urlscan.io logo urlscan.io
SecurityTrails logo

mybooster.com Open in urlscan Pro
3.220.224.31  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mybooster.com/a/s/29R0bfRA/
Effective URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponso...
Submission: On October 06 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 2 countries across 19 domains to perform 70 HTTP transactions. The main IP is 3.220.224.31, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is mybooster.com.
TLS certificate: Issued by Amazon on April 1st 2021. Valid for: a year.
This is the only time mybooster.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 3.220.224.31 14618 (AMAZON-AES)
2 142.250.74.200 15169 (GOOGLE)
5 52.216.80.120 16509 (AMAZON-02)
3 8 13.225.87.71 16509 (AMAZON-02)
12 151.101.66.114 54113 (FASTLY)
3 142.250.185.174 15169 (GOOGLE)
2 172.217.18.106 15169 (GOOGLE)
1 13.225.87.41 16509 (AMAZON-02)
1 13.225.87.76 16509 (AMAZON-02)
2 31.13.92.14 32934 (FACEBOOK)
4 142.250.185.195 15169 (GOOGLE)
1 13.224.193.122 16509 (AMAZON-02)
2 31.13.92.36 32934 (FACEBOOK)
8 151.101.3.9 54113 (FASTLY)
2 18.213.74.216 14618 (AMAZON-AES)
1 13.224.193.12 16509 (AMAZON-02)
4 34.231.131.1 14618 (AMAZON-AES)
1 13.225.87.110 16509 (AMAZON-02)
1 13.224.193.123 16509 (AMAZON-02)
1 173.194.76.154 15169 (GOOGLE)
1 142.250.185.68 15169 (GOOGLE)
1 142.250.184.227 15169 (GOOGLE)
2 52.20.27.10 ()
70 24
9    3.220.224.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-224-31.compute-1.amazonaws.com
mybooster.com
2    142.250.74.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net
www.googletagmanager.com
5    52.216.80.120 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
funrun-prod.s3.amazonaws.com
8    13.225.87.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-71.fra2.r.cloudfront.net
content.jwplatform.com
12    151.101.66.114 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
ssl.p.jwpcdn.com
prd.jwpltx.com
videos-fms.jwpsrv.com
3    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
www.google-analytics.com
2    172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f10.1e100.net
fonts.googleapis.com
1    13.225.87.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-41.fra2.r.cloudfront.net
cdn.heapanalytics.com
1    13.225.87.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-76.fra2.r.cloudfront.net
static.hotjar.com
2    31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net
connect.facebook.net
4    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
www.gstatic.com
1    13.224.193.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-122.fra2.r.cloudfront.net
script.hotjar.com
2    31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com
www.facebook.com
8    151.101.3.9 (United States)

ASN54113 (FASTLY, US)
sdk.split.io
2    18.213.74.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-74-216.compute-1.amazonaws.com
auth.split.io
1    13.224.193.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-12.fra2.r.cloudfront.net
vars.hotjar.com
4    34.231.131.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-131-1.compute-1.amazonaws.com
heapanalytics.com
1    13.225.87.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-110.fra2.r.cloudfront.net
vc.hotjar.io
1    13.224.193.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-123.fra2.r.cloudfront.net
streaming.split.io
1    173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net
stats.g.doubleclick.net
1    142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net
www.google.com
1    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
www.google.de
2    52.20.27.10 (None, )

ASN- ()
events.split.io
Domain Requested by
9 mybooster.com 2 redirects mybooster.com
8 sdk.split.io mybooster.com
8 content.jwplatform.com 3 redirects mybooster.com
content.jwplatform.com
ssl.p.jwpcdn.com
5 ssl.p.jwpcdn.com content.jwplatform.com
5 funrun-prod.s3.amazonaws.com mybooster.com
4 heapanalytics.com mybooster.com
3 videos-fms.jwpsrv.com ssl.p.jwpcdn.com
3 www.gstatic.com content.jwplatform.com
www.gstatic.com
3 www.google-analytics.com mybooster.com
www.google-analytics.com
3 assets-jpcust.jwpsrv.com mybooster.com
2 events.split.io mybooster.com
2 auth.split.io mybooster.com
2 www.facebook.com connect.facebook.net
2 connect.facebook.net mybooster.com
connect.facebook.net
2 fonts.googleapis.com mybooster.com
2 www.googletagmanager.com mybooster.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 prd.jwpltx.com
1 streaming.split.io mybooster.com
1 vc.hotjar.io script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.hotjar.com mybooster.com
1 cdn.heapanalytics.com mybooster.com
70 27
Subject Issuer Validity Valid
*.mybooster.com
Amazon		 2021-04-01 -
2022-04-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-20 -
2022-05-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
cdn.heapanalytics.com
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
jwplayer.com
Amazon		 2021-01-29 -
2022-02-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.split.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
heapanalytics.com
Amazon		 2020-12-24 -
2022-01-22		 a year crt.sh
*.hotjar.io
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh
streaming.split.io
Amazon		 2021-04-06 -
2022-05-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 5 frames:

Primary Page: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Frame ID: F4BE7077F69874E668B2EF0FFA2DCD2B
Requests: 42 HTTP requests in this frame

Frame: https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
Frame ID: 16FEC3D161A00ED7C8F24DEB2F4A4E98
Requests: 1 HTTP requests in this frame

Frame: https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
Frame ID: 5375C93AD180F1CD90E73F817CF4D2CB
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=1056623917722217&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26e1acf859043%26domain%3Dmybooster.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmybooster.com%252Ff178a25b0c5bdd4%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2FBoosterthon&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Frame ID: DF61EFB70459C74CF9083D56C650F6B5
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 3E4967BC50970ECBD578C550CBE5F99C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Burnette Pride Run

Page URL History Show full URLs

  1. https://mybooster.com/a/s/29R0bfRA/ HTTP 302
    https://mybooster.com/v3/dash/29R0bfRA HTTP 302
    https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtag/js
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

70
Requests

99 %
HTTPS

0 %
IPv6

19
Domains

27
Subdomains

24
IPs

2
Countries

1597 kB
Transfer

3759 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mybooster.com/a/s/29R0bfRA/ HTTP 302
    https://mybooster.com/v3/dash/29R0bfRA HTTP 302
    https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://content.jwplatform.com/thumbs/o7fjuzVm-320.jpg HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/otvw1xpv-320.jpg
Request Chain 46
  • https://content.jwplatform.com/strips/o7fjuzVm-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/o7fjuzVm-120.vtt
Request Chain 50
  • https://content.jwplatform.com/v2/media/o7fjuzVm/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/otvw1xpv-720.jpg

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 29R0bfRA
mybooster.com/v3/dash/
Redirect Chain
  • https://mybooster.com/a/s/29R0bfRA/
  • https://mybooster.com/v3/dash/29R0bfRA
  • https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
55 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.224.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-224-31.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
d3bb1e33c59307df21d98f619531ceea674f9e3f71eaf611ec77d7939629a551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mybooster.com
:scheme
https
:path
/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
csrfer_ckie=65210e94de7be4afdce1a1ba2aabe30b; ci_session=dkhqq6hie003aakepr9g4npudukiae4u; XSRF-TOKEN=eyJpdiI6ImJoTDU3YlwvcFU5Y3Vudm9iSGJUS1RnPT0iLCJ2YWx1ZSI6IlA0SzZ1b1djbCtlRFRFYWxYcVI3UWRET1dPcVc2d2YxSmYzOFFiQmh5TmdpbVlTcGg4N09GdjRvNGpwMVlwa1YiLCJtYWMiOiI1N2JjODlhNDk0MDdkOThjODMyNTg2ZDg2Y2YzYzFjZDFiZTkxMGYwOWQ4ZGE0MzA3ZmM3NDhkZmViZWZmNzMxIn0%3D; titan_session=eyJpdiI6IlplcmdTSXU4Vzl1SkJsMTFXT2NkdWc9PSIsInZhbHVlIjoiUmFWdFNFK1RhTDFHR0RGS1RTWTY4enNweHhVank5bjhjYVg1K2xUMDl2aWxRek5BSWdrR25pd1VrRGFnNU5uRCIsIm1hYyI6ImNhMDA1N2ViMjJlOWM0YTA2NWYzNWZjNjJiZmMwMGM3OWViZjA1MDI1NDY0OWJjOGJlYjRlZTEzOTBjOWQ5NGQifQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 06 Oct 2021 00:19:39 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.19.0
vary
Accept-Encoding
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlhHdFVmaUZNM3E3SEhvU2pIem1VS1E9PSIsInZhbHVlIjoiekZYY29PN1FvOUl6eVNKcjJCN0NuZ3ZpN1IxQUlNSUp3UHlVSFFvMHlzTUJaTldWaElXcjl0dTdTdWZcL2NQY0YiLCJtYWMiOiJhMGM3Y2RhMmNkZjAxZTZhNzQxNTRlZTBkMmMxNWYzOWE1M2VjM2MzYzgzMmY2Zjc0ZjkwNGM3NmE2YWIzZjU1In0%3D; expires=Wed, 06-Oct-2021 02:19:39 GMT; Max-Age=7200; path=/; domain=.mybooster.com; secure titan_session=eyJpdiI6IndkWDZSNlQrRVU5bDZ6SDQyMGJ6Z1E9PSIsInZhbHVlIjoiN1wvaGxMTk92V1ZMUUlicERDSlRaRmEyNElNT1ZjaFQyRzVqNVwvMDYwNFIzR09VRHh1WDdHOEpFQUtPMEdFNmhrIiwibWFjIjoiOGYyYjRmM2RjMzU0ODA4MjA3MmU4ODczYjVjMTA3ZTNlNDM0YmUxYTQzYTJjOTZmY2JmYjM0OTdjODEwMzk4YiJ9; expires=Wed, 06-Oct-2021 02:19:39 GMT; Max-Age=7200; path=/; domain=.mybooster.com; secure; httponly ref_code=dbd4746df440da548851a8a835d389938b95c6e2; path=/; domain=.mybooster.com; secure; httponly
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip

