my.scouting.org Open in urlscan Pro
54.161.111.173 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://my.scouting.org/
Effective URL:
https://my.scouting.org/
Submission: On March 10 via api (March 10th 2024, 6:25:25 am UTC) from US — Scanned from DE

Summary HTTP 77 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 18 domains to perform 77 HTTP transactions. The main IP is 54.161.111.173, located in United States and belongs to AMAZON-AES, US. The main domain is my.scouting.org. The Cisco Umbrella rank of the primary domain is 270508.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 26th 2023. Valid for: a year.

This is the only time my.scouting.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.159.215.205 54.159.215.205	14618 (AMAZON-AES) (AMAZON-AES)
14	54.161.111.173 54.161.111.173	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400c:c0a::54	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	35.186.247.156 35.186.247.156	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2600:9000:26d... 2600:9000:26da:f800:b:e080:2200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.77.19.23 104.77.19.23	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
77	15

1 54.159.215.205 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-215-205.compute-1.amazonaws.com

my.scouting.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.161.111.173 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-111-173.compute-1.amazonaws.com

my.scouting.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:26da:f800:b:e080:2200:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1yh17eqtjhci0.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.77.19.23 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-19-23.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2089	23 KB
15	scouting.org 1 redirects my.scouting.org — Cisco Umbrella Rank: 270508	2 MB
10	gstatic.com fonts.gstatic.com www.gstatic.com	534 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	741 KB
8	google.com accounts.google.com — Cisco Umbrella Rank: 20 www.google.com — Cisco Umbrella Rank: 2	161 KB
4	cloudfront.net d1yh17eqtjhci0.cloudfront.net	313 KB
2	sentry.io sentry.io — Cisco Umbrella Rank: 160	430 B
2	google.de www.google.de — Cisco Umbrella Rank: 6744	515 B
1	cdn-apple.com appleid.cdn-apple.com — Cisco Umbrella Rank: 3609	17 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	58 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 709	4 KB
0	googleadservices.com Failed www.googleadservices.com Failed
0	doubleclick.net Failed stats.g.doubleclick.net Failed
0	ubembed.com Failed 02cdaf76d4824bd4a783a8c73bd86be2.js.ubembed.com Failed
0	hotjar.com Failed static.hotjar.com Failed
0	sc-static.net Failed sc-static.net Failed
0	pinimg.com Failed s.pinimg.com Failed
0	inspectlet.com Failed cdn.inspectlet.com Failed
77	18

	Domain	Requested by
15	my.scouting.org	1 redirects my.scouting.org
12	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com my.scouting.org
8	www.googletagmanager.com	my.scouting.org www.googletagmanager.com www.google-analytics.com
6	fonts.gstatic.com	my.scouting.org www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	my.scouting.org www.gstatic.com www.google.com
4	d1yh17eqtjhci0.cloudfront.net	my.scouting.org
4	region1.google-analytics.com	www.googletagmanager.com
4	accounts.google.com	my.scouting.org accounts.google.com
2	sentry.io	my.scouting.org
2	www.google.de	my.scouting.org
1	appleid.cdn-apple.com	my.scouting.org
1	connect.facebook.net	www.googletagmanager.com connect.facebook.net
1	unpkg.com	my.scouting.org
0	www.googleadservices.com Failed	www.googletagmanager.com
0	stats.g.doubleclick.net Failed	www.google-analytics.com
0	02cdaf76d4824bd4a783a8c73bd86be2.js.ubembed.com Failed	www.googletagmanager.com
0	static.hotjar.com Failed	www.googletagmanager.com
0	sc-static.net Failed	www.googletagmanager.com
0	s.pinimg.com Failed	www.googletagmanager.com
0	cdn.inspectlet.com Failed	my.scouting.org
77	21

This site contains links to these domains. Also see Links.

Domain
www.scouting.org
myst-public-files.s3.amazonaws.com

Subject Issuer	Validity	Valid
*.scouting.org Entrust Certification Authority - L1K	`2023-06-26` - `2024-07-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-18` - `2024-03-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2024-09-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2024-01-09` - `2024-07-07`	6 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://my.scouting.org/
Frame ID: 2F55D3A6ABB1FA7249A0C4A76276B546
Requests: 68 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?theme=outline&width=140&text=signin&client_id=364170442919-3teb9cg74dt5583vog2brqvnhu8qlkd5.apps.googleusercontent.com&iframe_id=gsi_920778_728335&as=nd5Whfn0%2BzrsMnGswqVSRg
Frame ID: 38188FD952B3B7D897407ADE9C7ED5B8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTJXkUAAAAACKrTWNYerAEFa_rLgSjjCfrBEzt&co=aHR0cHM6Ly9teS5zY291dGluZy5vcmc6NDQz&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&badge=bottomleft&cb=t5apwikf1a22
Frame ID: 158F2F217F0A5F1C8C423207C3199DD6
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Scouting

Page URL History Show full URLs

http://my.scouting.org/ HTTP 301
https://my.scouting.org/ Page URL

Detected technologies

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

77
Requests

87 %
HTTPS

73 %
IPv6

18
Domains

21
Subdomains

15
IPs

4
Countries

4056 kB
Transfer

12627 kB
Size

12
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.scouting.org/legal/privacy-policy/
Title: Review Privacy Policy

Search URL Search Domain Scan URL

URL: https://myst-public-files.s3.amazonaws.com/Google+Sign+in+and+Apple+ID+for+MYST.pdf
Title: Using Google or Apple Login

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://my.scouting.org/ HTTP 301
https://my.scouting.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
my.scouting.org/
Redirect Chain

http://my.scouting.org/
https://my.scouting.org/

2 KB
2 KB

371ms
97ms

Document
text/html

54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.scouting.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-111-173.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9932e59f2494976522ab408c76c39c6e522865fc6995073da6576ae50fe2172f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Origin: SAMEORIGIN
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 850
Content-Security-Policy: default-src 'self'; img-src * data:; connect-src 'self' *.googleapis.com *.scouting.org https://accounts.google.com/gsi/status *.google-analytics.com *.wepay.com https://analytics.google.com https://maps.googleapis.com *.amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com *.melissadata.net *.gstatic.com sentry.io *.chasepaymentech.com https://www.chasepaymentechhostedpay.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' https://reports.scouting.org *.google.com *.wepayapi.com *.wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js *.wepay.com *.googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' *; font-src * data:;
Content-Type: text/html
Date: Sun, 10 Mar 2024 06:25:19 GMT
Last-Modified: Wed, 06 Mar 2024 22:01:42 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 150
Content-Type: text/html
Date: Sun, 10 Mar 2024 06:25:18 GMT
Location: https://my.scouting.org/
Server: nginx
Strict-Transport-Security: max-age=31536000

GET
H2 200 index.css
unpkg.com/@ant-design/compatible@1.0.2/assets/ 24 KB
4 KB 47ms
26ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@ant-design/compatible@1.0.2/assets/index.css

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ddd8e09f84d8a9019e091b870349867f49b4d9d799436a49749d355938139c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:19 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3154708
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HNNG0WRQ5DDS8GTV8TAG0APB-fra
server: cloudflare
etag: W/"5f9b-W1JTv8slkZ/9Mqzh7xqFRr9YsAo"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 86213a1078e21913-FRA

