 12:09:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/692125522/ Frame 8549 42 B
108 B 207ms
78ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/692125522/?random=1671365354886&cv=11&fst=1671364800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D260521285&ref=https%3A%2F%2Fredapes.org%2F&tiba=The%20Giving%20Block&fmt=3&is_vtc=1&random=2427412041&rmt_tld=1&ipr=y

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 12:09:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/692125522/ Frame EF2F 42 B
64 B 78ms
77ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/692125522/?random=1671365354920&cv=11&fst=1671364800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D260521285%26donationFlow%3Dcard&ref=https%3A%2F%2Fredapes.org%2F&tiba=The%20Giving%20Block&fmt=3&is_vtc=1&random=4086156180&rmt_tld=0&ipr=y

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285&donationFlow=card

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 12:09:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/692125522/ Frame EF2F 42 B
548 B 206ms
77ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/692125522/?random=1671365354920&cv=11&fst=1671364800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=2&url=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D260521285%26donationFlow%3Dcard&ref=https%3A%2F%2Fredapes.org%2F&tiba=The%20Giving%20Block&fmt=3&is_vtc=1&random=4086156180&rmt_tld=1&ipr=y

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285&donationFlow=card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Dec 2022 12:09:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.bc1117deb4413903e9ac.js Show response
script.hotjar.com/ Frame 8549 264 KB
68 KB 183ms
51ms Script
application/javascript 13.32.110.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bc1117deb4413903e9ac.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2773626.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-73.vie50.r.cloudfront.net

Software

Resource Hash

53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 187149
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68859
last-modified: Fri, 16 Dec 2022 08:09:37 GMT
etag: "f13ff1e59c6576e6eab8ec5da41ce435"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 77hrsExFVnGfOzztQSOteNNo1NSgw_RM0-_OiNDl2h1EdulUvV0XSg==

GET
H2 200 modules.bc1117deb4413903e9ac.js Show response
script.hotjar.com/ Frame EF2F 264 KB
68 KB 239ms
109ms Script
application/javascript 13.32.110.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bc1117deb4413903e9ac.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2773626.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.73 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-73.vie50.r.cloudfront.net

Software

Resource Hash

53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 187149
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68859
last-modified: Fri, 16 Dec 2022 08:09:37 GMT
etag: "f13ff1e59c6576e6eab8ec5da41ce435"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: DATiBCVF_mQeUwccWV_3YKozs_ewIUTKWQCnkB2M9w3xPRb2HTpaWQ==

GET
H2 200 rp.gif
alb.reddit.com/ Frame 8549 42 B
157 B 237ms
154ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1671365355128&id=t2_cdcf5fdn&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=93bf445d-6b93-4670-b6c3-6b8b283a77cf&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_1967aea8
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 adsct
t.co/i/ Frame 8549 43 B
204 B 229ms
146ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=af4d0a08-0d6f-4752-9eca-19081f3c5fe5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fd2846f4-4283-4767-a4d5-2fa4e6d4b2a6&tw_document_href=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D260521285&tw_document_referrer=https%3A%2F%2Fredapes.org%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7wdw&type=javascript&version=2.3.29

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 109
date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3c181ad855f71ddb
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: ed5ff5391d617c58ae7531f0485507067be48f49662df3ae202b6815a1db5f83
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 8549 43 B
394 B 220ms
142ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=af4d0a08-0d6f-4752-9eca-19081f3c5fe5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fd2846f4-4283-4767-a4d5-2fa4e6d4b2a6&tw_document_href=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D260521285&tw_document_referrer=https%3A%2F%2Fredapes.org%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7wdw&type=javascript&version=2.3.29

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 103
date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 82063a1701149916
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: a220049ab1ef9ea3c5fa28b3e4d1fbf9004f33bc8ff714a5f438d99e4fade845
content-length: 43

GET
H2 200 rp.gif
alb.reddit.com/ Frame EF2F 42 B
73 B 229ms
154ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1671365355135&id=t2_cdcf5fdn&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=f8d00e6b-f37d-4964-bc13-e8a4d63ae484&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_1967aea8
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285&donationFlow=card
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 adsct
t.co/i/ Frame EF2F 43 B
377 B 223ms
143ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=37a598d1-66f1-4eea-92f3-2ebb0037d2a6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e062daf5-b2e6-4762-b644-27b7a0e87127&tw_document_href=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D260521285%26donationFlow%3Dcard&tw_document_referrer=https%3A%2F%2Fredapes.org%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7wdw&type=javascript&version=2.3.29