Redirect headers

date
Wed, 06 Oct 2021 00:19:38 GMT
content-type
text/html; charset=UTF-8
location
https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
server
nginx/1.19.0
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImJoTDU3YlwvcFU5Y3Vudm9iSGJUS1RnPT0iLCJ2YWx1ZSI6IlA0SzZ1b1djbCtlRFRFYWxYcVI3UWRET1dPcVc2d2YxSmYzOFFiQmh5TmdpbVlTcGg4N09GdjRvNGpwMVlwa1YiLCJtYWMiOiI1N2JjODlhNDk0MDdkOThjODMyNTg2ZDg2Y2YzYzFjZDFiZTkxMGYwOWQ4ZGE0MzA3ZmM3NDhkZmViZWZmNzMxIn0%3D; expires=Wed, 06-Oct-2021 02:19:38 GMT; Max-Age=7200; path=/; domain=.mybooster.com; secure titan_session=eyJpdiI6IlplcmdTSXU4Vzl1SkJsMTFXT2NkdWc9PSIsInZhbHVlIjoiUmFWdFNFK1RhTDFHR0RGS1RTWTY4enNweHhVank5bjhjYVg1K2xUMDl2aWxRek5BSWdrR25pd1VrRGFnNU5uRCIsIm1hYyI6ImNhMDA1N2ViMjJlOWM0YTA2NWYzNWZjNjJiZmMwMGM3OWViZjA1MDI1NDY0OWJjOGJlYjRlZTEzOTBjOWQ5NGQifQ%3D%3D; expires=Wed, 06-Oct-2021 02:19:38 GMT; Max-Age=7200; path=/; domain=.mybooster.com; secure; httponly
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block
app.css
mybooster.com/v3-assets/public/css/ 		195 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mybooster.com/v3-assets/public/css/app.css?id=12dbd6ff3b43d3b27969
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.224.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-224-31.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
d16865daf8d5ec0f4c3ab4944892cbf7578ab547c384dca819e8a73560daf3e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/v3-assets/public/css/app.css?id=12dbd6ff3b43d3b27969
pragma
no-cache
cookie
csrfer_ckie=65210e94de7be4afdce1a1ba2aabe30b; ci_session=dkhqq6hie003aakepr9g4npudukiae4u; XSRF-TOKEN=eyJpdiI6IlhHdFVmaUZNM3E3SEhvU2pIem1VS1E9PSIsInZhbHVlIjoiekZYY29PN1FvOUl6eVNKcjJCN0NuZ3ZpN1IxQUlNSUp3UHlVSFFvMHlzTUJaTldWaElXcjl0dTdTdWZcL2NQY0YiLCJtYWMiOiJhMGM3Y2RhMmNkZjAxZTZhNzQxNTRlZTBkMmMxNWYzOWE1M2VjM2MzYzgzMmY2Zjc0ZjkwNGM3NmE2YWIzZjU1In0%3D; titan_session=eyJpdiI6IndkWDZSNlQrRVU5bDZ6SDQyMGJ6Z1E9PSIsInZhbHVlIjoiN1wvaGxMTk92V1ZMUUlicERDSlRaRmEyNElNT1ZjaFQyRzVqNVwvMDYwNFIzR09VRHh1WDdHOEpFQUtPMEdFNmhrIiwibWFjIjoiOGYyYjRmM2RjMzU0ODA4MjA3MmU4ODczYjVjMTA3ZTNlNDM0YmUxYTQzYTJjOTZmY2JmYjM0OTdjODEwMzk4YiJ9; ref_code=dbd4746df440da548851a8a835d389938b95c6e2
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mybooster.com
referer
https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Sep 2021 14:16:19 GMT
server
nginx/1.19.0
etag
W/"6155c6b3-30cad"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1209600
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
expires
Wed, 20 Oct 2021 00:19:39 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-18391724-4
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7af810da2d98bf8c867153f1beee621fb65691735688b739e3f1f5fa42fa1734
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38984
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 06 Oct 2021 00:19:39 GMT
016ec2081b0ea2d7985b93579f2b3a90.png
funrun-prod.s3.amazonaws.com/program_logos/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funrun-prod.s3.amazonaws.com/program_logos/016ec2081b0ea2d7985b93579f2b3a90.png
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.80.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
fd1cf1295404c5a7d72371d8f60d1622179b736277116f8a18e01e71b687c2a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 00:19:40 GMT
Last-Modified
Wed, 01 Sep 2021 14:57:54 GMT
Server
AmazonS3
x-amz-request-id
3742NP0M92AQHP02
ETag
"82863759dcfb8d9d87706bb8ed5138c4"
x-amz-version-id
OG0dv5yMGv5BdyheJbBlS0PzMUWNBqyS
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
binary/octet-stream
Content-Length
71937
x-amz-id-2
kmWsM+wS2zjawH3KeQbECjQsCKhfPOvu3yeqv1J/I84ZrPsA0Yw69nEqOet2wGwY4IirMKc1ynU=
21695318_1632875126.jpg
funrun-prod.s3.amazonaws.com/user_profile_images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funrun-prod.s3.amazonaws.com/user_profile_images/21695318_1632875126.jpg
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.80.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b7309eb2f1b162da5bcf04b0689ba57fba93144320d816e9be534bca2c59d05b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 00:19:40 GMT
Last-Modified
Wed, 29 Sep 2021 00:25:27 GMT
Server
AmazonS3
x-amz-request-id
374D09SQ3E8SJTQH
ETag
"0b72315921e32fc97fc95a9e4830f5a1"
x-amz-version-id
18bikiKBoNuKA8z0FRzDbeeJL77ZBEar
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
39934
x-amz-id-2
GLFKrR3qNHhNDjqyo0lwABumD03iIBwKULWvCnvxEgA/K/r3xufISDjcMFhdbzzWQFth2xW/N0w=
otvw1xpv-320.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://content.jwplatform.com/thumbs/o7fjuzVm-320.jpg
  • https://assets-jpcust.jwpsrv.com/thumbnails/otvw1xpv-320.jpg
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/otvw1xpv-320.jpg
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6731c39ea46a2cc377df867d6de2b05511dc6ba907c6de4a996530aae1926f88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:39 GMT
content-encoding
gzip
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS
content-length
14119
x-served-by
cache-bwi5155-BWI, cache-hhn4071-HHN
access-control-allow-origin
*
last-modified
Wed, 29 Sep 2021 00:48:47 GMT
server
nginx
x-timer
S1633479580.836544,VS0,VE129
etag
"52d21e0081c778947a65517a3d51f39d"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
0, 0

Redirect headers

date
Wed, 06 Oct 2021 00:19:39 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA2-C2
location
https://assets-jpcust.jwpsrv.com/thumbnails/otvw1xpv-320.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-edge-origin-shield-skipped
0
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
psGhRxJHlZckhqPZ4grZRWHTrXzCYtMr0gNmCB2XoXGG_mdgTPZDRg==
4e8442dfc43ddc2cf2e45a8caf5a3744.png
funrun-prod.s3.amazonaws.com/microsites/ 		183 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funrun-prod.s3.amazonaws.com/microsites/4e8442dfc43ddc2cf2e45a8caf5a3744.png
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.80.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
98b5b9842ad1cc7cac10b87f24e4643dc7e445f345d2b6bfb4c2608bd9822c5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 00:19:40 GMT
Last-Modified
Thu, 02 Sep 2021 20:37:55 GMT
Server
AmazonS3
x-amz-request-id
3748GCJ8ANFN15ET
ETag
"3c23369dcf7780d3e921d1bfae1e2934"
x-amz-version-id
JCyXb.JX5vyxLyiNmx_5ziKyyzu87c3W
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
binary/octet-stream
Content-Length
187134
x-amz-id-2
r4pfvZGK1Dzx/hRjrtN78ET0Tu4Uio4KAWDK0tvmREogOXd/itbB/ixXJ5AJfwE1WCtj0YeVbqw=
829db399567b987e7fbd8e99a4dc4d99.jpeg
funrun-prod.s3.amazonaws.com/microsites/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funrun-prod.s3.amazonaws.com/microsites/829db399567b987e7fbd8e99a4dc4d99.jpeg
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.80.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
28fa41d085591cf4cad5171a7882be27ccfaee61d25e36a466c1f966bec49107