GET
H/1.1 200
OK vendors.d57b604598a12e332ba1.css
my.scouting.org/ 981 KB
303 KB 194ms
194ms Stylesheet
text/css 54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.scouting.org/vendors.d57b604598a12e332ba1.css?b367248887b9cb0fb5b5

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-111-173.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6ac578bb9d53919c22f0b798e29e095b85fb8ce79f5a69324092beed27003576

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; img-src * data:; connect-src 'self' *.googleapis.com *.scouting.org https://accounts.google.com/gsi/status *.google-analytics.com *.wepay.com https://analytics.google.com https://maps.googleapis.com *.amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com *.melissadata.net *.gstatic.com sentry.io *.chasepaymentech.com https://www.chasepaymentechhostedpay.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' https://reports.scouting.org *.google.com *.wepayapi.com *.wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js *.wepay.com *.googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' *; font-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 10 Mar 2024 06:25:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000
transfer-encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Mar 2024 22:01:42 GMT
Server: nginx
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,api-key,ocs-xhr,BSA-session,ocs-path,ocs-time,PersonId,BSA-time,BSA-path,Attempt,ReturnAll

GET
H/1.1 200
OK main.143c83b4f988d840bc74.css
my.scouting.org/ 30 KB
20 KB 367ms
185ms Stylesheet
text/css 54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.scouting.org/main.143c83b4f988d840bc74.css?b367248887b9cb0fb5b5

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-111-173.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c9d2c95bc2bbac7a1535085b57896f0c095ee072ed5678221dcbd94fc01c04fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; img-src * data:; connect-src 'self' *.googleapis.com *.scouting.org https://accounts.google.com/gsi/status *.google-analytics.com *.wepay.com https://analytics.google.com https://maps.googleapis.com *.amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com *.melissadata.net *.gstatic.com sentry.io *.chasepaymentech.com https://www.chasepaymentechhostedpay.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' https://reports.scouting.org *.google.com *.wepayapi.com *.wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js *.wepay.com *.googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' *; font-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 10 Mar 2024 06:25:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000
Connection: keep-alive
Content-Length: 18466
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Mar 2024 22:01:42 GMT
Server: nginx
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,api-key,ocs-xhr,BSA-session,ocs-path,ocs-time,PersonId,BSA-time,BSA-path,Attempt,ReturnAll

GET
H2 200 client Show response
accounts.google.com/gsi/ 215 KB
83 KB 67ms
28ms Script
application/javascript 2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

343364f41373bb7fbd4b219315705f1816e720b11defb8a6846a342f476b6495

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-DwfbgJvCD78RxAwu73llJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-DwfbgJvCD78RxAwu73llJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 10 Mar 2024 06:25:19 GMT

GET
H/1.1 200
OK runtime-b367248887b9cb0fb5b5.js Show response
my.scouting.org/ 10 KB
7 KB 281ms
100ms Script
application/javascript 54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.scouting.org/runtime-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-111-173.compute-1.amazonaws.com

Software

nginx /

Resource Hash

333fd1bcfa25d317b0a799b5638ae5dbbea7847d7531ae37e70a84a6d4d2ef5c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; img-src * data:; connect-src 'self' *.googleapis.com *.scouting.org https://accounts.google.com/gsi/status *.google-analytics.com *.wepay.com https://analytics.google.com https://maps.googleapis.com *.amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com *.melissadata.net *.gstatic.com sentry.io *.chasepaymentech.com https://www.chasepaymentechhostedpay.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' https://reports.scouting.org *.google.com *.wepayapi.com *.wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js *.wepay.com *.googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' *; font-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 10 Mar 2024 06:25:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000
Connection: keep-alive
Content-Length: 5067
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Mar 2024 22:01:41 GMT
Server: nginx
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,api-key,ocs-xhr,BSA-session,ocs-path,ocs-time,PersonId,BSA-time,BSA-path,Attempt,ReturnAll

GET
H/1.1 200
OK vendors-b367248887b9cb0fb5b5.js Show response
my.scouting.org/ 6 MB
2 MB 367ms
186ms Script
application/javascript 54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.scouting.org/vendors-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-111-173.compute-1.amazonaws.com

Software

nginx /

Resource Hash

86f11ac70f5e5d6487e65ccfb8e13418cecd76d6f0103b7b651288edd8cc63da

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; img-src * data:; connect-src 'self' *.googleapis.com *.scouting.org https://accounts.google.com/gsi/status *.google-analytics.com *.wepay.com https://analytics.google.com https://maps.googleapis.com *.amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com *.melissadata.net *.gstatic.com sentry.io *.chasepaymentech.com https://www.chasepaymentechhostedpay.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' https://reports.scouting.org *.google.com *.wepayapi.com *.wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js *.wepay.com *.googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' *; font-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 10 Mar 2024 06:25:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000
transfer-encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Mar 2024 22:01:41 GMT
Server: nginx
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,api-key,ocs-xhr,BSA-session,ocs-path,ocs-time,PersonId,BSA-time,BSA-path,Attempt,ReturnAll

GET
H/1.1 200
OK main-b367248887b9cb0fb5b5.js Show response
my.scouting.org/ 597 KB
130 KB 520ms
340ms Script
application/javascript 54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.scouting.org/main-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-111-173.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3f8d7073c3d19fbee2271c316fd5b6d649eaef37b0d9f7919065932a9f82d0a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; img-src * data:; connect-src 'self' *.googleapis.com *.scouting.org https://accounts.google.com/gsi/status *.google-analytics.com *.wepay.com https://analytics.google.com https://maps.googleapis.com *.amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com *.melissadata.net *.gstatic.com sentry.io *.chasepaymentech.com https://www.chasepaymentechhostedpay.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' https://reports.scouting.org *.google.com *.wepayapi.com *.wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js *.wepay.com *.googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' *; font-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 10 Mar 2024 06:25:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000
transfer-encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Mar 2024 22:01:41 GMT
Server: nginx
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,api-key,ocs-xhr,BSA-session,ocs-path,ocs-time,PersonId,BSA-time,BSA-path,Attempt,ReturnAll

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 356 KB
114 KB 66ms
45ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5P4DF

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fb272d5873a3ab9a3a122ae7e7eb683fe1277a6769ce05351abbb2b0cbd8df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 116184
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Mar 2024 06:25:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 298 KB
103 KB 47ms
26ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K58PN23

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3233d2105f359be08a4bea29a5d556d9e4b6150478427b70ca3e4978cbe224da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105494
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Mar 2024 06:25:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
93 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FZTE8M991V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K58PN23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b91aac268e3e617670e1d5aed030264b7b217adad86587a4bdf3e6066d4e25e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Mar 2024 06:25:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K58PN23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 10 Mar 2024 06:25:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: hyAPTaSFIivU44nWVDqnw+t3B7qs9WmE9MdMkLnwbTFzeYgXFJNQKp+PFSl0+2syOiBJB/WQEVoVR4slRkMh/w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K58PN23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 10 Mar 2024 05:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2231
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 10 Mar 2024 07:48:08 GMT