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285&donationFlow=card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 106
date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 65faa77560e7ef2e
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: ed5ff5391d617c58ae7531f0485507067be48f49662df3ae202b6815a1db5f83
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame EF2F 43 B
214 B 229ms
154ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=37a598d1-66f1-4eea-92f3-2ebb0037d2a6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e062daf5-b2e6-4762-b644-27b7a0e87127&tw_document_href=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D260521285%26donationFlow%3Dcard&tw_document_referrer=https%3A%2F%2Fredapes.org%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7wdw&type=javascript&version=2.3.29

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285&donationFlow=card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 116
date: Sun, 18 Dec 2022 12:09:14 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e0af60f4ffdf4ce8
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: a220049ab1ef9ea3c5fa28b3e4d1fbf9004f33bc8ff714a5f438d99e4fade845
content-length: 43

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/3516122/domain/tgbwidget.com/ Frame 0
0 170ms
45ms Preflight 2600:9000:2304:f800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3516122/domain/tgbwidget.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:f800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tgbwidget.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 27512
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sun, 18 Dec 2022 04:30:43 GMT
via: 1.1 dcbc01ed47e0218a59f0fec8e1b9aa18.cloudfront.net (CloudFront)
x-amz-cf-id: jj-stvf5poh6hZpBELPNFpFjnSkHBKSRJCMpBn2C2qssOxLKeeBHDA==
x-amz-cf-pop: VIE50-P1
x-cache: Hit from cloudfront

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3516122/domain/tgbwidget.com/ Frame EF2F 36 B
374 B 46ms
45ms XHR
application/json 2600:9000:2304:f800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3516122/domain/tgbwidget.com/token
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:f800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://tgbwidget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Dec 2022 12:01:07 GMT
content-encoding: gzip
via: 1.1 dcbc01ed47e0218a59f0fec8e1b9aa18.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 488
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: qncAaK3qmKDOYid4HPHX7ywfQPo3VNPMGiKa8NUaBwYMp_vsrVhB5Q==

GET
H2

200

collect
px4.ads.linkedin.com/ Frame EF2F
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355140&url=https%3A%2F%2Fredapes.org%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3516122%26time%3D1671365355140%26url%3Dhttps%253A%252F%252Fredapes.org%252F%26liS...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355140&url=https%3A%2F%2Fredapes.org%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355140&url=https%3A%2F%2Fredapes.org%2F&liSync=true&e_ipv6=AQLnfVjjtTkZxgAAAYUlI2lgBA39GPHAIWSzFF0Nsn-Rag2qllcCqync-_S939WNwr...

0
265 B

218ms
211ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355140&url=https%3A%2F%2Fredapes.org%2F&liSync=true&e_ipv6=AQLnfVjjtTkZxgAAAYUlI2lgBA39GPHAIWSzFF0Nsn-Rag2qllcCqync-_S939WNwrF8NOg
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285&donationFlow=card
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 693F15C30B0D4AC88CEC981591B20A82 Ref B: FRAEDGE1316 Ref C: 2022-12-18T12:09:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXwGRJXNLYxD8KOQDWzoQ==

Redirect headers

date: Sun, 18 Dec 2022 12:09:15 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 445A1F87AC664FD7AFB669DE40E73166 Ref B: FRAEDGE1915 Ref C: 2022-12-18T12:09:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355140&url=https%3A%2F%2Fredapes.org%2F&liSync=true&e_ipv6=AQLnfVjjtTkZxgAAAYUlI2lgBA39GPHAIWSzFF0Nsn-Rag2qllcCqync-_S939WNwrF8NOg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXwGRJTUfTbqDYi4+klZw==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3516122/domain/tgbwidget.com/ Frame 8549 36 B
374 B 45ms
44ms XHR
application/json 2600:9000:2304:f800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3516122/domain/tgbwidget.com/token
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:f800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://tgbwidget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 18 Dec 2022 12:01:07 GMT
content-encoding: gzip
via: 1.1 dcbc01ed47e0218a59f0fec8e1b9aa18.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 488
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: vSCthqZ86sAfEenLTO34J7WV7tpYZf4K27U60vdyEsu0eISU5Gu9kQ==

GET
H2

200

collect
px4.ads.linkedin.com/ Frame 8549
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355142&url=https%3A%2F%2Fredapes.org%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3516122%26time%3D1671365355142%26url%3Dhttps%253A%252F%252Fredapes.org%252F%26liS...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355142&url=https%3A%2F%2Fredapes.org%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355142&url=https%3A%2F%2Fredapes.org%2F&liSync=true&e_ipv6=AQLYU9jNakpiTwAAAYUlI2kSPVM1Ko3kQDzXyqC12XOjWCZy5Y8dPQH0ZNsy1UmVK8...