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 00:19:40 GMT
Last-Modified
Thu, 09 Sep 2021 20:50:36 GMT
Server
AmazonS3
x-amz-request-id
3746JGW1WX5X90W0
ETag
"9c356379642c694445916b736e845fdc"
x-amz-version-id
mWpW5uH2755oEhJkdoxrqc8VCKIbEAyV
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
binary/octet-stream
Content-Length
20584
x-amz-id-2
gshVmldu9K1ZH3Z8CpFiHN9MCjzpCxquT/yni08usgjAD3mrcNszxPqOVx7vMR3b9ETm/pJcLgo=
10a56b65381ab9a765aaa22514a61322.jpeg
funrun-prod.s3.amazonaws.com/microsites/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://funrun-prod.s3.amazonaws.com/microsites/10a56b65381ab9a765aaa22514a61322.jpeg
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.80.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
fed28c43d888467e8fd5222953d2f07ba6a0061eddea914c81e0aca1ad35af2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 06 Oct 2021 00:19:40 GMT
Last-Modified
Thu, 09 Sep 2021 20:53:25 GMT
Server
AmazonS3
x-amz-request-id
3742V9GEKZY61BKW
ETag
"ce2f2bf6bcff840be1cc6a8154f19333"
x-amz-version-id
QZlhmNPlUuXKHxvfHiCHaY4MvxFJqgsf
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
binary/octet-stream
Content-Length
43685
x-amz-id-2
F1UgBy6QFWSKuGbIvo/tCGh3Jf4lklDBu2ve1E2UBy2ufjF90QNV46PFuc+vjpOfaTBL3F+NAtk=
app.js
mybooster.com/v3-assets/public/js/ 		589 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mybooster.com/v3-assets/public/js/app.js?id=47749afe9c47bd4a62b3
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.224.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-224-31.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
a2e66952d3452502875eb5549732a89aa87967249e4ac164632a29520285a774
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/v3-assets/public/js/app.js?id=47749afe9c47bd4a62b3
pragma
no-cache
cookie
csrfer_ckie=65210e94de7be4afdce1a1ba2aabe30b; ci_session=dkhqq6hie003aakepr9g4npudukiae4u; XSRF-TOKEN=eyJpdiI6IlhHdFVmaUZNM3E3SEhvU2pIem1VS1E9PSIsInZhbHVlIjoiekZYY29PN1FvOUl6eVNKcjJCN0NuZ3ZpN1IxQUlNSUp3UHlVSFFvMHlzTUJaTldWaElXcjl0dTdTdWZcL2NQY0YiLCJtYWMiOiJhMGM3Y2RhMmNkZjAxZTZhNzQxNTRlZTBkMmMxNWYzOWE1M2VjM2MzYzgzMmY2Zjc0ZjkwNGM3NmE2YWIzZjU1In0%3D; titan_session=eyJpdiI6IndkWDZSNlQrRVU5bDZ6SDQyMGJ6Z1E9PSIsInZhbHVlIjoiN1wvaGxMTk92V1ZMUUlicERDSlRaRmEyNElNT1ZjaFQyRzVqNVwvMDYwNFIzR09VRHh1WDdHOEpFQUtPMEdFNmhrIiwibWFjIjoiOGYyYjRmM2RjMzU0ODA4MjA3MmU4ODczYjVjMTA3ZTNlNDM0YmUxYTQzYTJjOTZmY2JmYjM0OTdjODEwMzk4YiJ9; ref_code=dbd4746df440da548851a8a835d389938b95c6e2
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mybooster.com
referer
https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Sep 2021 14:16:20 GMT
server
nginx/1.19.0
etag
W/"6155c6b4-93255"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1209600
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
expires
Wed, 20 Oct 2021 00:19:39 GMT
gtm.js
www.googletagmanager.com/ 		127 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K6MGXPQ
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b0824a6e438ede545cadcc14c8f7517721a70130f03aa705125eb243d38d2025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46837
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 06 Oct 2021 00:19:39 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5562
date
Tue, 05 Oct 2021 22:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 06 Oct 2021 00:46:57 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/css/app.css?id=12dbd6ff3b43d3b27969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
ESF /
Resource Hash
89217528ff779a9d3836efde9904ba13979c9cd01666796dabbb1ba533b1126a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 22:39:50 GMT
server
ESF
date
Wed, 06 Oct 2021 00:19:39 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 06 Oct 2021 00:19:39 GMT
css
fonts.googleapis.com/ 		5 KB
646 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,600
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/css/app.css?id=12dbd6ff3b43d3b27969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
ESF /
Resource Hash
c790a6188551550a1397e109c897001131058aeeb303f21bcf4692fbee3055c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 22:33:32 GMT
server
ESF
date
Wed, 06 Oct 2021 00:19:39 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 06 Oct 2021 00:19:39 GMT
heap-1943480710.js
cdn.heapanalytics.com/js/ 		104 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-1943480710.js
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-41.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e6a34b10956f9d448fa308e0e87ba7cb9c33a73620904a539c43cda7cc7cdb06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:32 GMT
content-encoding
gzip
server
nginx
age
7
etag
W/"1a1a2-fnl8N4M1LrRfQoDckTEWJg"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0, 0
content-type
application/javascript; charset=utf-8
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
m_PmENHf-2oDhC0jKoTEPhzDpRXlTGeqChMfmjZQDPpk3XKY-QKmqQ==
hotjar-640032.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-640032.js?sv=6
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-76.fra2.r.cloudfront.net
Software
/
Resource Hash
386d6f209d8deb3b0877dd7f817519cfa3c4a17695f49c2e9dcafeef894933c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-edge-origin-shield-skipped
0
etag
W/3be1774cad87feb69158f614b0aa7365
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA2-C2
content-length
1910
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-id
NoocCPbXvOnGXYLna0mZHd2v8dCXjC7ibwdtpUu_yPVFHy2G0yA94Q==
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
13c8d00d02654fcdc9f5108a1a50c9e1fb7adf3547c6363fb8521fc8acb42860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
+lRl6rNk0AnfA7osC3YrSw==
cross-origin-resource-policy
cross-origin
expires
Wed, 06 Oct 2021 00:20:01 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
gbAlx+XWROIWKPCcJpWPsmB+MxUXnc8xux99f35072ljIUqOkKHG+NKB1iuGW6PUBAmTBtksF2UJ02/epEbwGg==
x-fb-trip-id
686109401
x-fb-content-md5
d62112598cdbcb496a1c165c8e67c269
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 06 Oct 2021 00:19:39 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"4fdac98d9d16f311a9ecd5256adb5b99"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
o7fjuzVm-JcxcCN5H.html
content.jwplatform.com/players/ Frame 16FE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-71.fra2.r.cloudfront.net
Software
openresty /
Resource Hash

Request headers

:method
GET
:authority
content.jwplatform.com
:scheme
https
:path
/players/o7fjuzVm-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mybooster.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/

Response headers

content-type
text/html; charset=utf-8
content-length
1452
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 06 Oct 2021 00:19:39 GMT
server
openresty
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Q_2c0mmLbpPeGrrFCyLqez8hwA2R6xdWhQdkKifItBqmRuYLw-XkAg==
left-chevron.svg
mybooster.com/v3-assets/public/images/ 		1 KB
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mybooster.com/v3-assets/public/images/left-chevron.svg
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/css/app.css?id=12dbd6ff3b43d3b27969
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.224.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-224-31.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
f0180347aaa59315dbec8ed6f465ffe2843a4df4bb6e49a7748604cf5f2ecf4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/v3-assets/public/images/left-chevron.svg
pragma
no-cache
cookie
csrfer_ckie=65210e94de7be4afdce1a1ba2aabe30b; ci_session=dkhqq6hie003aakepr9g4npudukiae4u; XSRF-TOKEN=eyJpdiI6IlhHdFVmaUZNM3E3SEhvU2pIem1VS1E9PSIsInZhbHVlIjoiekZYY29PN1FvOUl6eVNKcjJCN0NuZ3ZpN1IxQUlNSUp3UHlVSFFvMHlzTUJaTldWaElXcjl0dTdTdWZcL2NQY0YiLCJtYWMiOiJhMGM3Y2RhMmNkZjAxZTZhNzQxNTRlZTBkMmMxNWYzOWE1M2VjM2MzYzgzMmY2Zjc0ZjkwNGM3NmE2YWIzZjU1In0%3D; titan_session=eyJpdiI6IndkWDZSNlQrRVU5bDZ6SDQyMGJ6Z1E9PSIsInZhbHVlIjoiN1wvaGxMTk92V1ZMUUlicERDSlRaRmEyNElNT1ZjaFQyRzVqNVwvMDYwNFIzR09VRHh1WDdHOEpFQUtPMEdFNmhrIiwibWFjIjoiOGYyYjRmM2RjMzU0ODA4MjA3MmU4ODczYjVjMTA3ZTNlNDM0YmUxYTQzYTJjOTZmY2JmYjM0OTdjODEwMzk4YiJ9; ref_code=dbd4746df440da548851a8a835d389938b95c6e2
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mybooster.com
referer
https://mybooster.com/v3-assets/public/css/app.css?id=12dbd6ff3b43d3b27969
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/v3-assets/public/css/app.css?id=12dbd6ff3b43d3b27969
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Sep 2021 14:14:10 GMT
server
nginx/1.19.0
etag
W/"6155c632-430"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
expires
Wed, 20 Oct 2021 00:19:39 GMT
right-chevron.svg
mybooster.com/v3-assets/public/images/ 		1 KB
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mybooster.com/v3-assets/public/images/right-chevron.svg
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/css/app.css?id=12dbd6ff3b43d3b27969
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.224.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-224-31.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
c184d109e21a7d81a00b6196811413901f9c3dd66e6dc5a52deb53c725e3bfea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/v3-assets/public/images/right-chevron.svg
pragma
no-cache
cookie
csrfer_ckie=65210e94de7be4afdce1a1ba2aabe30b; ci_session=dkhqq6hie003aakepr9g4npudukiae4u; XSRF-TOKEN=eyJpdiI6IlhHdFVmaUZNM3E3SEhvU2pIem1VS1E9PSIsInZhbHVlIjoiekZYY29PN1FvOUl6eVNKcjJCN0NuZ3ZpN1IxQUlNSUp3UHlVSFFvMHlzTUJaTldWaElXcjl0dTdTdWZcL2NQY0YiLCJtYWMiOiJhMGM3Y2RhMmNkZjAxZTZhNzQxNTRlZTBkMmMxNWYzOWE1M2VjM2MzYzgzMmY2Zjc0ZjkwNGM3NmE2YWIzZjU1In0%3D; titan_session=eyJpdiI6IndkWDZSNlQrRVU5bDZ6SDQyMGJ6Z1E9PSIsInZhbHVlIjoiN1wvaGxMTk92V1ZMUUlicERDSlRaRmEyNElNT1ZjaFQyRzVqNVwvMDYwNFIzR09VRHh1WDdHOEpFQUtPMEdFNmhrIiwibWFjIjoiOGYyYjRmM2RjMzU0ODA4MjA3MmU4ODczYjVjMTA3ZTNlNDM0YmUxYTQzYTJjOTZmY2JmYjM0OTdjODEwMzk4YiJ9; ref_code=dbd4746df440da548851a8a835d389938b95c6e2
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mybooster.com
referer
https://mybooster.com/v3-assets/public/css/app.css?id=12dbd6ff3b43d3b27969
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/v3-assets/public/css/app.css?id=12dbd6ff3b43d3b27969
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Sep 2021 14:14:10 GMT
server
nginx/1.19.0
etag
W/"6155c632-42d"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1209600
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
expires
Wed, 20 Oct 2021 00:19:39 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mybooster.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
111122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 04 Oct 2022 17:27:37 GMT
fontawesome-webfont.woff2
mybooster.com/v3-assets/public/fonts/vendor/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mybooster.com/v3-assets/public/fonts/vendor/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/css/app.css?id=12dbd6ff3b43d3b27969
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.224.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-224-31.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://mybooster.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
csrfer_ckie=65210e94de7be4afdce1a1ba2aabe30b; ci_session=dkhqq6hie003aakepr9g4npudukiae4u; XSRF-TOKEN=eyJpdiI6IlhHdFVmaUZNM3E3SEhvU2pIem1VS1E9PSIsInZhbHVlIjoiekZYY29PN1FvOUl6eVNKcjJCN0NuZ3ZpN1IxQUlNSUp3UHlVSFFvMHlzTUJaTldWaElXcjl0dTdTdWZcL2NQY0YiLCJtYWMiOiJhMGM3Y2RhMmNkZjAxZTZhNzQxNTRlZTBkMmMxNWYzOWE1M2VjM2MzYzgzMmY2Zjc0ZjkwNGM3NmE2YWIzZjU1In0%3D; titan_session=eyJpdiI6IndkWDZSNlQrRVU5bDZ6SDQyMGJ6Z1E9PSIsInZhbHVlIjoiN1wvaGxMTk92V1ZMUUlicERDSlRaRmEyNElNT1ZjaFQyRzVqNVwvMDYwNFIzR09VRHh1WDdHOEpFQUtPMEdFNmhrIiwibWFjIjoiOGYyYjRmM2RjMzU0ODA4MjA3MmU4ODczYjVjMTA3ZTNlNDM0YmUxYTQzYTJjOTZmY2JmYjM0OTdjODEwMzk4YiJ9; ref_code=dbd4746df440da548851a8a835d389938b95c6e2
:path
/v3-assets/public/fonts/vendor/font-awesome/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
mybooster.com
referer
https://mybooster.com/v3-assets/public/css/app.css?id=12dbd6ff3b43d3b27969
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://mybooster.com/v3-assets/public/css/app.css?id=12dbd6ff3b43d3b27969
Origin
https://mybooster.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 30 Sep 2021 14:14:10 GMT
server
nginx/1.19.0
etag
"6155c632-12d68"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
font/woff2
cache-control
max-age=1209600
accept-ranges
bytes
content-length
77160
x-xss-protection
1; mode=block
expires
Wed, 20 Oct 2021 00:19:39 GMT
all.js
connect.facebook.net/en_US/ 		262 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=69c345ca1575ab7267d27d6db427db1c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
7e3ec0c67f5bf42fef4fcd5aa951d52171093cf1fcd16e82e6e34109d3bf6a33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://mybooster.com/
Origin
https://mybooster.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
K6UUdqEB77Q+azSH15HwyA==
cross-origin-resource-policy
cross-origin
expires
Wed, 05 Oct 2022 22:56:20 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75617
x-fb-rlafr
0
x-fb-debug
a1ejaoK4eMbMt3IV0X7ujCwui3BQW6yhSfuNvjk5lyo4Ky5/Qo7bv26NnVx7ioTnVBm825cee5mQy1ZAgF9GLw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
389409f18fdbeeaca2b48c3dbd901a6a
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Oct 2021 00:19:39 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"d21c2082efec638037e11eaf955d412c"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
modules.e95f6e2deb67f1b24d8e.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-640032.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-122.fra2.r.cloudfront.net
Software
/
Resource Hash
3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:27:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
661954
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59787
access-control-allow-origin
*
last-modified
Tue, 28 Sep 2021 08:26:22 GMT
etag
"4c2c45df8457d0c2a07b3285a23cd7a4"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
P2S-IAA6dz7Ruej1WU0BnSwsmS25cGuE4BbQu6JZNV68PlS-h3FfiA==
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=1056623917722217&input_token&origin=1&redirect_uri=https%3A%2F%2Fmybooster.com%2Fv3%2Fdash%2F29R0bfRA%3Futm_source%3Deedaybefore%26utm_medium%3Demail%26utm_content%3Dssvideo%26utm_campaign%3Dsponsorpledgeask&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=69c345ca1575ab7267d27d6db427db1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
M+D/6tJAImI0VWPdMPyjsOAAM3jkmst1QnnHSwo4Sm1Fk9XqXccKNbz+Ur1yePkG1PqDutI1PgwfJsKJkIncEQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Oct 2021 00:19:39 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mybooster.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-5NBXL2R&t=gtag_UA_18391724_4&cid=1188246835.1633479580
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
d9c4d2469c23aee78eb2d17b6e5133f77b5ae956e127e585bf225e67898cfd3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37049
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 06 Oct 2021 00:19:39 GMT
aeb20546-963f-4f79-b1f6-f57d21d32b43
sdk.split.io/api/mySegments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/aeb20546-963f-4f79-b1f6-f57d21d32b43
Protocol
H2
Server
151.101.3.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Origin
https://mybooster.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Varnish
retry-after
0
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age
7200
accept-ranges
bytes
date
Wed, 06 Oct 2021 00:19:39 GMT
via
1.1 varnish
x-served-by
cache-hhn4034-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1633479580.785605,VS0,VE0
vary
Cookie
access-control-allow-origin
https://mybooster.com
content-length
37
aeb20546-963f-4f79-b1f6-f57d21d32b43
sdk.split.io/api/mySegments/ 		17 B
255 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/aeb20546-963f-4f79-b1f6-f57d21d32b43
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/js/app.js?id=47749afe9c47bd4a62b3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://mybooster.com/
Authorization
Bearer 9qtq8gvmb8dnha0ecdhf853cdociul8hdse9
Accept-Language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.15.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
via
1.1 varnish, 1.1 varnish
etag
"1000002--gzip"
age
0
x-cache
MISS, MISS
content-encoding
gzip
content-length
37
x-request-id
1x0vfnpbckq
x-served-by
cache-dca17774-DCA, cache-hhn4034-HHN
x-timer
S1633479580.792154,VS0,VE96
date
Wed, 06 Oct 2021 00:19:39 GMT
vary
Origin, Accept-Encoding, Cookie
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-dca17774-DCA-141a9a5c-a53f-4c95-8ac7-ad2fd124a244; cache-hhn4034-HHN-120afed5-ee1c-4be1-a21f-dc43ae3a645f
accept-ranges
bytes
x-cache-hits
0, 0
o7fjuzVm-JcxcCN5H.html
content.jwplatform.com/players/ Frame 5375 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/js/app.js?id=47749afe9c47bd4a62b3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-71.fra2.r.cloudfront.net
Software
openresty /
Resource Hash
9b13786ae23e5ee9d0bdd5c91089d47437f99017891d745b5b65068dc80ba41c