GET inspectlet.js
cdn.inspectlet.com/ 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
97 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-20G0JHESG4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5P4DF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a456aa6bb853fe1458d687a6013a2f2278b947713cfda1636e369533ccb6fde9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99561
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Mar 2024 06:25:19 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
97 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-61ZEHCVHHS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5P4DF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fbc25d4c75a6cb2c42131c5f99a819c580b83615bd50d6289e79c5913c04fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99740
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Mar 2024 06:25:19 GMT

GET core.js
s.pinimg.com/ct/ 0
0

GET scevent.min.js
sc-static.net/ 0
0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 204 KB
75 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-789476713&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5P4DF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f22cfa8a70af5f61b19679c886a8e3da0863c5256059a317a870a0df3c03e857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76289
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Mar 2024 06:25:19 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-939864618&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5P4DF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d0030406718bd150c507d3ae606f5173bd5057f63f4d4ad2d79ca354488d652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79192
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Mar 2024 06:25:19 GMT

GET hotjar-2401577.js
static.hotjar.com/c/ 0
0

GET /
02cdaf76d4824bd4a783a8c73bd86be2.js.ubembed.com/ 0
0

GET
H2 200 style
accounts.google.com/gsi/ 533 B
586 B 30ms
30ms Stylesheet
text/css 2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-SDxu-UmF9kqFqw4R-1TNVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-SDxu-UmF9kqFqw4R-1TNVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 10 Mar 2024 06:25:19 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 05:51:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 10 Mar 2024 06:51:30 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
147 B 16ms
15ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2094089923&t=pageview&_s=1&dl=https%3A%2F%2Fmy.scouting.org%2F&ul=en-us&de=UTF-8&dt=My%20Scouting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAjAAAAAC~&jid=788713082&gjid=1950278735&cid=2101229438.1710051920&tid=UA-2638006-44&_gid=1611968059.1710051920&_r=1&_slc=1&gtm=45He4360n81K58PN23v77398048za220&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1922067731

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.scouting.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 06:25:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.scouting.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2094089923&t=pageview&_s=1&dl=https%3A%2F%2Fmy.scouting.org%2F&ul=en-us&de=UTF-8&dt=My%20Scouting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAAjAAAAAC~&jid=&gjid=&cid=2101229438.1710051920&tid=UA-2638006-44&_gid=1611968059.1710051920&gtm=45He4360n71N5P4DFv72742181za220&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=73339785

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 09:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76777
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 34ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FZTE8M991V&gtm=45je4360v9115687849z877398048za200&_p=1710051919465&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2101229438.1710051920&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fmy.scouting.org%2F&dr=&dt=My%20Scouting&sid=1710051919&sct=1&seg=0&en=page_view&_fv=1&_ss=1&epn.page_content_reading_time=3.84&epn.page_content_grade_level=17&ep.page_load_time=&ep.debug_mode=true&ep.page=%2F&ep.page_url=my.scouting.org%2F&tfd=1188
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FZTE8M991V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 06:25:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.scouting.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
stats.g.doubleclick.net/j/ 0
0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2094089923&t=pageview&_s=1&dl=https%3A%2F%2Fmy.scouting.org%2F&dp=%2F&ul=en-us&de=UTF-8&dt=My%20Scouting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEAjBAAAACAAI~&jid=497021644&gjid=869587989&cid=2101229438.1710051920&tid=UA-2638006-46&_gid=1611968059.1710051920&_r=1&_slc=1&gtm=45He4360n71N5P4DFv72742181za220&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&cd1=gtm.js&npa=1&z=575752716

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.scouting.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 06:25:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.scouting.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 14ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2094089923&t=pageview&_s=1&dl=https%3A%2F%2Fmy.scouting.org%2F&dp=my.scouting.org&ul=en-us&de=UTF-8&dt=My%20Scouting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHACEAjBAAAACAAI~&jid=2134584629&gjid=689128926&cid=2101229438.1710051920&tid=UA-90648951-2&_gid=1611968059.1710051920&_r=1&_slc=1&gtm=45He4360n71N5P4DFv72742181za220&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=656430809

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

95d86a7bdc586a5d7471f640603105ef2a9e2a2859d368984b426c5f9c630f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.scouting.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 06:25:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.scouting.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 359778478146451
connect.facebook.net/signals/config/ 0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-20G0JHESG4&gtm=45je4360v875113745z872742181za220&_p=1710051919465&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2101229438.1710051920&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fmy.scouting.org%2F&dr=&dt=My%20Scouting&sid=1710051919&sct=1&seg=0&en=page_view&_fv=1&_ss=1&epn.page_content_reading_time=8.15&epn.page_content_grade_level=40&ep.page_load_time=&ep.debug_mode=true&ep.page_url=my.scouting.org%2F&ep.page=%2F&tfd=1233
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-20G0JHESG4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 06:25:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.scouting.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 40ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-61ZEHCVHHS&cid=2101229438.1710051920&gtm=45je4360v9123716439z872742181za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1700122421

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 06:25:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
stats.g.doubleclick.net/j/ 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LCGK7QTBFT&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b252e731fa67933636c245db745ae93c073966aabc73d4551a5a811d89c1cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86141
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Mar 2024 06:25:19 GMT

GET /
www.googleadservices.com/pagead/conversion/939864618/ 0
0

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LCGK7QTBFT&cid=2101229438.1710051920&gtm=45je4360v9125903558za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1&z=549727812

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 06:25:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
sentry.io/api/1236108/envelope/ 2 B
324 B 142ms
122ms Fetch
application/json 35.186.247.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1236108/envelope/?sentry_key=0b9a8ad2e4d64200b8f0addf89159b5a&sentry_version=7&sentry_client=sentry.javascript.react%2F7.61.1

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/vendors-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.247.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://my.scouting.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 10 Mar 2024 06:25:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H/1.1 200
OK 3247.js Show response
my.scouting.org/ 16 KB
5 KB 101ms
101ms Script
application/javascript 54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.scouting.org/3247.js

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/runtime-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-111-173.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f8a5577597ab049dba2fbfc501ef7138ac68e9a8ce0425a84eeae271bf251ca3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; img-src * data:; connect-src 'self' *.googleapis.com *.scouting.org https://accounts.google.com/gsi/status *.google-analytics.com *.wepay.com https://analytics.google.com https://maps.googleapis.com *.amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com *.melissadata.net *.gstatic.com sentry.io *.chasepaymentech.com https://www.chasepaymentechhostedpay.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' https://reports.scouting.org *.google.com *.wepayapi.com *.wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js *.wepay.com *.googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' *; font-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 10 Mar 2024 06:25:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000
Connection: keep-alive
Content-Length: 3474
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Mar 2024 22:01:41 GMT
Server: nginx
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,api-key,ocs-xhr,BSA-session,ocs-path,ocs-time,PersonId,BSA-time,BSA-path,Attempt,ReturnAll

GET
H/1.1 200
OK 3209.js Show response
my.scouting.org/ 11 KB
5 KB 95ms
95ms Script
application/javascript 54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.scouting.org/3209.js

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/runtime-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-111-173.compute-1.amazonaws.com

