urlscan.io logo urlscan.io
SecurityTrails logo

www.rwb.org Open in urlscan Pro
158.106.184.151  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.rwb.org/
Effective URL: https://www.rwb.org/
Submission: On December 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 14 domains to perform 68 HTTP transactions. The main IP is 158.106.184.151, located in United States and belongs to DFW-DATACENTER, US. The main domain is www.rwb.org.
TLS certificate: Issued by R3 on December 5th 2022. Valid for: 3 months.
This is the only time www.rwb.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

36    158.106.184.151 (United States)

ASN30277 (DFW-DATACENTER, US)
PTR: host1.thinkshiftinc.com
www.rwb.org
rwb.org
1    2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
www.googleadservices.com
1    2606:4700::6811:f449 (United States)

ASN13335 (CLOUDFLARENET, US)
hello.myfonts.net
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    44.209.218.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-218-223.compute-1.amazonaws.com
tags.srv.stackadapt.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
36 rwb.org
www.rwb.org
rwb.org
11 MB
6 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 3226
9 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
262 B
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
40 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
280 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
3 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
211 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6041
612 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
612 B
1 gstatic.com
fonts.gstatic.com
44 KB
1 myfonts.net
hello.myfonts.net — Cisco Umbrella Rank: 6774
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 162
17 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
0 eyereturn.com Failed
o2.eyereturn.com Failed
68 14
Domain Requested by
32 www.rwb.org 1 redirects www.rwb.org
6 tags.srv.stackadapt.com www.rwb.org
tags.srv.stackadapt.com
6 www.facebook.com www.rwb.org
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 rwb.org 4 redirects
4 connect.facebook.net www.rwb.org
connect.facebook.net
3 www.googletagmanager.com www.rwb.org
www.googletagmanager.com
2 www.google.de www.rwb.org
2 www.google.com www.rwb.org
2 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 hello.myfonts.net www.rwb.org
1 www.googleadservices.com www.rwb.org
1 fonts.googleapis.com www.rwb.org
0 o2.eyereturn.com Failed www.rwb.org
68 16
Subject Issuer Validity Valid
rwb.org
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-09 -
2023-06-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-24 -
2022-12-23		 3 months crt.sh
*.srv.stackadapt.com
Amazon		 2022-10-09 -
2023-11-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.rwb.org/
Frame ID: F3CDFCC6B28E78480DA6EC90DD114FAB
Requests: 68 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Canada's Royal Winnipeg Ballet

Page URL History Show full URLs

  1. http://www.rwb.org/ HTTP 301
    https://www.rwb.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

68
Requests

91 %
HTTPS

79 %
IPv6

14
Domains

16
Subdomains

15
IPs

5
Countries

11812 kB
Transfer

13066 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.rwb.org/ HTTP 301
    https://www.rwb.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://rwb.org/js/min/script.touch-navigation-ck.js HTTP 301
  • https://www.rwb.org/js/min/script.touch-navigation-ck.js
Request Chain 53
  • https://rwb.org/js/min/script.touch-navigation-ck.js HTTP 301
  • https://www.rwb.org/js/min/script.touch-navigation-ck.js
Request Chain 56
  • https://rwb.org/js/script.lazy-load.js HTTP 301
  • https://www.rwb.org/js/script.lazy-load.js
Request Chain 60
  • https://rwb.org/js/script.lazy-load.js HTTP 301
  • https://www.rwb.org/js/script.lazy-load.js

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.rwb.org/
Redirect Chain
  • http://www.rwb.org/
  • https://www.rwb.org/
21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
533bc5361cff54b122313ca18575f0e22308258e3f621949cf93d19ffd87bc21