Request headers

:method
GET
:authority
content.jwplatform.com
:scheme
https
:path
/players/o7fjuzVm-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mybooster.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/

Response headers

content-type
text/html; charset=utf-8
content-length
1452
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 06 Oct 2021 00:19:39 GMT
server
openresty
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
i2XiudCoPEm_NYJ1KvNyVx4NcqUyAb8Uc4PMQcI3Gs5mfjt7IEamGQ==
splitChanges
sdk.split.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Protocol
H2
Server
151.101.3.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Origin
https://mybooster.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Varnish
retry-after
0
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age
7200
accept-ranges
bytes
date
Wed, 06 Oct 2021 00:19:39 GMT
via
1.1 varnish
x-served-by
cache-hhn4034-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1633479580.787714,VS0,VE0
vary
Cookie
access-control-allow-origin
https://mybooster.com
content-length
37
splitChanges
sdk.split.io/api/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/js/app.js?id=47749afe9c47bd4a62b3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a7fbe0ca1f5df9b2d1c13af25e22b31660c28b593e7e32f19d022fd6e888b7db
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://mybooster.com/
Authorization
Bearer 9qtq8gvmb8dnha0ecdhf853cdociul8hdse9
Accept-Language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.15.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
content-encoding
gzip
etag
"1372072377--gzip"
age
3486
x-cache
HIT, HIT
content-length
3861
via
1.1 varnish, 1.1 varnish
x-request-id
1x0tcxtipm4
x-served-by
cache-dca17732-DCA, cache-hhn4034-HHN
last-modified
Tue, 05 Oct 2021 16:33:18 GMT
x-timer
S1633479580.795203,VS0,VE1
date
Wed, 06 Oct 2021 00:19:39 GMT
vary
Origin, Accept-Encoding, Cookie
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-dca17732-DCA-bcca26e3-b92a-47df-87f7-40ffa373900d; cache-hhn4037-HHN-efd86695-f032-4787-b0ae-f9c235422e0c
accept-ranges
bytes
x-cache-hits
10, 1
like.php
www.facebook.com/plugins/ Frame DF61 		0
24 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=1056623917722217&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26e1acf859043%26domain%3Dmybooster.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmybooster.com%252Ff178a25b0c5bdd4%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2FBoosterthon&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=69c345ca1575ab7267d27d6db427db1c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frt3.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?action=like&app_id=1056623917722217&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26e1acf859043%26domain%3Dmybooster.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmybooster.com%252Ff178a25b0c5bdd4%26relation%3Dparent.parent&container_width=1600&href=https%3A%2F%2Fwww.facebook.com%2FBoosterthon&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mybooster.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
3ViZQ65AW7HdVt8ZFbJMkXRogbcCA5dw6hqf+wm4n/uqav2zty69BYJtSyHNTwmDOgp88rAiuE3aVMKuqbl8kg==
content-length
0
date
Wed, 06 Oct 2021 00:19:39 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
auth
auth.split.io/api/ 		600 B
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.split.io/api/auth?users=aeb20546-963f-4f79-b1f6-f57d21d32b43
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/js/app.js?id=47749afe9c47bd4a62b3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.74.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-74-216.compute-1.amazonaws.com
Software
/
Resource Hash
242a673af4cc2fafffca53660fd392c0f6f4cb62505410c9164543aa584b813a
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://mybooster.com/
Authorization
Bearer 9qtq8gvmb8dnha0ecdhf853cdociul8hdse9
Accept-Language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.15.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
strict-transport-security
max-age=15770000; includeSubdomains
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mybooster.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
content-length
600
auth
auth.split.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.split.io/api/auth?users=aeb20546-963f-4f79-b1f6-f57d21d32b43
Protocol
H2
Server
18.213.74.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-74-216.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Origin
https://mybooster.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
content-type
application/json; charset=utf-8
content-length
4
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://mybooster.com
strict-transport-security
max-age=15770000; includeSubdomains
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame 3E49 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-640032.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-12.fra2.r.cloudfront.net
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mybooster.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
baeyMFd9g4T7R8O1KVXhtiCya5-DTtvbxMliHeeU7jQmK3KNQT104g==
age
6693274
h
heapanalytics.com/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1943480710&u=7780439709406992&v=5203823997706550&s=4783242557136033&b=web&tv=4.0&z=0&h=%2Fv3%2Fdash%2F29R0bfRA&q=%3Futm_source%3Deedaybefore%26utm_medium%3Demail%26utm_content%3Dssvideo%26utm_campaign%3Dsponsorpledgeask&d=mybooster.com&t=Burnette%20Pride%20Run&us=eedaybefore&um=email&uc=ssvideo&ua=sponsorpledgeask&k=Program%20Name&k=Burnette%20Pride%20Run&ts=1633479579855&st=1633479579856
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.131.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-131-1.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Oct 2021 00:19:40 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
experiment
mybooster.com/v3/api/ 		388 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mybooster.com/v3/api/experiment
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/js/app.js?id=47749afe9c47bd4a62b3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.224.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-224-31.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
c7c865cb8ee565b90ed64c89ed932b8e6a6607a358ce2b835dc8232d6fbeb729
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://mybooster.com
x-xsrf-token
eyJpdiI6IlhHdFVmaUZNM3E3SEhvU2pIem1VS1E9PSIsInZhbHVlIjoiekZYY29PN1FvOUl6eVNKcjJCN0NuZ3ZpN1IxQUlNSUp3UHlVSFFvMHlzTUJaTldWaElXcjl0dTdTdWZcL2NQY0YiLCJtYWMiOiJhMGM3Y2RhMmNkZjAxZTZhNzQxNTRlZTBkMmMxNWYzOWE1M2VjM2MzYzgzMmY2Zjc0ZjkwNGM3NmE2YWIzZjU1In0=
x-csrf-token
CqnsRmtjSp6c3gZDm5cZiIDlXKV3im5OzmRDSAyL
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
csrfer_ckie=65210e94de7be4afdce1a1ba2aabe30b; ci_session=dkhqq6hie003aakepr9g4npudukiae4u; XSRF-TOKEN=eyJpdiI6IlhHdFVmaUZNM3E3SEhvU2pIem1VS1E9PSIsInZhbHVlIjoiekZYY29PN1FvOUl6eVNKcjJCN0NuZ3ZpN1IxQUlNSUp3UHlVSFFvMHlzTUJaTldWaElXcjl0dTdTdWZcL2NQY0YiLCJtYWMiOiJhMGM3Y2RhMmNkZjAxZTZhNzQxNTRlZTBkMmMxNWYzOWE1M2VjM2MzYzgzMmY2Zjc0ZjkwNGM3NmE2YWIzZjU1In0%3D; titan_session=eyJpdiI6IndkWDZSNlQrRVU5bDZ6SDQyMGJ6Z1E9PSIsInZhbHVlIjoiN1wvaGxMTk92V1ZMUUlicERDSlRaRmEyNElNT1ZjaFQyRzVqNVwvMDYwNFIzR09VRHh1WDdHOEpFQUtPMEdFNmhrIiwibWFjIjoiOGYyYjRmM2RjMzU0ODA4MjA3MmU4ODczYjVjMTA3ZTNlNDM0YmUxYTQzYTJjOTZmY2JmYjM0OTdjODEwMzk4YiJ9; ref_code=dbd4746df440da548851a8a835d389938b95c6e2; _hjid=cad4d340-63f7-4d7f-81d6-5935d7464116; _hjFirstSeen=1; anon_user_id=aeb20546-963f-4f79-b1f6-f57d21d32b43; _hp2_ses_props.1943480710=%7B%22z%22%3A0%2C%22us%22%3A%22eedaybefore%22%2C%22um%22%3A%22email%22%2C%22uc%22%3A%22ssvideo%22%2C%22ua%22%3A%22sponsorpledgeask%22%2C%22ts%22%3A1633479579855%2C%22d%22%3A%22mybooster.com%22%2C%22h%22%3A%22%2Fv3%2Fdash%2F29R0bfRA%22%2C%22t%22%3A%22Burnette%20Pride%20Run%22%2C%22q%22%3A%22%3Futm_source%3Deedaybefore%26utm_medium%3Demail%26utm_content%3Dssvideo%26utm_campaign%3Dsponsorpledgeask%22%7D; _ga=GA1.2.1188246835.1633479580; _gid=GA1.2.1043425677.1633479580; _hp2_id.1943480710=%7B%22userId%22%3A%227780439709406992%22%2C%22pageviewId%22%3A%225203823997706550%22%2C%22sessionId%22%3A%224783242557136033%22%2C%22identity%22%3A%22aeb20546-963f-4f79-b1f6-f57d21d32b43%22%2C%22trackerVersion%22%3A%224.0%22%2C%22identityField%22%3Anull%2C%22isIdentified%22%3A1%7D; _hp2_props.1943480710=%7B%22f21_pledging_ticker%22%3A%22off%22%2C%22Exit_Modal_PPP%22%3A%22on%22%2C%22logging_titan_public_experiments%22%3A%22on%22%2C%22boosterUserId%22%3A%22aeb20546-963f-4f79-b1f6-f57d21d32b43%22%2C%22splitKey%22%3A%22aeb20546-963f-4f79-b1f6-f57d21d32b43%22%2C%22programSalesforceId%22%3A%22a4M4U000001l78NUAQ%22%2C%22schoolSalesforceId%22%3A%22001U000000QVND9IAP%22%2C%22teamId%22%3A%2222%22%2C%22semester%22%3A%222021-2-Fall%22%2C%22serviceLevel%22%3A%22Pledge-a-thon%22%2C%22evenOddParent%22%3A%22even%22%2C%22parentUserId%22%3A%2219406342%22%2C%22funRun%22%3A%222021-10-06%2000%3A00%3A00%22%2C%22programID%22%3A%2225483%22%7D
content-length
179
:path
/v3/api/experiment
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json;charset=UTF-8
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
mybooster.com
referer
https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
:scheme
https
sec-fetch-site
same-origin
:method
POST
X-XSRF-TOKEN
eyJpdiI6IlhHdFVmaUZNM3E3SEhvU2pIem1VS1E9PSIsInZhbHVlIjoiekZYY29PN1FvOUl6eVNKcjJCN0NuZ3ZpN1IxQUlNSUp3UHlVSFFvMHlzTUJaTldWaElXcjl0dTdTdWZcL2NQY0YiLCJtYWMiOiJhMGM3Y2RhMmNkZjAxZTZhNzQxNTRlZTBkMmMxNWYzOWE1M2VjM2MzYzgzMmY2Zjc0ZjkwNGM3NmE2YWIzZjU1In0=
X-CSRF-TOKEN
CqnsRmtjSp6c3gZDm5cZiIDlXKV3im5OzmRDSAyL
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
X-Requested-With
XMLHttpRequest