0
144 B

347ms
248ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355142&url=https%3A%2F%2Fredapes.org%2F&liSync=true&e_ipv6=AQLYU9jNakpiTwAAAYUlI2kSPVM1Ko3kQDzXyqC12XOjWCZy5Y8dPQH0ZNsy1UmVK8EGG8s
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 45C72599FC94427AB7DF73DD2830F9A2 Ref B: FRAEDGE1316 Ref C: 2022-12-18T12:09:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXwGRJXMQTGzWCPmCU9Hw==

Redirect headers

date: Sun, 18 Dec 2022 12:09:15 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3E125474AE9349DC8547F17A1CCA6FA0 Ref B: FRAEDGE1915 Ref C: 2022-12-18T12:09:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1671365355142&url=https%3A%2F%2Fredapes.org%2F&liSync=true&e_ipv6=AQLYU9jNakpiTwAAAYUlI2kSPVM1Ko3kQDzXyqC12XOjWCZy5Y8dPQH0ZNsy1UmVK8EGG8s
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXwGRJSIs6WAqAyC9qElg==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/3516122/domain/tgbwidget.com/ Frame 0
0 169ms
46ms Preflight 2600:9000:2304:f800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3516122/domain/tgbwidget.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:f800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tgbwidget.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 27512
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sun, 18 Dec 2022 04:30:43 GMT
via: 1.1 dcbc01ed47e0218a59f0fec8e1b9aa18.cloudfront.net (CloudFront)
x-amz-cf-id: pdPDeN3ljLKAf230X4DpfBlibgZsblxHz4UaLu0qDpe5AE9mGP4U_w==
x-amz-cf-pop: VIE50-P1
x-cache: Hit from cloudfront

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame ED74 43 KB
22 KB 88ms
87ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ&co=aHR0cHM6Ly90Z2J3aWRnZXQuY29tOjQ0Mw..&hl=de&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=bottomright&cb=yi3nq7wsdrc4

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb6adfdd1b81b35ec1f580fe2775872138aba7690929d97b2773b3cdab8aedf1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q1IEBrMN139ZMgMXmvStgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22754
content-security-policy: script-src 'report-sample' 'nonce-q1IEBrMN139ZMgMXmvStgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 12:09:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B66F 43 KB
22 KB 106ms
106ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

781ebdab601efdb1fe7cfd22c4ff82567557cd4221891bf2974ae6b4e76e8270

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y-a3XhyFDJ5uwSnClvC--g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22810
content-security-policy: script-src 'report-sample' 'nonce-y-a3XhyFDJ5uwSnClvC--g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 12:09:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame 14A0 2 KB
1 KB 122ms
37ms Document
text/html 18.66.147.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2773626.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-116.fra60.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://tgbwidget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2156349
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-cf-id: 8j_yGWv4ckwVm1hUOHBdXVctKQZOqa8lHzQ0uHMclmFcTlixkPm4aw==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame 7E30 2 KB
1 KB 123ms
39ms Document
text/html 18.66.147.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2773626.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-116.fra60.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://tgbwidget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2156349
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-cf-id: pm4dQ4mfSgTZ8UeZdwYROs9nHw-oTWY6Cp99aWG4-CfQtP4NYtSIig==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame ED74 52 KB
24 KB 114ms
38ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ&co=aHR0cHM6Ly90Z2J3aWRnZXQuY29tOjQ0Mw..&hl=de&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=bottomright&cb=yi3nq7wsdrc4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 18:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Dec 2023 18:22:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame ED74 407 KB
163 KB 169ms
92ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 11:24:39 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame B66F 52 KB
24 KB 93ms
42ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 18:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Dec 2023 18:22:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame B66F 407 KB
163 KB 127ms
76ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 11:24:39 GMT

GET
H2 200 260521285 Show response
widget-backend.tgbwidget.com/organization/ Frame 8549 435 B
784 B 208ms
208ms Fetch
application/json 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-backend.tgbwidget.com/organization/260521285?