Software

nginx /

Resource Hash

764a48085c2a45b4d0866c9e7e7738bd9d9066165c11d2d83e385740dbf35afb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; img-src * data:; connect-src 'self' *.googleapis.com *.scouting.org https://accounts.google.com/gsi/status *.google-analytics.com *.wepay.com https://analytics.google.com https://maps.googleapis.com *.amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com *.melissadata.net *.gstatic.com sentry.io *.chasepaymentech.com https://www.chasepaymentechhostedpay.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' https://reports.scouting.org *.google.com *.wepayapi.com *.wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js *.wepay.com *.googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' *; font-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 10 Mar 2024 06:25:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000
Connection: keep-alive
Content-Length: 3283
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Mar 2024 22:01:41 GMT
Server: nginx
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,api-key,ocs-xhr,BSA-session,ocs-path,ocs-time,PersonId,BSA-time,BSA-path,Attempt,ReturnAll

GET
H/1.1 200
OK 9341.js Show response
my.scouting.org/ 21 KB
7 KB 97ms
97ms Script
application/javascript 54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.scouting.org/9341.js

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/runtime-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-111-173.compute-1.amazonaws.com

Software

nginx /

Resource Hash

857039aaa072569b48e647c28b141ebae73f7d8d0ec73a9e99f02c4edd02cd01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; img-src * data:; connect-src 'self' *.googleapis.com *.scouting.org https://accounts.google.com/gsi/status *.google-analytics.com *.wepay.com https://analytics.google.com https://maps.googleapis.com *.amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com *.melissadata.net *.gstatic.com sentry.io *.chasepaymentech.com https://www.chasepaymentechhostedpay.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' https://reports.scouting.org *.google.com *.wepayapi.com *.wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js *.wepay.com *.googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' *; font-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 10 Mar 2024 06:25:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000
Connection: keep-alive
Content-Length: 5616
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Mar 2024 22:01:41 GMT
Server: nginx
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,api-key,ocs-xhr,BSA-session,ocs-path,ocs-time,PersonId,BSA-time,BSA-path,Attempt,ReturnAll

GET
H/1.1 200
OK 7890.0df209200ce9a49048da.css
my.scouting.org/ 9 KB
4 KB 96ms
96ms Stylesheet
text/css 54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.scouting.org/7890.0df209200ce9a49048da.css

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/runtime-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-111-173.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8d3ab13703db2740abeed419a4f8ef0f9f3f9978211b9dbc9d6747b5db3cc583

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; img-src * data:; connect-src 'self' *.googleapis.com *.scouting.org https://accounts.google.com/gsi/status *.google-analytics.com *.wepay.com https://analytics.google.com https://maps.googleapis.com *.amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com *.melissadata.net *.gstatic.com sentry.io *.chasepaymentech.com https://www.chasepaymentechhostedpay.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' https://reports.scouting.org *.google.com *.wepayapi.com *.wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js *.wepay.com *.googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' *; font-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 10 Mar 2024 06:25:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000
Connection: keep-alive
Content-Length: 2324
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Mar 2024 22:01:42 GMT
Server: nginx
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,api-key,ocs-xhr,BSA-session,ocs-path,ocs-time,PersonId,BSA-time,BSA-path,Attempt,ReturnAll

GET
H/1.1 200
OK 7890.js Show response
my.scouting.org/ 46 KB
15 KB 99ms
99ms Script
application/javascript 54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://my.scouting.org/7890.js

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/runtime-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-111-173.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3b5b2bcb9cdf295498f602c0da2dbf09d54f3f6daed92de918607c48162587bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; img-src * data:; connect-src 'self' *.googleapis.com *.scouting.org https://accounts.google.com/gsi/status *.google-analytics.com *.wepay.com https://analytics.google.com https://maps.googleapis.com *.amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com *.melissadata.net *.gstatic.com sentry.io *.chasepaymentech.com https://www.chasepaymentechhostedpay.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' https://reports.scouting.org *.google.com *.wepayapi.com *.wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js *.wepay.com *.googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' *; font-src * data:;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 10 Mar 2024 06:25:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000
Connection: keep-alive
Content-Length: 13440
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Mar 2024 22:01:41 GMT
Server: nginx
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,api-key,ocs-xhr,BSA-session,ocs-path,ocs-time,PersonId,BSA-time,BSA-path,Attempt,ReturnAll

GET
H2 200 KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v30/ 35 KB
21 KB 28ms
7ms Font
font/ttf 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/vendors.d57b604598a12e332ba1.css?b367248887b9cb0fb5b5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.scouting.org/
Origin: https://my.scouting.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 20:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20776
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Mar 2025 20:35:35 GMT

GET
H2 200 ui.min.css
d1yh17eqtjhci0.cloudfront.net/ 9 KB
10 KB 86ms
17ms Stylesheet
text/css 2600:9000:26da:f800:b:e080:2200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1yh17eqtjhci0.cloudfront.net/ui.min.css
Requested by: Host: my.scouting.org
URL: https://my.scouting.org/main-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:f800:b:e080:2200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79961b4e422de84abadb575d8fa9ca3f1acb5951f18b827f8767d347789b3170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: PEIhYPiWrsCOdSonuMtczCO.tKBrIxrY
date: Sun, 10 Mar 2024 06:25:20 GMT
via: 1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 16:02:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 15283
etag: "267b560eb60724234fc4f97dd31affa2"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 9639
x-amz-cf-id: P7CpUWrIxDWPZWRfQKbE1qUkJuASkG3DQRdcYMgs2ntQFcRCII3UqA==

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 42 KB
17 KB 200ms
41ms Script
application/javascript 104.77.19.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/7890.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.77.19.23 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-19-23.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Sun, 10 Mar 2024 06:25:20 GMT
Last-Modified: Wed, 28 Feb 2024 19:03:23 GMT
Server: Apple
ETag: W/"43171-1709147003584"
Vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17356

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc9.ttf
fonts.gstatic.com/s/roboto/v30/ 36 KB
21 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc9.ttf

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/vendors.d57b604598a12e332ba1.css?b367248887b9cb0fb5b5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ceb245a8f768b65c2ae250d96f5457b96e9537326da2feb2310b707736817aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.scouting.org/
Origin: https://my.scouting.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 21:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20948
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Mar 2025 21:08:47 GMT

GET
H2 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rm.ttf
fonts.gstatic.com/s/robotoslab/v34/ 27 KB
18 KB 11ms
10ms Font
font/ttf 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rm.ttf

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/vendors.d57b604598a12e332ba1.css?b367248887b9cb0fb5b5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e1c95b2ce70630bff8681353f87dd7a50eb1c86f6371eb5d451d824bc643d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.scouting.org/
Origin: https://my.scouting.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 02:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18125
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:50:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Mar 2025 02:43:26 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/vendors-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

359f1bb96cec382277bd9723294f7378ecaf24dd6d356f731bafbc49ff6dcdb6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 10 Mar 2024 06:25:20 GMT

GET
H2 200 ui.min.js Show response
d1yh17eqtjhci0.cloudfront.net/ 299 KB
300 KB 438ms
438ms Script
application/javascript 2600:9000:26da:f800:b:e080:2200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1yh17eqtjhci0.cloudfront.net/ui.min.js
Requested by: Host: my.scouting.org
URL: https://my.scouting.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:f800:b:e080:2200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5557573a812bdbd6ba65e8dce865eef896abb787d715eaf389eddc3a087ae9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: F4hesqGPk0r32Y6.5CmDxpJyv4xR34p9
date: Sun, 10 Mar 2024 06:25:22 GMT
via: 1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 16:02:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
etag: "49a94e11cf020f0bccab2e7aea545d9f"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 306330
x-amz-cf-id: yKo1uG23nNvt3C1EmjWaEh9lT_a5GE5DMKE_157B5xiuhcfDjZdJYA==