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Dec 2022 00:14:04 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Fri, 16 Dec 2022 00:14:04 GMT
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
228
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 16 Dec 2022 00:14:02 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.rwb.org/
Server
Apache
MyFontsWebfontsKit.css
www.rwb.org/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rwb.org/css/MyFontsWebfontsKit.css
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
7aa4f77f57a0f64a53af45da95ec7cda1e966c918722d7812682ffc92afad078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:04 GMT
Last-Modified
Tue, 02 Sep 2014 14:57:20 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1076
main.css
www.rwb.org/css/ 		57 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rwb.org/css/main.css?v=1.4
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
92c7894913d27feffe47ea6bdb8c94f1e4a8cf7fa96a11cd91730ede945712e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:04 GMT
Last-Modified
Fri, 04 Mar 2022 17:57:53 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
58054
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,300,700,600
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a477225fc9bec38ef4855999aedfad3028d470bb1b127bf85254372dbcc2cea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Dec 2022 00:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 00:14:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Dec 2022 00:14:04 GMT
modernizr.custom.34454.js
www.rwb.org/js/libs/modernizr/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rwb.org/js/libs/modernizr/modernizr.custom.34454.js
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
65b9101ebaf51b5346e68cd8ff3b854beb184849f007ba0e08d44d5337eb3cfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Tue, 02 Sep 2014 18:02:16 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
9887
rwb.png
www.rwb.org/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/images/rwb.png
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
fb122a1c5fc8402deffb530b0a754c9bf7520fe7a028d0385360e41c36c6bb20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Tue, 02 Sep 2014 14:40:24 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5005
2223-NUT-Web-Header.jpg
www.rwb.org/uploads/gallery/ 		10 MB
10 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/uploads/gallery/2223-NUT-Web-Header.jpg
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
45e3207eb69a063dcf4458c16399ffcecc0cec315231296dd2a13bb915364b59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:06 GMT
Last-Modified
Wed, 30 Mar 2022 17:30:46 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
10908363
blank.gif
www.rwb.org/css/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/css/img/blank.gif
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
2f3298e36b8bdcd4dde56932f2867da29fc050fda590e8aad6ef1d2f5c41e920

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:06 GMT
Last-Modified
Tue, 02 Sep 2014 14:57:27 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
1098
logo-footer.png
www.rwb.org/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/images/logo-footer.png
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
b9f62834997284828681dd6468d6093effb3b3659b7f16f912f1326c6c272531

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:06 GMT
Last-Modified
Tue, 02 Sep 2014 14:57:07 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
9167
logo1.png
www.rwb.org/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/images/logo1.png
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
b511924a24cc16913536f748b47cc57a808942a56391ae240ade474f18ee6aa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Tue, 16 Sep 2014 01:33:11 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8328
logo12.png
www.rwb.org/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/images/logo12.png
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
4241ed08ff0203f3bc755d254ec09279142da36ffebf1ac45976906a2f797606