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

5bb1392fcd7f5bfb29ec59237b2a4b50459f3bd185d6ca89a4f3c4828415ed9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

x-response-time: 79ms
date: Sun, 18 Dec 2022 12:09:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-rate-limit-limit: 10
x-rate-limit-remaining: 7
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-rate-limit-reset: 1671365356
request-id: 90b07d93-89ca-4ae6-a1e4-d229506552a0
content-length: 435
x-xss-protection: 1; mode=block

OPTIONS
H2 204 260521285
widget-backend.tgbwidget.com/organization/ Frame 0
0 167ms
167ms Preflight 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-backend.tgbwidget.com/organization/260521285?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tgbwidget.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Content-Language,Cache-Control
access-control-allow-methods: PUT,GET,POST,DELETE,OPTIONS
access-control-allow-origin: *
date: Sun, 18 Dec 2022 12:09:15 GMT
request-id: 0063ce47-8756-41d6-89c6-aa8d4ae8da55
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 39ms
x-xss-protection: 1; mode=block

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame ED74 2 KB
2 KB 37ms
37ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 232146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 22 Dec 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ED74 15 KB
15 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 85885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:17:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ED74 15 KB
15 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 481676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 22:21:19 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B66F 2 KB
2 KB 37ms
37ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 232146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 22 Dec 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B66F 15 KB
15 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 85885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:17:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B66F 15 KB
15 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 481676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame ED74 102 B
134 B 74ms
74ms Other
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ&co=aHR0cHM6Ly90Z2J3aWRnZXQuY29tOjQ0Mw..&hl=de&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=bottomright&cb=yi3nq7wsdrc4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:15 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B66F 102 B
134 B 74ms
73ms Other
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ&co=aHR0cHM6Ly90Z2J3aWRnZXQuY29tOjQ0Mw..&hl=de&type=image&v=5qcenVbrhOy8zihcc2aHOWD4&theme=light&size=invisible&badge=bottomright&cb=4ht90xbayuk8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:15 GMT

POST
H2 200 / Show response
o449083.ingest.sentry.io/api/5432004/envelope/ Frame 8549 41 B
315 B 189ms
74ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o449083.ingest.sentry.io/api/5432004/envelope/?sentry_key=671f9282b3c446b2855cc4813a8b03bf&sentry_version=7

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c84f7fc0af23e0d42708830ce50332245ee091d2291975dca0a4195f1893ff60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tgbwidget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://tgbwidget.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H2 200 260521285 Show response
widget-backend.tgbwidget.com/organization/ Frame EF2F 435 B
784 B 201ms
201ms Fetch
application/json 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-backend.tgbwidget.com/organization/260521285?

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

7d7e605513e8a33e39f918d733055438225b6fcb5610eb70d9f0e95b225eaf3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

x-response-time: 72ms
date: Sun, 18 Dec 2022 12:09:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-rate-limit-limit: 10
x-rate-limit-remaining: 6
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-rate-limit-reset: 1671365356
request-id: 04501776-c59d-49df-a896-5929c6029b69
content-length: 435
x-xss-protection: 1; mode=block

OPTIONS
H2 204 260521285
widget-backend.tgbwidget.com/organization/ Frame 0
0 176ms
175ms Preflight 3.135.177.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-backend.tgbwidget.com/organization/260521285?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.135.177.109 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-135-177-109.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tgbwidget.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Content-Language,Cache-Control
access-control-allow-methods: PUT,GET,POST,DELETE,OPTIONS
access-control-allow-origin: *
date: Sun, 18 Dec 2022 12:09:15 GMT
request-id: 1ba68a73-5231-4d76-b406-4e639b9316ac
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 47ms
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 22B3 7 KB
1 KB 79ms
78ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13fca43e091c9db2e76de145d7dd3f6ccd31560f7f19995cfd8aa570b46478ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lujCIOMex1BmMUfKZZZJFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1115
content-security-policy: script-src 'report-sample' 'nonce-lujCIOMex1BmMUfKZZZJFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 12:09:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
o449083.ingest.sentry.io/api/5432004/envelope/ Frame EF2F 41 B
142 B 87ms
75ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o449083.ingest.sentry.io/api/5432004/envelope/?sentry_key=671f9282b3c446b2855cc4813a8b03bf&sentry_version=7

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a609239b90627e2fd07110015cc56d3aed58be8601cfc530e12c8a3ecef79bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tgbwidget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 18 Dec 2022 12:09:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://tgbwidget.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 1F9E 7 KB
1 KB 83ms
82ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ebbc1f2bd863a3aea797f4e80e98f28f63ff1065a836307ec0cff47c3ce825ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p7uLVuSa5TB-vz_DS4aG7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1115
content-security-policy: script-src 'report-sample' 'nonce-p7uLVuSa5TB-vz_DS4aG7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Dec 2022 12:09:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 22B3 52 KB
24 KB 38ms
38ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 18:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Dec 2023 18:22:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 22B3 407 KB
163 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 11:24:39 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 1F9E 52 KB
24 KB 37ms
37ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 18:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Dec 2023 18:22:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 1F9E 407 KB
163 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 11:24:39 GMT