GET
H/1.1 401
Unauthorized current Show response
my.scouting.org/api/users/self_72254a8e-1440-11e9-ab14-d663bd873d93/sessions/ 390 B
1 KB 99ms
99ms Fetch
application/json 54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://my.scouting.org/api/users/self_72254a8e-1440-11e9-ab14-d663bd873d93/sessions/current
Requested by: Host: my.scouting.org
URL: https://my.scouting.org/vendors-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-111-173.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e13b9dfd16a3a0ce767b359ff9a81290e2cc75e796ab31510ff3916385fbd0a6

Request headers

Accept: application/json; version=1
Referer: https://my.scouting.org/
accept-language: de-DE,de;q=0.9
baggage: sentry-environment=my.scouting.org,sentry-release=29025b3372d53266be0293e375914a9db49afee3%0A,sentry-public_key=0b9a8ad2e4d64200b8f0addf89159b5a,sentry-trace_id=608924f712ee4185aa58c663bcc2ac5c,sentry-sample_rate=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
sentry-trace: 608924f712ee4185aa58c663bcc2ac5c-ba92ba86dd4f40fd-1
Content-Type: application/json

Response headers

Date: Sun, 10 Mar 2024 06:25:20 GMT
www-authenticate: simple-jwt-token-header realm="BSA Authentication (token is required)", simple-jwt-token-form realm="BSA Authentication (token is required)", Bearer, cookie realm="BSA Authentication (SessionToken is required)"
Server: nginx
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: no-cache
Access-Control-Allow-Credentials: false
vary: accept-encoding
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,api-key,ocs-xhr,BSA-session,ocs-path,ocs-time,PersonId,BSA-time,BSA-path,Attempt,ReturnAll
Content-Length: 390

GET
H3 200 button Show response
accounts.google.com/gsi/ Frame 3818 115 KB
41 KB 85ms
84ms Document
text/html 2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/button?theme=outline&width=140&text=signin&client_id=364170442919-3teb9cg74dt5583vog2brqvnhu8qlkd5.apps.googleusercontent.com&iframe_id=gsi_920778_728335&as=nd5Whfn0%2BzrsMnGswqVSRg

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1d2b556ce0d99743d52b80f8e2efccd889e5e1bc75d411b2b232fe11bc76d28

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-XWG5WrZXGhSf-Kbas6s-cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.scouting.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-XWG5WrZXGhSf-Kbas6s-cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: same-site
date: Sun, 10 Mar 2024 06:25:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK bsa-primary.png
my.scouting.org/ 34 KB
36 KB 95ms
94ms Image
image/png 54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.scouting.org/bsa-primary.png

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-111-173.compute-1.amazonaws.com

Software

nginx /

Resource Hash

021fd36b8716094b8ae908a266a8cb9acf84da1dad4f2fbf005bef2bee3baa23

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; img-src * data:; connect-src 'self' *.googleapis.com *.scouting.org https://accounts.google.com/gsi/status *.google-analytics.com *.wepay.com https://analytics.google.com https://maps.googleapis.com *.amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com *.melissadata.net *.gstatic.com sentry.io *.chasepaymentech.com https://www.chasepaymentechhostedpay.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' https://reports.scouting.org *.google.com *.wepayapi.com *.wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js *.wepay.com *.googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' *; font-src * data:;
Date: Sun, 10 Mar 2024 06:25:20 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000
Connection: keep-alive
Content-Length: 34827
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Mar 2024 22:01:41 GMT
Server: nginx
ETag: "65e8e7c5-880b"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,api-key,ocs-xhr,BSA-session,ocs-path,ocs-time,PersonId,BSA-time,BSA-path,Attempt,ReturnAll

GET
H/1.1 200
OK bgrd-image.jpg
my.scouting.org/ 52 KB
54 KB 95ms
95ms Image
image/jpeg 54.161.111.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.scouting.org/bgrd-image.jpg

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.111.173 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-111-173.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b6a8f5045aa5904cc1ae5fd186b2f7f080e1d7e0c359cdebc3b8346d722145a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; img-src * data:; connect-src 'self' *.googleapis.com *.scouting.org https://accounts.google.com/gsi/status *.google-analytics.com *.wepay.com https://analytics.google.com https://maps.googleapis.com *.amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com *.melissadata.net *.gstatic.com sentry.io *.chasepaymentech.com https://www.chasepaymentechhostedpay.com *.google-analytics.com *.hotjar.com *.hotjar.io; frame-src 'self' https://reports.scouting.org *.google.com *.wepayapi.com *.wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js *.wepay.com *.googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' *; font-src * data:;
Date: Sun, 10 Mar 2024 06:25:20 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000
Connection: keep-alive
Content-Length: 53705
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 06 Mar 2024 22:01:41 GMT
Server: nginx
ETag: "65e8e7c5-d1c9"
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,api-key,ocs-xhr,BSA-session,ocs-path,ocs-time,PersonId,BSA-time,BSA-path,Attempt,ReturnAll

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ 490 KB
195 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.scouting.org/
Origin: https://my.scouting.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 04:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199059
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Mar 2025 04:35:20 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 158F 45 KB
28 KB 31ms
31ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTJXkUAAAAACKrTWNYerAEFa_rLgSjjCfrBEzt&co=aHR0cHM6Ly9teS5zY291dGluZy5vcmc6NDQz&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&badge=bottomleft&cb=t5apwikf1a22

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c772a3a01713bf1d82f7d2ecd0beffbbc444e2a37a082720dbc7383eeafc300e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zkcYKqPDvLfw4-v8lLFcnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.scouting.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zkcYKqPDvLfw4-v8lLFcnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Mar 2024 06:25:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyw.ttf
fonts.gstatic.com/s/googlesans/v58/ Frame 3818 57 KB
29 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyw.ttf

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bb6585b06b56d32aa48ac85f698aea00a96b5e32b944c9fba5022cd90f97dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
Origin: https://accounts.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 02:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29438
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 02:29:48 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 158F 55 KB
24 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTJXkUAAAAACKrTWNYerAEFa_rLgSjjCfrBEzt&co=aHR0cHM6Ly9teS5zY291dGluZy5vcmc6NDQz&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&badge=bottomleft&cb=t5apwikf1a22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Mar 2025 06:10:45 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 158F 490 KB
194 KB 24ms
10ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 04:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199059
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 05:02:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Mar 2025 04:35:20 GMT

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 051817b866747bfeb73513ae13aa611f901626f8c602ffe70de4309ff0205aca

Request headers

Referer
Origin: https://my.scouting.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response
www.google.com/js/bg/ Frame 158F 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTJXkUAAAAACKrTWNYerAEFa_rLgSjjCfrBEzt&co=aHR0cHM6Ly9teS5zY291dGluZy5vcmc6NDQz&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&badge=bottomleft&cb=t5apwikf1a22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6933
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Mar 2025 06:16:12 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 158F 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 14:54:26 GMT
x-content-type-options: nosniff
age: 487855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Mar 2024 14:54:26 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 158F 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 471182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 19:32:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 158F 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 14:26:30 GMT
x-content-type-options: nosniff
age: 230331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Mar 2025 14:26:30 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 158F 102 B
135 B 16ms
15ms Other
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91e9008a809223ca505257c7cb9232b7bf13e7fbf45e3f6dd2cfca538e7141eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTJXkUAAAAACKrTWNYerAEFa_rLgSjjCfrBEzt&co=aHR0cHM6Ly9teS5zY291dGluZy5vcmc6NDQz&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&badge=bottomleft&cb=t5apwikf1a22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 10 Mar 2024 06:25:21 GMT