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Tue, 16 Sep 2014 01:32:05 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5743
logo2.png
www.rwb.org/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/images/logo2.png
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
5e5c80cfdb0255ba5d494e8fc73dd533a4b8d965198e28636b593bd33385225a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Tue, 16 Sep 2014 01:32:05 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
8234
logo3.png
www.rwb.org/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/images/logo3.png
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
b06a9f3078b6a78e9303a2f69a5a99e3318e59f66f0f93eaded054370aec51fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:06 GMT
Last-Modified
Tue, 16 Sep 2014 01:32:05 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4762
logo4.png
www.rwb.org/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/images/logo4.png
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
8f00b79763a64df0a02ba2e84a513b941d03790b6d55daa00e5a65a57c8c6164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Tue, 16 Sep 2014 01:32:05 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
5322
jquery-1.11.1.min.js
www.rwb.org/js/min/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rwb.org/js/min/jquery-1.11.1.min.js
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Tue, 02 Sep 2014 18:01:58 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
95786
thinkshift-ck.js
www.rwb.org/js/min/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rwb.org/js/min/thinkshift-ck.js?v=2
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
5b7ae8278cc9d9b21f5f15427183c6ec3580070df13fdcf88846d36f5bc63fbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Mon, 22 Dec 2014 21:09:15 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
2836
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 00:14:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
6351308751113588399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Dec 2022 00:14:05 GMT
2b5562
hello.myfonts.net/count/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/2b5562
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/css/MyFontsWebfontsKit.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400,300,700,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rwb.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 18:50:24 GMT
x-content-type-options
nosniff
age
278621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 18:50:24 GMT
gtm.js
www.googletagmanager.com/ 		205 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PB6SXNL
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8f3f707f343630b82957a4b202c9464d75e98df4cd517eb514908bd1f09f7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 00:14:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72900
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Dec 2022 00:14:05 GMT
gtm.js
www.googletagmanager.com/ 		267 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTX4X9T
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5564d783c2e92c0d3b50ad9ff4389845b4922c05d1cb62807930c56c2f295993
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 00:14:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75361
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Dec 2022 00:14:05 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Dec 2022 00:14:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
02SCxjZNbJ41mWJTkninMPX/tEyyqCp+Wm87MvVj/9HBlUB9Q8WhYK8lXrAk7YyWcalRMfnEd9o64eO2ayE46Q==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
o2.eyereturn.com/ 		0
0
/
o2.eyereturn.com/ 		0
0
2223-NUT-Web-Header.jpg
www.rwb.org/uploads/gallery/_blog/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/uploads/gallery/_blog/2223-NUT-Web-Header.jpg
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
3066ab1b04afcb10988e6a994f975e1da71a5a3bf33c2cd334675f78858a21d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Wed, 30 Mar 2022 17:30:49 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
94551
arrow-white.png
www.rwb.org/css/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/css/img/arrow-white.png
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/css/main.css?v=1.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
37e3f60b0105f4ee41e58f37925762194b10c6753dd440f8654d1fc5add9e41e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/css/main.css?v=1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Tue, 02 Sep 2014 14:57:23 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2000
pointers.png
www.rwb.org/css/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/css/img/pointers.png
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/css/main.css?v=1.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
8e4497ecbac7988f50a61ffe3b008a3fc17ce429d60fe07a648aaffd05100567

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/css/main.css?v=1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Tue, 02 Sep 2014 14:57:24 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
1655
edging-white.png
www.rwb.org/css/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/css/img/edging-white.png
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/css/main.css?v=1.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
8538031441d7aa120d37b5e1ecadc0b5e7f7861da00d3c5106ad06f26766115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/css/main.css?v=1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Tue, 02 Sep 2014 14:57:28 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1578
2B5562_0_0.woff
www.rwb.org/css/webfonts/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rwb.org/css/webfonts/2B5562_0_0.woff
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/css/MyFontsWebfontsKit.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
1926cf926d6236d64b17bc05061ce89d2774e8f6074cb726d9d17a01a8aef8b0

Request headers

Referer
https://www.rwb.org/css/MyFontsWebfontsKit.css
Origin
https://www.rwb.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Tue, 02 Sep 2014 14:57:19 GMT
Server
Apache
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
60165
icons.png
www.rwb.org/css/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/css/img/icons.png
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/css/main.css?v=1.4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
4b5013649b6cfebc44e8df446c49ce51ff300cc787611e450056a4a49737e188