GET
H2 200 OrangutanOutreach.jpg
static.tgbwidget.com/ Frame 8549 9 KB
10 KB 216ms
83ms Image
image/jpeg 13.32.110.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tgbwidget.com/OrangutanOutreach.jpg
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-24.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 709e9a3042043f869d2c34556619e0f2b4a679bea5e861567a8f2295c93b6fae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 18:23:20 GMT
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 11:27:27 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 63957
etag: "018e150ce495baf7c6475911aa9b3722"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 9437
x-amz-cf-id: bpIeUIvHApxBCY2DzunG0QGPAH7uhGmcYZoSWnx72y80nFYO1zKyhw==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 22B3 39 KB
23 KB 114ms
114ms XHR
application/json 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f00e5fa34b66d8531a0cbe316d5c41e4e1f373f7002f603dba3bd56abe2a6bf2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 18 Dec 2022 12:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23810
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:16 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 1F9E 39 KB
24 KB 116ms
116ms XHR
application/json 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c71dd426fc573d901c366c70f6a7af4d06cb8113c6d67a5fe971af852e8fcb3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 18 Dec 2022 12:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24277
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:16 GMT

GET
H2 200 OrangutanOutreach.jpg
static.tgbwidget.com/ Frame EF2F 9 KB
10 KB 53ms
53ms Image
image/jpeg 13.32.110.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tgbwidget.com/OrangutanOutreach.jpg
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.d21b3df6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-24.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 709e9a3042043f869d2c34556619e0f2b4a679bea5e861567a8f2295c93b6fae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 18:23:20 GMT
via: 1.1 e41179d785de304a9240d5e97b2e4cbc.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 11:27:27 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
age: 63957
etag: "018e150ce495baf7c6475911aa9b3722"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 9437
x-amz-cf-id: gLgVaudH3VebOL6n7Mb9YJC9o04rCJpO8P5chc5t9ZxWxqnhNmTL8A==

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 22B3 600 B
624 B 47ms
46ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:16:51 GMT
x-content-type-options: nosniff
age: 319945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 21 Dec 2022 19:16:51 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 22B3 530 B
554 B 45ms
43ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 17:23:32 GMT
x-content-type-options: nosniff
age: 153944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 23 Dec 2022 17:23:32 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 22B3 665 B
689 B 46ms
44ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 18:58:22 GMT
x-content-type-options: nosniff
age: 321054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 21 Dec 2022 18:58:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 22B3 15 KB
15 KB 47ms
44ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285&donationFlow=card

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 85886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:17:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 22B3 15 KB
15 KB 47ms
45ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285&donationFlow=card

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:14 GMT
x-content-type-options: nosniff
age: 104702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 07:04:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 22B3 15 KB
15 KB 46ms
44ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285&donationFlow=card

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 481677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 22:21:19 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 22B3 37 KB
37 KB 74ms
74ms Image
image/jpeg 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AD1IbLBgWdH2gYGSKzeDZ3e0MeFD1bkrRjqU1gB90BaUpiqzcV2X8zfQl25zfTxxoY9YgYTh_uLTb_GtH5BzWFKydVaHQaqSM5sdk5nCPueCG5sWSJje-Zb7PrGUCYqd6xXwCGKZROB8Yspv5MrHlu4ZN8MNPUo1xKpCYurIRozW7Mm_UfpO35CtjMVVqm91hr3hG8oK5wgKF-2RNaYHhIpPfdCosLvcHg&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285&donationFlow=card

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

029799702adf3035c9727200d3f0610e73e0a6d591b7a13c30d46d8ef1db7234

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:16 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38158
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:16 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1F9E 600 B
624 B 37ms
37ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:16:51 GMT
x-content-type-options: nosniff
age: 319945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 21 Dec 2022 19:16:51 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1F9E 530 B
554 B 38ms
37ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 17:23:32 GMT
x-content-type-options: nosniff
age: 153944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 23 Dec 2022 17:23:32 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1F9E 665 B
689 B 38ms
37ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 18:58:22 GMT
x-content-type-options: nosniff
age: 321054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 21 Dec 2022 18:58:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1F9E 15 KB
15 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 85886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:17:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1F9E 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 07:04:14 GMT
x-content-type-options: nosniff
age: 104702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 07:04:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1F9E 15 KB
15 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 481677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 22:21:19 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 1F9E 16 KB
16 KB 83ms
82ms Image
image/jpeg 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AD1IbLAG8MTzu7DC_ZYGMfdTI_C2--KiJH9UlIZjH6T1NOfA1q8O1zn2L6NmsoApBah4JDMD3mkK26ubIu-aSzHrtZ9d4NKnJRtjFtyL0Rxlb36HmtCl5Xk45YyOhhvbPGfy12ZbgmJrHxCvI5ZzgjncntpPgW0t7LYLt7lqpitQdl9FsOXcusk2IeiYKhUEFPd_dX2fPFsiEikkcDTJZGrWZyXZDM2UkA&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=260521285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d8b50a6180bb5c144b0b3dd252f6a305cd1145883e7f99c652130c9ca7d11719