Response headers

date
Wed, 06 Oct 2021 00:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.19.0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6InY1eXQyXC9lMmEwVzM2V1wvb1RUTTV4QT09IiwidmFsdWUiOiJFWktXUStqcGtDQnh4R3hFcG9tWmlUT0I5Skd4NDZ6OHhEVW92QXNoVFpabVNiTW4wWE9CNXphWUx4cHZaY3JxIiwibWFjIjoiYzg1MWFhYTA0ZGU1MjdlNGNlZWM0N2ZlODVmMDg0NWIxZTlmN2ExYWM2ODhlYTJmODdmNjQ5OGYwODNiOTllOCJ9; expires=Wed, 06-Oct-2021 02:19:39 GMT; Max-Age=7200; path=/; domain=.mybooster.com; secure titan_session=eyJpdiI6IjhkNFdNZWF4akpRT2JtK0MwM2pKYnc9PSIsInZhbHVlIjoiWkx5MkJiU2UwZ0pQVUt6blZEZTBIWEZRYjF2eWduWG93U3FYZDJyMkRId0lEcnpaWVZZTFpnU1dBTlgzNDI4eSIsIm1hYyI6IjAyZWY1Njg1OTkxN2VmZDRmYzYwMjI5NjgwMWFlODk5MjJkMTEwYTIyZmZjY2JmNjk1MDhiNzlkYmIyNTIxOGEifQ%3D%3D; expires=Wed, 06-Oct-2021 02:19:39 GMT; Max-Age=7200; path=/; domain=.mybooster.com; secure; httponly hide_cookie_policy=eyJpdiI6IlwvSW1SV1QzVURSWmxnSnhXQ1wvaythdz09IiwidmFsdWUiOiJSQWFyZEZjRStuMVVjZWRiZDM1dlB3PT0iLCJtYWMiOiJhZWNiOTUxYzk3NTE0MzhmYjVhNDUyOWQ5YzBkZDk5OGUzZTkzMzhmNmFlZmE5YTY3ZGUxZjlkZTc3ZjM1MWM5In0%3D; path=/; domain=.mybooster.com; secure; httponly
vary
Accept-Encoding
x-xss-protection
1; mode=block
identify_v3
heapanalytics.com/api/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/identify_v3?a=1943480710&u=7780439709406992&v=5203823997706550&s=4783242557136033&i=aeb20546-963f-4f79-b1f6-f57d21d32b43&b=web&tv=4.0&z=0&st=1633479579869
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.131.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-131-1.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Oct 2021 00:19:40 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
add_user_properties_v3
heapanalytics.com/api/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/add_user_properties_v3?a=1943480710&u=7780439709406992&v=5203823997706550&s=4783242557136033&i=aeb20546-963f-4f79-b1f6-f57d21d32b43&b=web&tv=4.0&_f21_pledging_ticker=off&_Exit_Modal_PPP=on&_logging_titan_public_experiments=on&st=1633479579869
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.131.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-131-1.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Oct 2021 00:19:40 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
telemetry
heapanalytics.com/api/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=1943480710&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=14&st=1633479579870&hv=4.15.0
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.131.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-131-1.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Oct 2021 00:19:40 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
640032
vc.hotjar.io/sessions/ 		0
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/640032?s=0.25&r=0.042599673131005655
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-110.fra2.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:39 GMT
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
RnjugzbDVA9oyT0oGzUqWoTm4e9DH4tiaHpsU0Q8SvMF-ekEOjMlpg==
o7fjuzVm-JcxcCN5H.js
content.jwplatform.com/players/ Frame 5375 		113 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.js?wmode=transparent&amp;showinfo=0&amp;rel=0
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-71.fra2.r.cloudfront.net
Software
openresty /
Resource Hash
7a6bd54c4d2e8a0c3489379d5dabc5ebe77c5db1f1e9ae56c1503a428336b3d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
content-encoding
gzip
server
openresty
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
x-amz-cf-pop
FRA2-C2
content-length
37874
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-id
hPnAvcOs0kwvexJaIr6JsfUrqWJE6jM-uB3aGO-9vcyG6Pyi-V5Deg==
expires
Wed, 06 Oct 2021 00:22:10 GMT
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.23.0/ Frame 5375 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.23.0/jwpsrv.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.js?wmode=transparent&amp;showinfo=0&amp;rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
content-encoding
gzip
age
881
x-cache
HIT
content-length
17499
via
1.1 varnish
x-served-by
cache-hhn4071-HHN
last-modified
Thu, 30 Sep 2021 15:18:00 GMT
server
AmazonS3
x-timer
S1633479580.187275,VS0,VE0
etag
"fd28c0166cd7029ddfb10e5953b3f7f2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
687
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.23.0/ Frame 5375 		305 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.23.0/jwplayer.core.controls.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.js?wmode=transparent&amp;showinfo=0&amp;rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
add4706ecd4af2aa66dd8c6b562fc0de7723c503d8fa9835204cca5ecacd204b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
content-encoding
gzip
age
623655
x-cache
HIT
content-length
79629
via
1.1 varnish
x-served-by
cache-hhn4071-HHN
last-modified
Mon, 27 Sep 2021 23:15:22 GMT
server
AmazonS3
x-timer
S1633479580.187190,VS0,VE0
etag
"8b56f9889d0daa02a7080cf0712bdadc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
564745
o7fjuzVm
content.jwplatform.com/v2/media/ Frame 5375 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/v2/media/o7fjuzVm?recommendations_playlist_id=9x56mHvt
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.js?wmode=transparent&amp;showinfo=0&amp;rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-71.fra2.r.cloudfront.net
Software
openresty /
Resource Hash
fd66be750e667bee5eef8097b1d0135a8167672f0ec1955c513ed151f2cdef99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
content-encoding
gzip
server
openresty
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1200, max-stale=180
x-amz-cf-pop
FRA2-C2
content-length
683
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-id
xWrsR55MfVoHtqmxj-I-XY-zGLF8njCN5ediiAtORZHOnjJAQAVeHw==
expires
Wed, 06 Oct 2021 00:39:40
sse
streaming.split.io/ 		472 B
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://streaming.split.io/sse?channels=NzE2Njc0NDk2_MzY5OTY0OTc2_MjE1MTU2Mjc2OA%3D%3D_mySegments,NzE2Njc0NDk2_MzY5OTY0OTc2_splits,%5B%3Foccupancy%3Dmetrics.publishers%5Dcontrol_pri,%5B%3Foccupancy%3Dmetrics.publishers%5Dcontrol_sec&accessToken=eyJhbGciOiJIUzI1NiIsImtpZCI6IkRQVkE3QS51X09xLXciLCJ0eXAiOiJKV1QifQ.eyJ4LWFibHktY2FwYWJpbGl0eSI6IntcIk56RTJOamMwTkRrMl9Nelk1T1RZME9UYzJfTWpFMU1UVTJNamMyT0E9PV9teVNlZ21lbnRzXCI6W1wic3Vic2NyaWJlXCJdLFwiTnpFMk5qYzBORGsyX016WTVPVFkwT1RjMl9zcGxpdHNcIjpbXCJzdWJzY3JpYmVcIl0sXCJjb250cm9sX3ByaVwiOltcInN1YnNjcmliZVwiLFwiY2hhbm5lbC1tZXRhZGF0YTpwdWJsaXNoZXJzXCJdLFwiY29udHJvbF9zZWNcIjpbXCJzdWJzY3JpYmVcIixcImNoYW5uZWwtbWV0YWRhdGE6cHVibGlzaGVyc1wiXX0iLCJ4LWFibHktY2xpZW50SWQiOiJjbGllbnRJZCIsImV4cCI6MTYzMzQ4MzE4MCwiaWF0IjoxNjMzNDc5NTgwfQ.gRGcVjk-FxEg4DB4VwfcJBBFiUlKQFY_CxaACcM9fWQ&v=1.1&heartbeats=true
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3/dash/29R0bfRA?utm_source=eedaybefore&utm_medium=email&utm_content=ssvideo&utm_campaign=sponsorpledgeask
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-123.fra2.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; frame-src status.ably.com
X-Content-Type-Options nosniff