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/css/main.css?v=1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:05 GMT
Last-Modified
Tue, 02 Sep 2014 14:57:22 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
6142
288875834802165
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/288875834802165?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f94cbb562e49720f2ad57cc1e944560160523e8f22b48b1577c0f0170e4efe3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Dec 2022 00:14:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
uwf7+tfU5jlvSTd9GwpcQUqMY/0iWGJay8Dt3A8GYQmR9C/EwRKX4qLYQkDTeEXgoUjUMQXv15sLTg55ZcSHHA==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
430949820609124
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/430949820609124?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e8c6cce52b78b8fc4d0769a22584ea9dc19e2ad86a2de7ebae23f1dcea422a6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Dec 2022 00:14:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
pYOsgqKLvfkj6FYI8jTbfCS9M4sAG+tkrnBA7h4CBTTeFSZDzI1TegfFv/aZTZiXe1i/y2B77cFmqxMoOg8meQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=288875834802165&ev=PageView&dl=https%3A%2F%2Fwww.rwb.org%2F&rl=&if=false&ts=1671149645753&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671149645752.1294398063&it=1671149645593&coo=false&rqm=GET
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Dec 2022 00:14:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PB6SXNL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 23:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2968
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 16 Dec 2022 01:24:37 GMT
events.js
tags.srv.stackadapt.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-218-223.compute-1.amazonaws.com
Software
/
Resource Hash
da38f21e557255d66479b204b0379a54dec8cb17b19d7c69102d677461b31fc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Dec 2022 00:14:06 GMT
Cache-Control
max-age=5
Content-Encoding
gzip
Connection
keep-alive
Content-Length
5385
Content-Type
text/javascript
js
www.googletagmanager.com/gtag/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-842466087
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTX4X9T
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3102b620e254077cc0a8823f43f6ce6a48968f92e39dda0158c6f5a8894a4179
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 00:14:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66926
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Dec 2022 00:14:05 GMT
140491363224231
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/140491363224231?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9625d69836119679eca4f0e1b026584d5c9543000b9c6a58953bfc122e869624
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Dec 2022 00:14:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
+nxncchF4z0tifqijSeb4cO+H2cnXy7dhETa0N12lCui1nEcTQGk5IvRatzyG0cMyn/LZY0ZmfyD/SD5L46PVA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=430949820609124&ev=PageView&dl=https%3A%2F%2Fwww.rwb.org%2F&rl=&if=false&ts=1671149645922&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671149645752.1294398063&it=1671149645593&coo=false&rqm=GET
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Dec 2022 00:14:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=461536157&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rwb.org%2F&ul=en-us&de=UTF-8&dt=Canada%27s%20Royal%20Winnipeg%20Ballet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=256795954&gjid=417071384&cid=1353250781.1671149646&tid=UA-3429272-1&_gid=96445914.1671149646&_r=1&gtm=2wgbu0PB6SXNL&z=515523911
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rwb.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 00:14:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rwb.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/957589843/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957589843/?random=1671149645977&cv=9&fst=1671149645977&num=1&label=g3SsCP2IsAMQ09LOyAM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.rwb.org%2F&tiba=Canada%27s%20Royal%20Winnipeg%20Ballet&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e84d15630ccb503477088d9e74c49de4d36500050e910111be65d99270c79cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 00:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
977
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
script.touch-navigation-ck.js
www.rwb.org/js/min/
Redirect Chain
  • https://rwb.org/js/min/script.touch-navigation-ck.js
  • https://www.rwb.org/js/min/script.touch-navigation-ck.js
166 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/js/min/script.touch-navigation-ck.js
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:06 GMT
Last-Modified
Tue, 02 Sep 2014 18:01:51 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
166