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 12:09:16 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16218
x-xss-protection: 1; mode=block
expires: Sun, 18 Dec 2022 12:09:16 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 12:35:17	Name: _GRECAPTCHA Value: 09AGDUI8DaVc1ROjHUKspsxZI17J7MJa0y_vH2kWu2XQveMpic2-G3ubT_Obzywunz92UDcaTeq13K1m50yzGC0Ew
.redapes.org/	1970-01-20 08:17:31	Name: _gid Value: GA1.2.1347829672.1671365353
.redapes.org/	1970-01-20 08:16:05	Name: _gat Value: 1
.redapes.org/	1970-01-20 17:52:05	Name: _ga_EREZ71WMDH Value: GS1.1.1671365353.1.0.1671365353.0.0.0
.redapes.org/	1970-01-20 17:52:05	Name: _ga Value: GA1.1.1803861180.1671365353
.paypal.com/	1970-01-20 17:52:05	Name: ts Value: vreXpYrS%3D1766059753%26vteXpYrS%3D1671367153%26vr%3D25235eb81850a2d00816772cfef2b1d7%26vt%3D25235eb81850a2d00816772cfef2b1d6%26vtyp%3Dnew
.paypal.com/	1970-01-20 17:52:05	Name: ts_c Value: vr%3D25235eb81850a2d00816772cfef2b1d7%26vt%3D25235eb81850a2d00816772cfef2b1d6
.doubleclick.net/	1970-01-20 08:16:06	Name: test_cookie Value: CheckForPermission
.t.co/	1970-01-20 17:52:05	Name: muc_ads Value: 26f20967-9d17-4686-8051-4b987df79eb4
.twitter.com/	1970-01-20 17:52:05	Name: personalization_id Value: "v1_bF6n3b8w9ei3Dvgg0H9VXw=="
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 08:59:17	Name: UserMatchHistory Value: AQITEJFyW-7B3QAAAYUlI2dXOlVwvy8_AnOIj7l2VxU_6duhXMaPF44Jqv0b5LhqCHUvF-OUen1cyg
.linkedin.com/	1970-01-20 08:59:17	Name: AnalyticsSyncHistory Value: AQLhLAFIu9gvOgAAAYUlI2dXPCleiWyJ9Y8Bww5vj3TLkfmve5i5d9izM7iVwJZ4BNCiy0mrpZCdQTPFygQvTw
.linkedin.com/	1970-01-20 17:01:41	Name: bcookie Value: "v=2&c14505fa-d9c3-4fbe-8d8c-e42597675047"
.linkedin.com/	1970-01-20 08:17:31	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2648:u=1:x=1:i=1671365355:t=1671451755:v=2:sig=AQF_sDVm9vju4eykLKxWzAGtIS4rJx19"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:01:41	Name: bscookie Value: "v=1&20221218120915624077ae-82ae-4c32-860c-a70a7c967b3eAQFurcDPMDp-jknBOyD34iftVk3brJF5"
.linkedin.com/	1970-01-20 12:35:17	Name: li_gc Value: MTswOzE2NzEzNjUzNTU7MjswMjFDnKGVXLYAQrTtd+rN8SIanDaYEcwv0iHlh9I/xSa68Q==