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://mybooster.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src 'self'; frame-ancestors 'self'; frame-src status.ably.com
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
referrer-policy
no-referrer
x-amz-cf-pop
FRA2-C1
date
Wed, 06 Oct 2021 00:19:40 GMT
vary
Origin
x-ably-serverid
frontend.126d.2.us-east-1-A.i-038c9095734d98313.e7dqLzjngB3MVU
content-type
text/event-stream
access-control-allow-origin
https://mybooster.com
access-control-expose-headers
Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
access-control-allow-credentials
true
x-cache
Miss from cloudfront
x-robots-tag
noindex
x-amz-cf-id
8gmqlLYSnev9RVzQBVSUM4ZbX8Lbf2G-t9ji6n5YeCf1JlojboyWqw==
x-content-type-options
nosniff
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.23.0/ Frame 5375 		409 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.23.0/provider.hlsjs.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.js?wmode=transparent&amp;showinfo=0&amp;rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec49db558d859615f59dbdf9122f8ae6f7f8f29b04e2cd0898b3624136e8546c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
content-encoding
gzip
age
623655
x-cache
HIT
content-length
115635
via
1.1 varnish
x-served-by
cache-hhn4071-HHN
last-modified
Mon, 27 Sep 2021 23:15:25 GMT
server
AmazonS3
x-timer
S1633479580.358020,VS0,VE0
etag
"0be2c2cd72182297cde982f3f764910b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
375919
o7fjuzVm-120.vtt
assets-jpcust.jwpsrv.com/strips/ Frame 5375
Redirect Chain
  • https://content.jwplatform.com/strips/o7fjuzVm-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/o7fjuzVm-120.vtt
4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/o7fjuzVm-120.vtt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ce112cd51c939a4323db596b2dcb7bf63984f3986fe0ce37040f189edafdc1c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
content-encoding
gzip
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS
access-control-max-age
180
content-length
588
x-served-by
cache-bwi5158-BWI, cache-hhn4052-HHN
access-control-allow-origin
*
last-modified
Wed, 29 Sep 2021 00:47:11 GMT
server
nginx
x-timer
S1633479581.535653,VS0,VE149
etag
"eeecd9d884175d8dfee37f3447de9b73"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/vtt
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
0, 0

Redirect headers

date
Wed, 06 Oct 2021 00:19:40 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
openresty
x-edge-origin-shield-skipped
0
location
https://assets-jpcust.jwpsrv.com/strips/o7fjuzVm-120.vtt
x-cache
Miss from cloudfront
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
content-length
166
x-amz-cf-id
E4cfOKeRMaYqH0KSGfiIh-a71dkcn2uHrbFAFkpU8dCwmepqlasIGA==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.23.0/ Frame 5375 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.23.0/provider.cast.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.js?wmode=transparent&amp;showinfo=0&amp;rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b357b022e922f2a35bf3d62abf2c447878c4a2da5a90a20932d2353a593ff0c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
content-encoding
gzip
age
623654
x-cache
HIT
content-length
9022
via
1.1 varnish
x-served-by
cache-hhn4071-HHN
last-modified
Mon, 27 Sep 2021 23:15:24 GMT
server
AmazonS3
x-timer
S1633479580.424721,VS0,VE0
etag
"46c7144af63539d7547c1e891db4cd6d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
199308
related.js
ssl.p.jwpcdn.com/player/v/8.23.0/ Frame 5375 		108 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.23.0/related.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.js?wmode=transparent&amp;showinfo=0&amp;rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2d0805d60ac6eaa06075b13ffadc5616d4a1b4a1093464ba9b3651430b0456c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
content-encoding
gzip
age
623654
x-cache
HIT
content-length
24961
via
1.1 varnish
x-served-by
cache-hhn4071-HHN
last-modified
Mon, 27 Sep 2021 23:15:27 GMT
server
AmazonS3
x-timer
S1633479580.424841,VS0,VE0
etag
"4069ef16800e79990b2034575b12a07b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
419738
o7fjuzVm.m3u8
content.jwplatform.com/manifests/ Frame 5375 		1 KB
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/manifests/o7fjuzVm.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.23.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-71.fra2.r.cloudfront.net
Software
openresty /
Resource Hash
e2d5d2a6e6f522c36858459dc619f44cbec6a9074956ead39adaa2b4abf1235c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.html?rel=0&wmode=transparent&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
content-encoding
gzip
server
openresty
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, max-stale=180
x-amz-cf-pop
FRA2-C2
content-length
435
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-id
4UhOeurjSgIYAWTumum7beFSH-uTP7f5fQag7_phN4nsbfUOAVN1oQ==
expires
Wed, 06 Oct 2021 00:29:40 GMT
otvw1xpv-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/ Frame 5375
Redirect Chain
  • https://content.jwplatform.com/v2/media/o7fjuzVm/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/otvw1xpv-720.jpg
50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/otvw1xpv-720.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bcdba32b0ec9165334a21993b78bf77271cc8ce9947ac191c20cb99abd53f111

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
content-encoding
gzip
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS
content-length
51536
x-served-by
cache-bwi5138-BWI, cache-hhn4071-HHN
access-control-allow-origin
*
last-modified
Wed, 29 Sep 2021 00:48:47 GMT
server
nginx
x-timer
S1633479581.542163,VS0,VE109
etag
"a21a50bafbbbb7e562fc14f6f0f20e42"
vary
Accept-Encoding
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
0, 0

Redirect headers

date
Wed, 06 Oct 2021 00:19:40 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA2-C2
location
https://assets-jpcust.jwpsrv.com/thumbnails/otvw1xpv-720.jpg
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-edge-origin-shield-skipped
0
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
pAbNmm31uBwV1wA3BmrtKUgk_QAMRATDN25LJpVUYg-LjRFVwbYIAQ==
ping.gif
prd.jwpltx.com/v1/jwplayer6/ Frame 5375 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=1878704470&e=e&n=7924916302348368&aid=PiCMMH9uEeamsxKCk4Wcgw&amp=0&at=1&c=-1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=rzsssevxge49&i=1&id=o7fjuzVm&lid=1qgsiffw63vs&lsa=set&mt=0&pbd=1&pbr=1&pgi=1b4kvka10ktb&ph=3&pid=JcxcCN5H&pii=0&pl=387&plc=1&pli=2vhbe9lpa2d9&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Jiana%20Burnette%20Pride%20Run&pu=https%3A%2F%2Fmybooster.com%2F&pv=8.23.0&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Jiana%20Burnette%20Pride%20Run&tv=3.36.1&vb=0&vi=0&vl=90&wd=688&ab=0&cae=0&cb=1&cdid=botr_o7fjuzVm_JcxcCN5H_div&cme=0&dd=0&flc=0&fv=&ga=0&mk=hls&mu=https%3A%2F%2Fcontent.jwplatform.com%2Fmanifests%2Fo7fjuzVm.m3u8&pbc=0&pd=2&plng=en-US&plt=100&pni=0&po=0&pogt=Jiana%20Burnette%20Pride%20Run&sp=0&st=250&sa=1633479580423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-served-by
cache-hhn4071-HHN
x-cache
MISS
x-cache-hits
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 5375 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/players/o7fjuzVm-JcxcCN5H.js?wmode=transparent&amp;showinfo=0&amp;rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Oct 2021 00:19:40 GMT
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 5375 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12390
x-xss-protection
0
last-modified
Mon, 06 Jul 2020 23:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="chrome-dongle"
expires
Wed, 06 Oct 2021 00:19:40 GMT
cast_sender.js
www.gstatic.com/eureka/clank/93/ Frame 5375 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/93/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15346
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 17:05:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Wed, 06 Oct 2021 07:39:49 GMT
o7fjuzVm-27622234.mp4.m3u8
videos-fms.jwpsrv.com/0_615d15cc_0x3611ec9d743cc12bfa2af0749e083eda65be849c/content/conversions/oCniVb9Q/videos/ Frame 5375 		2 KB
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-fms.jwpsrv.com/0_615d15cc_0x3611ec9d743cc12bfa2af0749e083eda65be849c/content/conversions/oCniVb9Q/videos/o7fjuzVm-27622234.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.23.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
111e361581cbe4dd1761ab5b151c66c5e4899da3a455c46f10efa5b66a26b145