GET
H2 200 ffb48f5d29363c2dfd01d27e346ebb6e.png
d1yh17eqtjhci0.cloudfront.net/ 2 KB
3 KB 27ms
26ms Image
image/png 2600:9000:26da:f800:b:e080:2200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1yh17eqtjhci0.cloudfront.net/ffb48f5d29363c2dfd01d27e346ebb6e.png
Requested by: Host: my.scouting.org
URL: https://my.scouting.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:f800:b:e080:2200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcba7c7aa08f3cf73ca18ec21066454ec21b0205a1df3cc30a628c7240434521

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: i39IgVQRFL1eruu4akZCsxafhq_mQ1rG
date: Sun, 10 Mar 2024 06:25:21 GMT
via: 1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 16:02:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 493
etag: "f5a21999da3ba89be8793db4d0bc2e98"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2325
x-amz-cf-id: l5DveFt4flLtxqqDq2xI98PO6Kw5-N1apY3bt_2Tvc8xAfBaNwBFlg==

GET
H2 200 640111aade8c1c9c8b375b80d99976f9.svg
d1yh17eqtjhci0.cloudfront.net/ 281 B
649 B 25ms
25ms Image
image/svg+xml 2600:9000:26da:f800:b:e080:2200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1yh17eqtjhci0.cloudfront.net/640111aade8c1c9c8b375b80d99976f9.svg
Requested by: Host: my.scouting.org
URL: https://my.scouting.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:f800:b:e080:2200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cde4b4e3998e7c738058163b329d1424c92b4db6c5bffaf6fd3b134da7622fcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: X1IstudqsYIEIWDTMM63H8JYLytmLmvH
date: Sun, 10 Mar 2024 06:25:21 GMT
via: 1.1 3c2c38b11de7f29e091125f84ca68d28.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 16:02:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 493
etag: "8e0e0543a94bc8253421650d941d3d5f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 281
x-amz-cf-id: K61s2QSttNQjK22UR6T41C85WtdO-At0_mDrjzyn_8Aswj8XK8BGUQ==

GET
H3 200 status Show response
accounts.google.com/gsi/ 40 B
94 B 38ms
38ms XHR
application/json 2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=364170442919-3teb9cg74dt5583vog2brqvnhu8qlkd5.apps.googleusercontent.com&as=nd5Whfn0%2BzrsMnGswqVSRg

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/vendors-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d65781ae6c4e91d514c9d05e0b09ffd60e072b816253246b156f9091ded98853

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-P4erHH_GxpQp2WGwuzscUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 06:25:21 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-P4erHH_GxpQp2WGwuzscUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://my.scouting.org
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2094089923&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmy.scouting.org%2F&ul=en-us&de=UTF-8&dt=My%20Scouting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=%2F&el=10&ev=10&_u=aGHACEAjBAAAACAAI~&jid=&gjid=&cid=2101229438.1710051920&tid=UA-2638006-44&_gid=1611968059.1710051920&gtm=45He4360n81K58PN23v77398048za220&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2020065223

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 09:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76779
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2094089923&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmy.scouting.org%2F&ul=en-us&de=UTF-8&dt=My%20Scouting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=%2F&el=25&ev=25&_u=aGHACEAjBAAAACAAI~&jid=&gjid=&cid=2101229438.1710051920&tid=UA-2638006-44&_gid=1611968059.1710051920&gtm=45He4360n81K58PN23v77398048za220&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=788621841

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 09:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76779
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
10ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2094089923&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmy.scouting.org%2F&ul=en-us&de=UTF-8&dt=My%20Scouting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=%2F&el=50&ev=50&_u=aGHACEAjBAAAACAAI~&jid=&gjid=&cid=2101229438.1710051920&tid=UA-2638006-44&_gid=1611968059.1710051920&gtm=45He4360n81K58PN23v77398048za220&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1962530060

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 09:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76779
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
11ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2094089923&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmy.scouting.org%2F&ul=en-us&de=UTF-8&dt=My%20Scouting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=%2F&el=75&ev=75&_u=aGHACEAjBAAAACAAI~&jid=&gjid=&cid=2101229438.1710051920&tid=UA-2638006-44&_gid=1611968059.1710051920&gtm=45He4360n81K58PN23v77398048za220&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=774477441

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 09:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76779
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2094089923&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmy.scouting.org%2F&ul=en-us&de=UTF-8&dt=My%20Scouting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=%2F&el=90&ev=90&_u=aGHACEAjBAAAACAAI~&jid=&gjid=&cid=2101229438.1710051920&tid=UA-2638006-44&_gid=1611968059.1710051920&gtm=45He4360n81K58PN23v77398048za220&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=389858149

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 09:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76779
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2094089923&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmy.scouting.org%2F&ul=en-us&de=UTF-8&dt=My%20Scouting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=%2F&el=100&ev=100&_u=aGHACEAjBAAAACAAI~&jid=&gjid=&cid=2101229438.1710051920&tid=UA-2638006-44&_gid=1611968059.1710051920&gtm=45He4360n81K58PN23v77398048za220&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1930631405

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 09:05:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76779
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
sentry.io/api/1236108/envelope/ 41 B
106 B 305ms
305ms Fetch
application/json 35.186.247.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1236108/envelope/?sentry_key=0b9a8ad2e4d64200b8f0addf89159b5a&sentry_version=7&sentry_client=sentry.javascript.react%2F7.61.1

Requested by

Host: my.scouting.org
URL: https://my.scouting.org/vendors-b367248887b9cb0fb5b5.js?b367248887b9cb0fb5b5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

156.247.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

73dfe2b0697e0f2df9e534a1df04c3bb1e25790756a489c08f156d0603b3f8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://my.scouting.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 10 Mar 2024 06:25:22 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 15ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FZTE8M991V&gtm=45je4360v9115687849za200&_p=1710051919465&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2101229438.1710051920&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&dl=https%3A%2F%2Fmy.scouting.org%2F&dr=&dt=My%20Scouting&sid=1710051919&sct=1&seg=0&en=scroll&epn.page_content_reading_time=3.84&epn.page_content_grade_level=17&ep.page_load_time=&ep.debug_mode=true&ep.page=%2F&ep.page_url=my.scouting.org%2F&epn.percent_scrolled=90&_et=9&tfd=6197
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FZTE8M991V&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 06:25:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.scouting.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-20G0JHESG4&gtm=45je4360v875113745za220&_p=1710051919465&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2101229438.1710051920&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&dl=https%3A%2F%2Fmy.scouting.org%2F&dr=&dt=My%20Scouting&sid=1710051919&sct=1&seg=0&en=scroll&epn.page_content_reading_time=8.15&epn.page_content_grade_level=40&ep.page_load_time=&ep.debug_mode=true&ep.page_url=my.scouting.org%2F&ep.page=%2F&epn.percent_scrolled=90&_et=30&tfd=6264
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-20G0JHESG4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.scouting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 06:25:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.scouting.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.inspectlet.com
URL: https://cdn.inspectlet.com/inspectlet.js?wid=198079202&r=475014