39 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://redapes.org').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.twitter.com
api.duckduckgo.com
cdn.linkedin.oribi.io
connect.facebook.net
d1ev1rt26nhnwq.cloudfront.net
dnpl.bgenerous.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
o449083.ingest.sentry.io
px.ads.linkedin.com
px4.ads.linkedin.com
redapes.org
region1.google-analytics.com
s3.amazonaws.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
static.tgbwidget.com
t.co
tgbwidget.com
vars.hotjar.com
widget-backend.tgbwidget.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.paypal.com
www.paypalobjects.com
www.redditstatic.com
104.244.42.131
104.244.42.133
13.107.42.14
13.32.110.24
13.32.110.73
151.101.1.21
151.101.193.140
157.230.73.179
18.66.147.116
18.66.97.10
192.229.221.25
199.232.16.157
2001:4860:4802:34::36
2600:9000:2304:f800:2:53b2:240:93a1
2606:4700::6812:acf
2620:1ec:21::14
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2002
2a00:1450:400d:808::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80e::200e
2a02:26f0:11a::6867:4832
2a03:2880:f007:8:face:b00c:0:1
2a04:4e42:600::396
3.135.177.109
34.120.195.249
40.114.177.156
52.217.104.94
99.86.240.37
99.86.247.143
0077fc57b878e3a8f8640b188901e628c6045033ed15ef7859d0a866c3ee52b1
029799702adf3035c9727200d3f0610e73e0a6d591b7a13c30d46d8ef1db7234
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
033e0749f8158d222c10ec42a544afb64e164468b3343b87dbbd6717e380b7d7
0408ac2c3d878bcd112b5139ba73fe5bbd64ae17efa39c75d39258cb036e1411
04313b6b0285b9d83023f33e3a606c603b91cfc57ad400436ccb4570c1098bcf
05e7e30ae2cb563135b879924a0d85a8476414ff43299e58089f895bc6e69047
094e00b708e00a1de8c8fe1c172a1319792657720d8cc18a96232f7f2e862036
0f67fb79c43353e95dc5eaf63fa0aaf08a0861d1b3cdac147dce570f358210c3
122555c03065b07b4d64d57ca9f3b6f242d0c0912b38b118a9aa9906b53e0b56
1323834ee219528c33b3b553da57488fbc0fdfbe838bc8fee341529f7f7e6877
13fca43e091c9db2e76de145d7dd3f6ccd31560f7f19995cfd8aa570b46478ad
13fea13d5143726aa8694f984e591dec69cf21c60a95cce09ff308b4269023d9
1522003bdab0da4dbaa87da4498c01ec852bd2460c2082dae93f70623bb6eda8
18952865dbf129feb79fbdb05fcb8a6a2c5981343209925dc097de246322d5ef
1a87b303f6f4821c83c3bc86373df42db93ec20c0af064ff52e6932777e3540f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32af1a95566d6bf4eff00bb7ca5ca1b030da03a46e38e6ee4eab9da58875f3b6
33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256
35b980519fa1e97adf6543969e336b33d28347bd26d87926865510ac4ff150d1
37e10aaf9bceecaa57ac0b06e2b44bce06ac12e4b066d4985f46deb96c329b2c
3b2fb41bf9df4bd85f55ff1ba9ad96b07c5983e6dfdcae241896470593eed98d
3bbc25830288f8e84e78cdadb7dd2fa18a5899e456e62cf5116bc8f6f508a325
3c71dd426fc573d901c366c70f6a7af4d06cb8113c6d67a5fe971af852e8fcb3
3d51e9d965c98e073d86fc4c9cff3b118c0fcadc9bb56a7509001b839ce0c71e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
47d9dda43b555ce77b567e701dcc222e911c4c0ece866450047b74f8e747b3d7
4976158c0f29953fe1f2dfd3c7d7cebb56de7fa39bff4c63bdf5939a185ffa41
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b
4de96f2c9c51fdecccc6f78fae45cd32892ec297f08cead16e7184c495198042
4e4d21081159105f95278aaef548ae6c0b8d8761b5443c8294aea005a37ca97b
4f8a6fa77f789e675740f6e7d8410a4688dcd0f031df5bba440a24ea4b2b8fe0
53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57e232d1b27a6d6be9f30df89f5b2c7e2b4e9ab2c0c851e7a748fe1a9d37b966
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bb1392fcd7f5bfb29ec59237b2a4b50459f3bd185d6ca89a4f3c4828415ed9a
647f014d36822ef7e0413ffbb65598ae0cb57fb798e635c63912c93d94eb356a
707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a
709e9a3042043f869d2c34556619e0f2b4a679bea5e861567a8f2295c93b6fae
72b8cbc631b5576f035a0095ae978a368e6e7ee14d41a9f440e47fcf897a2058
75a727f0c950afca7a0ba0120eca849982cf36272abfcace4f4294b7959a9790
75d9f05cecfea321aad3f347cdc20dca64d4d61c2e1dd1e668d8be9eb409f82a
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
781ebdab601efdb1fe7cfd22c4ff82567557cd4221891bf2974ae6b4e76e8270