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:40 GMT
via
1.1 varnish, 1.1 varnish
x-backend
https://s3-external-1.amazonaws.com
age
0
x-cache
MISS, MISS
fastly-stats
otfp=1
content-encoding
gzip
content-length
242
x-served-by
cache-bwi5122-BWI, cache-hhn4052-HHN
server
otfp
x-timer
S1633479581.605216,VS0,VE343
etag
"4G-2boEsNOn2RdfFTtzC2HrIMeGlFjvPGF0F_sJUsdNciUwHFlXW9cQkutnOBRjdbte02tSEo9zK7p2SFK7FP47Eng"
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
0, 0
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=27554788&t=event&_s=1&dl=https%3A%2F%2Fmybooster.com%2Fv3%2Fdash%2F29R0bfRA%3Futm_source%3Deedaybefore%26utm_medium%3Demail%26utm_content%3Dssvideo%26utm_campaign%3Dsponsorpledgeask&ul=en-us&de=UTF-8&dt=Burnette%20Pride%20Run&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Public%20Page&ea=Exit%20Modal&el=exit-modal-on&_u=aGhAAUADQAAAAC~&jid=1803114921&gjid=1183830864&cid=1188246835.1633479580&tid=UA-18391724-4&_gid=1043425677.1633479580&_r=1&_slc=1&z=1355000720
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mybooster.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Oct 2021 00:19:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mybooster.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-18391724-4&cid=1188246835.1633479580&jid=1803114921&gjid=1183830864&_gid=1043425677.1633479580&_u=aGhAAUACQAAAAC~&z=1201022676
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mybooster.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 06 Oct 2021 00:19:40 GMT
content-type
text/plain
access-control-allow-origin
https://mybooster.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
aeb20546-963f-4f79-b1f6-f57d21d32b43
sdk.split.io/api/mySegments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/aeb20546-963f-4f79-b1f6-f57d21d32b43
Protocol
H2
Server
151.101.3.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Origin
https://mybooster.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Varnish
retry-after
0
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age
7200
accept-ranges
bytes
date
Wed, 06 Oct 2021 00:19:40 GMT
via
1.1 varnish
x-served-by
cache-hhn4034-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1633479581.828179,VS0,VE0
vary
Cookie
access-control-allow-origin
https://mybooster.com
content-length
37
aeb20546-963f-4f79-b1f6-f57d21d32b43
sdk.split.io/api/mySegments/ 		17 B
285 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/aeb20546-963f-4f79-b1f6-f57d21d32b43
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/js/app.js?id=47749afe9c47bd4a62b3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://mybooster.com/
Authorization
Bearer 9qtq8gvmb8dnha0ecdhf853cdociul8hdse9
Accept-Language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.15.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
via
1.1 varnish, 1.1 varnish
etag
"1000002--gzip"
age
1
x-cache
MISS, HIT
content-encoding
gzip
content-length
37
x-request-id
1x0vfnpbckq
x-served-by
cache-dca17774-DCA, cache-hhn4034-HHN
x-timer
S1633479581.835750,VS0,VE0
date
Wed, 06 Oct 2021 00:19:40 GMT
vary
Origin, Accept-Encoding, Cookie
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-dca17774-DCA-141a9a5c-a53f-4c95-8ac7-ad2fd124a244; cache-hhn4034-HHN-120afed5-ee1c-4be1-a21f-dc43ae3a645f
accept-ranges
bytes
x-cache-hits
0, 1
splitChanges
sdk.split.io/api/ 		56 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=1633451598131
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/js/app.js?id=47749afe9c47bd4a62b3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.3.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d81906590d64db3a88b86d634295f192e01483d452010b9f0ecf04f60f332f3d
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://mybooster.com/
Authorization
Bearer 9qtq8gvmb8dnha0ecdhf853cdociul8hdse9
Accept-Language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.15.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
content-encoding
gzip
etag
"-1404066540--gzip"
age
27980
x-cache
HIT, HIT
content-length
63
via
1.1 varnish, 1.1 varnish
x-request-id
1x0eryip0r3
x-served-by
cache-dca17775-DCA, cache-hhn4034-HHN
last-modified
Tue, 05 Oct 2021 16:33:18 GMT
x-timer
S1633479581.835817,VS0,VE1
date
Wed, 06 Oct 2021 00:19:40 GMT
vary
Origin, Accept-Encoding, Cookie
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-dca17774-DCA-efc0d09d-9eff-47f7-a23d-321cf4e892e5; cache-hhn4059-HHN-3a9f4dce-eea7-49a8-a90e-b026fac7dc53
accept-ranges
bytes
x-cache-hits
4, 1
splitChanges
sdk.split.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=1633451598131
Protocol
H2
Server
151.101.3.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Origin
https://mybooster.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Varnish
retry-after
0
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age
7200
accept-ranges
bytes
date
Wed, 06 Oct 2021 00:19:40 GMT
via
1.1 varnish
x-served-by
cache-hhn4034-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1633479581.828333,VS0,VE0
vary
Cookie
access-control-allow-origin
https://mybooster.com
content-length
37
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-18391724-4&cid=1188246835.1633479580&jid=1803114921&_u=aGhAAUACQAAAAC~&z=281450276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Oct 2021 00:19:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-18391724-4&cid=1188246835.1633479580&jid=1803114921&_u=aGhAAUACQAAAAC~&z=281450276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Oct 2021 00:19:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
o7fjuzVm-27622234.mp4-1.ts
videos-fms.jwpsrv.com/0_615d15cc_0x3611ec9d743cc12bfa2af0749e083eda65be849c/content/conversions/oCniVb9Q/videos/ Frame 5375 		203 KB
203 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-fms.jwpsrv.com/0_615d15cc_0x3611ec9d743cc12bfa2af0749e083eda65be849c/content/conversions/oCniVb9Q/videos/o7fjuzVm-27622234.mp4-1.ts
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.23.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
392841e06028f734df3db10b41508241b207f2bc095a85fdbd0b63bf364b58d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:41 GMT
via
1.1 varnish, 1.1 varnish
x-backend
https://s3-external-1.amazonaws.com
age
0
x-cache
MISS, MISS
fastly-stats
otfp=1
content-length
207928
x-served-by
cache-bwi5127-BWI, cache-hhn4052-HHN
x-fastly-otfp-info
ss=0.000 sl=4.000 vl=136.125 rs=320x180
server
otfp
x-timer
S1633479581.960330,VS0,VE108
etag
"BS8cSJw6_uuJwtlWC4Ym-Ef-ZNKLMRRSnNvIRaNhMBjw2YFBFaYA8vRJ2n-hZUhezCvh7cPXxN-1ERITOySFJkEW0w"
content-type
video/mp2t
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
0, 0
64cb1cd8-3e2c-4a92-bd47-672c6ff7fc9f
https://content.jwplatform.com/ Frame 5375 		88 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://content.jwplatform.com/64cb1cd8-3e2c-4a92-bd47-672c6ff7fc9f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db58fbac8304f2548011eeb67657a22780cbc8e81150dc6d9a63b74e303e8f38

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
90231
Content-Type
text/javascript
o7fjuzVm-27622236.mp4.m3u8
videos-fms.jwpsrv.com/0_615d15cc_0xcb7016069b413230f5e3dff9f97471ac7f77074a/content/conversions/oCniVb9Q/videos/ Frame 5375 		2 KB
431 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-fms.jwpsrv.com/0_615d15cc_0xcb7016069b413230f5e3dff9f97471ac7f77074a/content/conversions/oCniVb9Q/videos/o7fjuzVm-27622236.mp4.m3u8
Requested by
Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.23.0/provider.hlsjs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
otfp /
Resource Hash
294daeb09bb7527cb7ed9dd5cf741886fee18ee4a6d42f3491212ab21a4e7842

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://content.jwplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:41 GMT
via
1.1 varnish, 1.1 varnish
x-backend
https://s3-external-1.amazonaws.com
age
0
x-cache
HIT, MISS
fastly-stats
otfp=1
content-encoding
gzip
content-length
243
x-served-by
cache-bwi5172-BWI, cache-hhn4052-HHN
server
otfp
x-timer
S1633479581.136526,VS0,VE90
etag
"akVEis0P2cJEitanMj5MyD4USWDX3qz9KLJwG2jweNBMnkkBAF8yaWl99oVn_xL4YeZU3Mn2W5P6lmeuWE6KSaJ4jo4N"
vary
Accept-Encoding
content-type
application/x-mpegurl
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt
x-cache-hits
1, 0
bulk
events.split.io/api/testImpressions/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.split.io/api/testImpressions/bulk
Requested by
Host: mybooster.com
URL: https://mybooster.com/v3-assets/public/js/app.js?id=47749afe9c47bd4a62b3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.27.10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

SplitSDKImpressionsMode
OPTIMIZED
Accept-Language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.15.3
Authorization
Bearer 9qtq8gvmb8dnha0ecdhf853cdociul8hdse9
Content-Type
application/json
Accept
application/json
Referer
https://mybooster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 00:19:45 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://mybooster.com
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
access-control-allow-credentials
true
strict-transport-security
max-age=15770000; includeSubDomains
vary
Origin
content-length
0
x-xss-protection
1; mode=block
x-request-id
1x0vfrsdmeg
bulk
events.split.io/api/testImpressions/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.split.io/api/testImpressions/bulk
Protocol
H2
Server
52.20.27.10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type,splitsdkimpressionsmode,splitsdkversion
Origin
https://mybooster.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 06 Oct 2021 00:19:45 GMT
content-length
0
access-control-allow-origin
https://mybooster.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS,PATCH
access-control-allow-headers
X-Requested-With,X-Split-Failure,Origin,Content-Type,Accept,Authorization,Content-Length,X-User-Token,X-SPLITIO-TIME-ZONE,SplitSDKMachineName,SplitSDKMachineIP,SplitSDKVersion,SplitSDKImpressionsMode,split-csrf
strict-transport-security
max-age=15770000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-request-id
1x0vfrpkowo

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster object| dataLayer string| GoogleAnalyticsObject function| ga object| heap function| gtag function| hj object| _hjSettings function| fbAsyncInit object| google_tag_manager object| google_tag_data object| FB object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaGlobal object| gaData function| _ function| setImmediate function| clearImmediate object| regeneratorRuntime function| jQuery function| $ function| axios function| Vue object| gtmRegButton object| pubFBShareButton boolean| gtmPhoneChanged boolean| gtmMonthChanged boolean| gtmDayChanged boolean| gtmYearChanged object| gtmPhoneField object| gtmMonthField object| gtmDayField object| gtmYearField object| gtmPledgeNextStep object| gtmPledgeNext object| gtmPledgePay boolean| gtmSponsorTypeChanged boolean| gtmSponsorNameChanged boolean| gtmSponsorLastChanged boolean| gtmSponsorEmailChanged boolean| gtmSponsorStateChanged boolean| gtmSponsorCCChanged boolean| gtmSponsorCVVChanged object| gtmSponsorTypeField object| gtmSponsorNameField object| gtmSponsorLastField object| gtmSponsorEmailField object| gtmSponsorStateField object| gtmSponsorCCField object| gtmSponsorCVVField object| google_optimize