Domain: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js

Domain: sc-static.net
URL: https://sc-static.net/scevent.min.js

Domain: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2401577.js?sv=7

Domain: 02cdaf76d4824bd4a783a8c73bd86be2.js.ubembed.com
URL: https://02cdaf76d4824bd4a783a8c73bd86be2.js.ubembed.com/

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2638006-44&cid=2101229438.1710051920&jid=788713082&gjid=1950278735&_gid=1611968059.1710051920&npa=1&_u=YEBAAAAiAAAAAC~&z=105105595

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/359778478146451?v=2.9.148&r=stable&domain=my.scouting.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2638006-46&cid=2101229438.1710051920&jid=497021644&gjid=869587989&_gid=1611968059.1710051920&npa=1&_u=aGDACEAjBAAAACAAI~&z=1565977830

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-90648951-2&cid=2101229438.1710051920&jid=2134584629&gjid=689128926&_gid=1611968059.1710051920&npa=1&_u=aGHACEAjBAAAACAAI~&z=580210409

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion/939864618/?random=1710051919713&cv=11&fst=1710051919713&bg=ffffff&guid=ON&async=1&gtm=45be4360z872742181za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.scouting.org%2F&label=NkPrCP3b26kBEKrklMAD&hn=www.googleadservices.com&frm=0&tiba=My%20Scouting&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=518529126.1710051920&uamb=0&uaw=0&fdr=SA&rfmt=3&fmt=4

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scouting.org/	1970-01-20 21:10:27	Name: _gcl_au Value: 1.1.518529126.1710051920
.my.scouting.org/	1970-01-21 04:36:51	Name: _ga Value: GA1.3.2101229438.1710051920
.my.scouting.org/	1970-01-20 19:02:18	Name: _gid Value: GA1.3.1611968059.1710051920
.my.scouting.org/	1970-01-20 19:00:51	Name: _gat_UA-2638006-44 Value: 1
.scouting.org/	1970-01-20 19:02:18	Name: _gid Value: GA1.2.1611968059.1710051920
.scouting.org/	1970-01-21 04:36:51	Name: _ga_FZTE8M991V Value: GS1.1.1710051919.1.0.1710051919.0.0.0
.scouting.org/	1970-01-20 19:00:51	Name: _gat_UA-2638006-46 Value: 1
.scouting.org/	1970-01-20 19:00:51	Name: _gat_UA-90648951-2 Value: 1
.scouting.org/	1970-01-21 04:36:51	Name: _ga Value: GA1.1.2101229438.1710051920
.scouting.org/	1970-01-21 04:36:51	Name: _ga_20G0JHESG4 Value: GS1.1.1710051919.1.0.1710051919.0.0.0
.scouting.org/	1970-01-21 04:36:51	Name: _ga_61ZEHCVHHS Value: GS1.1.1710051919.1.0.1710051919.60.0.0
.scouting.org/	1970-01-21 04:36:51	Name: _ga_LCGK7QTBFT Value: GS1.2.1710051919.1.0.1710051919.60.0.0