783f88cc99aa644c7ca0af0bd9aa0e2252edf02a108abefc35de68dbc10629f4
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b30cf083849f00aa25dee922477fb1fb7494e485da4c96d6dbc402006304ef0
7d7e605513e8a33e39f918d733055438225b6fcb5610eb70d9f0e95b225eaf3e
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e79e2d9312e920ecb9cd45bd47540f025e30f7c95b1fdbcd9e03fbb8f10b617
887ce1b3d1028654e6199929b7462012a04e3e8c2dd88eaab4607e607ffa4c0a
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
8d909883de81344e0fbcfef30e931872e92d9aeecdf85b6dcf6e0b28c078e98e
9197fd92a33219d62814c38de1637a18cf1052d52f337ad4e780a5fa224f805f
95059e51f5a108265de5cab0ccd85f163e55a59511afc42316934aa917fb5286
955c8d51f75a512e1dc235dab020337aad5da99aa8649b4ca8f1a0b996d281d0
9729e68478ecb2827bef8da778dc66c039fc1ae98393b886af959515370d38aa
97c3334a1c9b3ca6dba8eb56ad2eeb7cd353abdf423afc07838d7d5db05a237a
9b5c37c80ccd103c8075d88ed542ac53ac2ad2f84ad000626d8ea8c6094f063a
9b88f620688228fe83d5cfd2c327325267f5130868b6d8fd6768d86fedf3a7fc
9c5993933707bbb7cc37ba93866aea5aebade9a741ef318ba469a093391df8cb
a02022ca7bbafdf6ba6bd74d58f8b91196413234e3fd06c27c2cbb4710709c77
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1a62c6c9272a7616facba3b10b689902fc3091924d321fbe8d750e70ea4101a
a2c97966993bbfb7dc07eadfd6767d63ba7aefc3481cd73a733d4290a2154931
a35099a3bb02004cc2d2894e54663c8dcd06ea7d0a1be23f69f46ea4f0d27028
a609239b90627e2fd07110015cc56d3aed58be8601cfc530e12c8a3ecef79bdc
a610fa4a574223c2842a63f8b54bb13180e9331a2d1b855b27b12213dd37221f
a9e5316c8b96f9b7e521e0bfcb86792111f09e8e3556c9b9ba85a7ba79f6ff24
ac7c8938804ed63ff9eff159b2ce006b37c76a18af0d801e1fb973e3427855f7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf248fe0795120ec1119705b4fde86c6d8a52a71988bfbd34e40194b11df933
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c0c09e22c8babd35ee7a264de88b25f0b107142f354b345fea55de331625d472
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c84f7fc0af23e0d42708830ce50332245ee091d2291975dca0a4195f1893ff60
c8bf0b7b39503f5e6d0fa650041146a0e6c03ec60b5717c45482f768ec4c2961
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d10ae989a4210199a0bb0cbe200a7c13cd6e89100b6995cf448964abc3b7ec6f
d3fabe6803882d75252028bde8db65f11732d535febf3cdd409cb7b7563b5299
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
d8b50a6180bb5c144b0b3dd252f6a305cd1145883e7f99c652130c9ca7d11719
da2ba5fcae94c877d856275972eefc605000c5c19c45c61e02b592083ccea2c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
eb3666c237dfc004679d0009a45702814420164d6248978309842dfdf6fcda23
eb6adfdd1b81b35ec1f580fe2775872138aba7690929d97b2773b3cdab8aedf1
ebbc1f2bd863a3aea797f4e80e98f28f63ff1065a836307ec0cff47c3ce825ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00e5fa34b66d8531a0cbe316d5c41e4e1f373f7002f603dba3bd56abe2a6bf2
f04cf177a61fae5326e8860f42099ed3b7a340a9c8424fc995b99c7cbf18a138
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
f236b73779a0ec411a9dc85e59c8a13e34d437f3ccb8e034d20635a7185b2edd
f327351dad9a78df6d2ca5dd9faf919de74f00efacdaedc4a6c8046f77c58035
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f991e5aa2c5aa46c23c0ccb985c352139e6637aa6fd03b26e3b08d8b4572c2df
fa55c55d49c3d3eb4a247f4a7cdd4f082da357f85c7f8fbe88ef918f722b412e
fda98e5e3e388026c10e32ab4ab42226c58d469bb8c7fe339ca9043ebcbbc8ad
fdaa2e999b369973f2a1e961b2200a12d554543b9d9b65f736110ed4e789820d
febed89c1405e0ff8e6cf6cd0cf319f6e7307ff8380cd98380d6e94d3cee6207
ffd2b47ceaea69679ad831fc8e470dde7f5b2b86c69c3802ef3f15c5a9040ba3

redapes.org Open in urlscan Pro 157.230.73.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

187 Requests

98 %HTTPS

45 %IPv6

27 Domains

35 Subdomains

32 IPs

5 Countries

6224 kBTransfer

13489 kBSize

18 Cookies

20 Outgoing links

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

redapes.org Open in urlscan Pro
157.230.73.179 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

98 %
HTTPS

45 %
IPv6

27
Domains

35
Subdomains

32
IPs

5
Countries

6224 kB
Transfer

13489 kB
Size

18
Cookies

187 HTTP transactions
2 data transactions