18 Cookies

Domain/Path Name / Value
mybooster.com/v3/dash Name: hide_cookie_policy
Value: hide
.mybooster.com/ Name: csrfer_ckie
Value: 65210e94de7be4afdce1a1ba2aabe30b
.mybooster.com/ Name: ci_session
Value: dkhqq6hie003aakepr9g4npudukiae4u
.mybooster.com/ Name: ref_code
Value: dbd4746df440da548851a8a835d389938b95c6e2
.mybooster.com/ Name: _hjid
Value: cad4d340-63f7-4d7f-81d6-5935d7464116
.mybooster.com/ Name: _hjFirstSeen
Value: 1
.mybooster.com/ Name: anon_user_id
Value: aeb20546-963f-4f79-b1f6-f57d21d32b43
.mybooster.com/ Name: _ga
Value: GA1.2.1188246835.1633479580
.mybooster.com/ Name: _gid
Value: GA1.2.1043425677.1633479580
.mybooster.com/ Name: _hp2_id.1943480710
Value: %7B%22userId%22%3A%227780439709406992%22%2C%22pageviewId%22%3A%225203823997706550%22%2C%22sessionId%22%3A%224783242557136033%22%2C%22identity%22%3A%22aeb20546-963f-4f79-b1f6-f57d21d32b43%22%2C%22trackerVersion%22%3A%224.0%22%2C%22identityField%22%3Anull%2C%22isIdentified%22%3A1%7D
.mybooster.com/ Name: _hp2_props.1943480710
Value: %7B%22f21_pledging_ticker%22%3A%22off%22%2C%22Exit_Modal_PPP%22%3A%22on%22%2C%22logging_titan_public_experiments%22%3A%22on%22%2C%22boosterUserId%22%3A%22aeb20546-963f-4f79-b1f6-f57d21d32b43%22%2C%22splitKey%22%3A%22aeb20546-963f-4f79-b1f6-f57d21d32b43%22%2C%22programSalesforceId%22%3A%22a4M4U000001l78NUAQ%22%2C%22schoolSalesforceId%22%3A%22001U000000QVND9IAP%22%2C%22teamId%22%3A%2222%22%2C%22semester%22%3A%222021-2-Fall%22%2C%22serviceLevel%22%3A%22Pledge-a-thon%22%2C%22evenOddParent%22%3A%22even%22%2C%22parentUserId%22%3A%2219406342%22%2C%22funRun%22%3A%222021-10-06%2000%3A00%3A00%22%2C%22programID%22%3A%2225483%22%7D
mybooster.com/ Name: _hjIncludedInSessionSample
Value: 0
.mybooster.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.mybooster.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InY1eXQyXC9lMmEwVzM2V1wvb1RUTTV4QT09IiwidmFsdWUiOiJFWktXUStqcGtDQnh4R3hFcG9tWmlUT0I5Skd4NDZ6OHhEVW92QXNoVFpabVNiTW4wWE9CNXphWUx4cHZaY3JxIiwibWFjIjoiYzg1MWFhYTA0ZGU1MjdlNGNlZWM0N2ZlODVmMDg0NWIxZTlmN2ExYWM2ODhlYTJmODdmNjQ5OGYwODNiOTllOCJ9
.mybooster.com/ Name: titan_session
Value: eyJpdiI6IjhkNFdNZWF4akpRT2JtK0MwM2pKYnc9PSIsInZhbHVlIjoiWkx5MkJiU2UwZ0pQVUt6blZEZTBIWEZRYjF2eWduWG93U3FYZDJyMkRId0lEcnpaWVZZTFpnU1dBTlgzNDI4eSIsIm1hYyI6IjAyZWY1Njg1OTkxN2VmZDRmYzYwMjI5NjgwMWFlODk5MjJkMTEwYTIyZmZjY2JmNjk1MDhiNzlkYmIyNTIxOGEifQ%3D%3D
.mybooster.com/ Name: hide_cookie_policy
Value: eyJpdiI6IlwvSW1SV1QzVURSWmxnSnhXQ1wvaythdz09IiwidmFsdWUiOiJSQWFyZEZjRStuMVVjZWRiZDM1dlB3PT0iLCJtYWMiOiJhZWNiOTUxYzk3NTE0MzhmYjVhNDUyOWQ5YzBkZDk5OGUzZTkzMzhmNmFlZmE5YTY3ZGUxZjlkZTc3ZjM1MWM5In0%3D
.mybooster.com/ Name: _hp2_ses_props.1943480710
Value: %7B%22us%22%3A%22eedaybefore%22%2C%22um%22%3A%22email%22%2C%22uc%22%3A%22ssvideo%22%2C%22ua%22%3A%22sponsorpledgeask%22%2C%22ts%22%3A1633479579855%2C%22d%22%3A%22mybooster.com%22%2C%22h%22%3A%22%2Fv3%2Fdash%2F29R0bfRA%22%2C%22q%22%3A%22%3Futm_source%3Deedaybefore%26utm_medium%3Demail%26utm_content%3Dssvideo%26utm_campaign%3Dsponsorpledgeask%22%7D
.mybooster.com/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-jpcust.jwpsrv.com
auth.split.io
cdn.heapanalytics.com
connect.facebook.net
content.jwplatform.com
events.split.io
fonts.googleapis.com
fonts.gstatic.com
funrun-prod.s3.amazonaws.com
heapanalytics.com
mybooster.com
prd.jwpltx.com
script.hotjar.com
sdk.split.io
ssl.p.jwpcdn.com
static.hotjar.com
stats.g.doubleclick.net
streaming.split.io
vars.hotjar.com
vc.hotjar.io
videos-fms.jwpsrv.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
13.224.193.12
13.224.193.122
13.224.193.123
13.225.87.110
13.225.87.41
13.225.87.71
13.225.87.76
142.250.184.227
142.250.185.174
142.250.185.195
142.250.185.68
142.250.74.200
151.101.3.9
151.101.66.114
172.217.18.106
173.194.76.154
18.213.74.216
3.220.224.31
31.13.92.14
31.13.92.36
34.231.131.1
52.20.27.10
52.216.80.120
111e361581cbe4dd1761ab5b151c66c5e4899da3a455c46f10efa5b66a26b145
13c8d00d02654fcdc9f5108a1a50c9e1fb7adf3547c6363fb8521fc8acb42860
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
242a673af4cc2fafffca53660fd392c0f6f4cb62505410c9164543aa584b813a
28fa41d085591cf4cad5171a7882be27ccfaee61d25e36a466c1f966bec49107
294daeb09bb7527cb7ed9dd5cf741886fee18ee4a6d42f3491212ab21a4e7842
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
386d6f209d8deb3b0877dd7f817519cfa3c4a17695f49c2e9dcafeef894933c7
392841e06028f734df3db10b41508241b207f2bc095a85fdbd0b63bf364b58d8
3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
6731c39ea46a2cc377df867d6de2b05511dc6ba907c6de4a996530aae1926f88
7a6bd54c4d2e8a0c3489379d5dabc5ebe77c5db1f1e9ae56c1503a428336b3d0
7af810da2d98bf8c867153f1beee621fb65691735688b739e3f1f5fa42fa1734
7e3ec0c67f5bf42fef4fcd5aa951d52171093cf1fcd16e82e6e34109d3bf6a33
82e587ecca54057eabad78bed2d89c2fb8f4118c3504e6f096215cb72868913e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
89217528ff779a9d3836efde9904ba13979c9cd01666796dabbb1ba533b1126a
98b5b9842ad1cc7cac10b87f24e4643dc7e445f345d2b6bfb4c2608bd9822c5e
9b13786ae23e5ee9d0bdd5c91089d47437f99017891d745b5b65068dc80ba41c
a2e66952d3452502875eb5549732a89aa87967249e4ac164632a29520285a774
a7fbe0ca1f5df9b2d1c13af25e22b31660c28b593e7e32f19d022fd6e888b7db
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
add4706ecd4af2aa66dd8c6b562fc0de7723c503d8fa9835204cca5ecacd204b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0824a6e438ede545cadcc14c8f7517721a70130f03aa705125eb243d38d2025
b357b022e922f2a35bf3d62abf2c447878c4a2da5a90a20932d2353a593ff0c3
b7309eb2f1b162da5bcf04b0689ba57fba93144320d816e9be534bca2c59d05b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcdba32b0ec9165334a21993b78bf77271cc8ce9947ac191c20cb99abd53f111
c184d109e21a7d81a00b6196811413901f9c3dd66e6dc5a52deb53c725e3bfea
c790a6188551550a1397e109c897001131058aeeb303f21bcf4692fbee3055c2
c7c865cb8ee565b90ed64c89ed932b8e6a6607a358ce2b835dc8232d6fbeb729
ce112cd51c939a4323db596b2dcb7bf63984f3986fe0ce37040f189edafdc1c0
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
d16865daf8d5ec0f4c3ab4944892cbf7578ab547c384dca819e8a73560daf3e4
d3bb1e33c59307df21d98f619531ceea674f9e3f71eaf611ec77d7939629a551
d81906590d64db3a88b86d634295f192e01483d452010b9f0ecf04f60f332f3d
d9c4d2469c23aee78eb2d17b6e5133f77b5ae956e127e585bf225e67898cfd3b
db58fbac8304f2548011eeb67657a22780cbc8e81150dc6d9a63b74e303e8f38
e2d0805d60ac6eaa06075b13ffadc5616d4a1b4a1093464ba9b3651430b0456c
e2d5d2a6e6f522c36858459dc619f44cbec6a9074956ead39adaa2b4abf1235c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a34b10956f9d448fa308e0e87ba7cb9c33a73620904a539c43cda7cc7cdb06
ec49db558d859615f59dbdf9122f8ae6f7f8f29b04e2cd0898b3624136e8546c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0180347aaa59315dbec8ed6f465ffe2843a4df4bb6e49a7748604cf5f2ecf4d
fd1cf1295404c5a7d72371d8f60d1622179b736277116f8a18e01e71b687c2a0
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd66be750e667bee5eef8097b1d0135a8167672f0ec1955c513ed151f2cdef99
fed28c43d888467e8fd5222953d2f07ba6a0061eddea914c81e0aca1ad35af2b