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Refused to load the script 'https://cdn.inspectlet.com/inspectlet.js?wid=198079202&r=475014' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js".
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5P4DF(Line 120) Message: Refused to load the script 'https://s.pinimg.com/ct/core.js' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js".
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5P4DF(Line 120) Message: Refused to load the script 'https://sc-static.net/scevent.min.js' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js".
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5P4DF(Line 120) Message: Refused to load the script 'https://static.hotjar.com/c/hotjar-2401577.js?sv=7' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js".
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5P4DF(Line 696) Message: Refused to load the script 'https://02cdaf76d4824bd4a783a8c73bd86be2.js.ubembed.com/' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js".
security	error	URL: https://www.google-analytics.com/analytics.js(Line 35) Message: Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2638006-44&cid=2101229438.1710051920&jid=788713082&gjid=1950278735&_gid=1611968059.1710051920&npa=1&_u=YEBAAAAiAAAAAC~&z=105105595' because it violates the following Content Security Policy directive: "connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com *.hotjar.io".
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: Refused to load the script 'https://connect.facebook.net/signals/config/359778478146451?v=2.9.148&r=stable&domain=my.scouting.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-61ZEHCVHHS&l=dataLayer&cx=c(Line 208) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-61ZEHCVHHS&gtm=45je4360v9123716439z872742181za200&_p=1710051919465&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2101229438.1710051920&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710051919&sct=1&seg=0&dl=https%3A%2F%2Fmy.scouting.org%2F&dt=My%20Scouting&en=page_view&_fv=1&_ss=1&tfd=1253' because it violates the following Content Security Policy directive: "connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com *.hotjar.io".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-61ZEHCVHHS&l=dataLayer&cx=c(Line 208) Message: Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-61ZEHCVHHS&cid=2101229438.1710051920&gtm=45je4360v9123716439z872742181za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1' because it violates the following Content Security Policy directive: "connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com *.hotjar.io".
security	error	URL: https://www.google-analytics.com/analytics.js(Line 35) Message: Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2638006-46&cid=2101229438.1710051920&jid=497021644&gjid=869587989&_gid=1611968059.1710051920&npa=1&_u=aGDACEAjBAAAACAAI~&z=1565977830' because it violates the following Content Security Policy directive: "connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com *.hotjar.io".
security	error	URL: https://www.google-analytics.com/analytics.js(Line 35) Message: Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-90648951-2&cid=2101229438.1710051920&jid=2134584629&gjid=689128926&_gid=1611968059.1710051920&npa=1&_u=aGHACEAjBAAAACAAI~&z=580210409' because it violates the following Content Security Policy directive: "connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com *.hotjar.io".
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=AW-939864618&l=dataLayer&cx=c(Line 89) Message: Refused to load the script 'https://www.googleadservices.com/pagead/conversion/939864618/?random=1710051919713&cv=11&fst=1710051919713&bg=ffffff&guid=ON&async=1&gtm=45be4360z872742181za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmy.scouting.org%2F&label=NkPrCP3b26kBEKrklMAD&hn=www.googleadservices.com&frm=0&tiba=My%20Scouting&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=518529126.1710051920&uamb=0&uaw=0&fdr=SA&rfmt=3&fmt=4' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js *.gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-LCGK7QTBFT&cx=c&_slc=1(Line 145) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-LCGK7QTBFT&gtm=45je4360v9125903558za200&_p=1710051919465&_gaz=1&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=2101229438.1710051920&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fmy.scouting.org%2F&dp=my.scouting.org&dt=My%20Scouting&sid=1710051919&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1330' because it violates the following Content Security Policy directive: "connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com *.hotjar.io".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-LCGK7QTBFT&cx=c&_slc=1(Line 145) Message: Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LCGK7QTBFT&cid=2101229438.1710051920&gtm=45je4360v9125903558za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1' because it violates the following Content Security Policy directive: "connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com *.hotjar.io".
network	error	URL: https://my.scouting.org/api/users/self_72254a8e-1440-11e9-ab14-d663bd873d93/sessions/current Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-61ZEHCVHHS&l=dataLayer&cx=c(Line 208) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-61ZEHCVHHS&gtm=45je4360v9123716439za200&_p=1710051919465&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2101229438.1710051920&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1710051919&sct=1&seg=0&dl=https%3A%2F%2Fmy.scouting.org%2F&dt=My%20Scouting&en=scroll&epn.percent_scrolled=90&_et=13&tfd=6267' because it violates the following Content Security Policy directive: "connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com *.hotjar.io".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src * data:; connect-src 'self' .googleapis.com .scouting.org https://accounts.google.com/gsi/status .google-analytics.com .wepay.com https://analytics.google.com https://maps.googleapis.com .amazonaws.com api-scouting.cloudhub.io https://cdnjs.cloudflare.com .melissadata.net .gstatic.com sentry.io .chasepaymentech.com https://www.chasepaymentechhostedpay.com .google-analytics.com .hotjar.com .hotjar.io; frame-src 'self' https://reports.scouting.org .google.com .wepayapi.com .wepay.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' .scouting.org; script-src-elem 'self' 'unsafe-inline' https://www.google-analytics.com https://www.googletagmanager.com https://connect.facebook.net/en_US/fbevents.js .wepay.com .googleapis.com https://translate.google.com https://d1yh17eqtjhci0.cloudfront.net/ui.min.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://www.google.com/recaptcha/api.js .gstatic.com https://accounts.google.com/gsi/client https://www.googletagmanager.com/gtm.js; style-src 'unsafe-inline' ; font-src data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02cdaf76d4824bd4a783a8c73bd86be2.js.ubembed.com
accounts.google.com
appleid.cdn-apple.com
cdn.inspectlet.com
connect.facebook.net
d1yh17eqtjhci0.cloudfront.net
fonts.gstatic.com
my.scouting.org
region1.google-analytics.com
s.pinimg.com
sc-static.net
sentry.io
static.hotjar.com
stats.g.doubleclick.net
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
02cdaf76d4824bd4a783a8c73bd86be2.js.ubembed.com
cdn.inspectlet.com
connect.facebook.net
s.pinimg.com
sc-static.net
static.hotjar.com
stats.g.doubleclick.net
www.googleadservices.com
104.77.19.23
2001:4860:4802:32::36
2600:9000:26da:f800:b:e080:2200:93a1
2606:4700::6810:7baf
2a00:1450:4001:806::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:400c:c0a::54
2a03:2880:f084:d:face:b00c:0:3
35.186.247.156
54.159.215.205
54.161.111.173
021fd36b8716094b8ae908a266a8cb9acf84da1dad4f2fbf005bef2bee3baa23
051817b866747bfeb73513ae13aa611f901626f8c602ffe70de4309ff0205aca
0fb272d5873a3ab9a3a122ae7e7eb683fe1277a6769ce05351abbb2b0cbd8df1
1b252e731fa67933636c245db745ae93c073966aabc73d4551a5a811d89c1cfb
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1ceb245a8f768b65c2ae250d96f5457b96e9537326da2feb2310b707736817aa
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
2bb6585b06b56d32aa48ac85f698aea00a96b5e32b944c9fba5022cd90f97dcf
3233d2105f359be08a4bea29a5d556d9e4b6150478427b70ca3e4978cbe224da
333fd1bcfa25d317b0a799b5638ae5dbbea7847d7531ae37e70a84a6d4d2ef5c
343364f41373bb7fbd4b219315705f1816e720b11defb8a6846a342f476b6495
359f1bb96cec382277bd9723294f7378ecaf24dd6d356f731bafbc49ff6dcdb6
3b5b2bcb9cdf295498f602c0da2dbf09d54f3f6daed92de918607c48162587bb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b91aac268e3e617670e1d5aed030264b7b217adad86587a4bdf3e6066d4e25e
4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fbc25d4c75a6cb2c42131c5f99a819c580b83615bd50d6289e79c5913c04fd0
6ac578bb9d53919c22f0b798e29e095b85fb8ce79f5a69324092beed27003576
6d0030406718bd150c507d3ae606f5173bd5057f63f4d4ad2d79ca354488d652
6ddd8e09f84d8a9019e091b870349867f49b4d9d799436a49749d355938139c5
73dfe2b0697e0f2df9e534a1df04c3bb1e25790756a489c08f156d0603b3f8ec
764a48085c2a45b4d0866c9e7e7738bd9d9066165c11d2d83e385740dbf35afb
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79961b4e422de84abadb575d8fa9ca3f1acb5951f18b827f8767d347789b3170
7e1c95b2ce70630bff8681353f87dd7a50eb1c86f6371eb5d451d824bc643d29
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
857039aaa072569b48e647c28b141ebae73f7d8d0ec73a9e99f02c4edd02cd01
86f11ac70f5e5d6487e65ccfb8e13418cecd76d6f0103b7b651288edd8cc63da
8d3ab13703db2740abeed419a4f8ef0f9f3f9978211b9dbc9d6747b5db3cc583
91e9008a809223ca505257c7cb9232b7bf13e7fbf45e3f6dd2cfca538e7141eb
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95d86a7bdc586a5d7471f640603105ef2a9e2a2859d368984b426c5f9c630f1a
9932e59f2494976522ab408c76c39c6e522865fc6995073da6576ae50fe2172f
a456aa6bb853fe1458d687a6013a2f2278b947713cfda1636e369533ccb6fde9
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6a8f5045aa5904cc1ae5fd186b2f7f080e1d7e0c359cdebc3b8346d722145a4
c1d2b556ce0d99743d52b80f8e2efccd889e5e1bc75d411b2b232fe11bc76d28
c772a3a01713bf1d82f7d2ecd0beffbbc444e2a37a082720dbc7383eeafc300e
c9d2c95bc2bbac7a1535085b57896f0c095ee072ed5678221dcbd94fc01c04fc
cde4b4e3998e7c738058163b329d1424c92b4db6c5bffaf6fd3b134da7622fcc
d65781ae6c4e91d514c9d05e0b09ffd60e072b816253246b156f9091ded98853
dcba7c7aa08f3cf73ca18ec21066454ec21b0205a1df3cc30a628c7240434521
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13b9dfd16a3a0ce767b359ff9a81290e2cc75e796ab31510ff3916385fbd0a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f8d7073c3d19fbee2271c316fd5b6d649eaef37b0d9f7919065932a9f82d0a
e5557573a812bdbd6ba65e8dce865eef896abb787d715eaf389eddc3a087ae9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22cfa8a70af5f61b19679c886a8e3da0863c5256059a317a870a0df3c03e857
f8a5577597ab049dba2fbfc501ef7138ac68e9a8ce0425a84eeae271bf251ca3

my.scouting.org Open in urlscan Pro 54.161.111.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

87 %HTTPS

73 %IPv6

18 Domains

21 Subdomains

15 IPs

4 Countries

4056 kBTransfer

12627 kBSize

12 Cookies

2 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

my.scouting.org Open in urlscan Pro
54.161.111.173 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

87 %
HTTPS

73 %
IPv6

18
Domains

21
Subdomains

15
IPs

4
Countries

4056 kB
Transfer

12627 kB
Size

12
Cookies

77 HTTP transactions
1 data transactions