Redirect headers

Location
https://www.rwb.org/js/min/script.touch-navigation-ck.js
Date
Fri, 16 Dec 2022 00:14:06 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
264
Content-Type
text/html; charset=iso-8859-1
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=140491363224231&ev=PageView&dl=https%3A%2F%2Fwww.rwb.org%2F&rl=&if=false&ts=1671149646035&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671149645752.1294398063&it=1671149645593&coo=false&rqm=GET
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Dec 2022 00:14:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
collect
stats.g.doubleclick.net/j/ 		1 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3429272-1&cid=1353250781.1671149646&jid=256795954&gjid=417071384&_gid=96445914.1671149646&_u=YEBAAEAAAAAAACAAI~&z=1465904001
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rwb.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 16 Dec 2022 00:14:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rwb.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/957589843/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/957589843/?random=1671149645977&cv=9&fst=1671148800000&num=1&label=g3SsCP2IsAMQ09LOyAM&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.rwb.org%2F&tiba=Canada%27s%20Royal%20Winnipeg%20Ballet&fmt=3&is_vtc=1&random=406159084&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 00:14:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/957589843/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/957589843/?random=1671149645977&cv=9&fst=1671148800000&num=1&label=g3SsCP2IsAMQ09LOyAM&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.rwb.org%2F&tiba=Canada%27s%20Royal%20Winnipeg%20Ballet&fmt=3&is_vtc=1&random=406159084&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 00:14:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=288875834802165&ev=Microdata&dl=https%3A%2F%2Fwww.rwb.org%2F&rl=&if=false&ts=1671149646299&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20Canada%27s%20Royal%20Winnipeg%20Ballet%5Cn%20%20%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22RWB%20Holiday%20Store%22%2C%22og%3Asite_name%22%3A%22Royal%20Winnipeg%20Ballet%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Frwb.org%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%22%3A%22%2Fuploads%2Fgallery%2F_poster%2F2_Reignite_2_Nut.jpg%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A154%2C%22w%22%3A353%7D%2C%22properties%22%3A%7B%22name%22%3A%22Canada%27s%20Royal%20Winnipeg%20Ballet%22%2C%22telephone%22%3A%22School%20204.957.3467%22%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A45%2C%22w%22%3A353%7D%2C%22properties%22%3A%7B%22streetAddress%22%3A%22380%20Graham%20Avenue%22%2C%22addressLocality%22%3A%22R3C%204K2%22%2C%22postalCode%22%3A%22R3C%204K2%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FPostalAddress%22%7D%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671149645752.1294398063&it=1671149645593&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Dec 2022 00:14:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
sa.css
tags.srv.stackadapt.com/ 		65 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-218-223.compute-1.amazonaws.com
Software
/
Resource Hash
75612e7452e9d61e12788a27d1a8910b38edb1dd0b159ad1b6f1c91b980446b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Dec 2022 00:14:06 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
65
Content-Type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-218-223.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Dec 2022 00:14:06 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
651
Content-Type
image/jpeg
sa.jpeg
tags.srv.stackadapt.com/ 		0
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-218-223.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Dec 2022 00:14:06 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
651
Content-Type
image/jpeg
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/842466087/ 		2 KB
911 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842466087/?random=1671149646343&cv=11&fst=1671149646343&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.rwb.org%2F&tiba=Canada%27s%20Royal%20Winnipeg%20Ballet&auid=1636090896.1671149646&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-842466087
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1ef795c25fd5f8a504cd42007b3494323cc75288588fb4bf29f11766176defd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 00:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
885
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=430949820609124&ev=Microdata&dl=https%3A%2F%2Fwww.rwb.org%2F&rl=&if=false&ts=1671149646423&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20Canada%27s%20Royal%20Winnipeg%20Ballet%5Cn%20%20%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22RWB%20Holiday%20Store%22%2C%22og%3Asite_name%22%3A%22Royal%20Winnipeg%20Ballet%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Frwb.org%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%22%3A%22%2Fuploads%2Fgallery%2F_poster%2F2_Reignite_2_Nut.jpg%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A154%2C%22w%22%3A353%7D%2C%22properties%22%3A%7B%22name%22%3A%22Canada%27s%20Royal%20Winnipeg%20Ballet%22%2C%22telephone%22%3A%22School%20204.957.3467%22%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A45%2C%22w%22%3A353%7D%2C%22properties%22%3A%7B%22streetAddress%22%3A%22380%20Graham%20Avenue%22%2C%22addressLocality%22%3A%22R3C%204K2%22%2C%22postalCode%22%3A%22R3C%204K2%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FPostalAddress%22%7D%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671149645752.1294398063&it=1671149645593&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Dec 2022 00:14:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=140491363224231&ev=Microdata&dl=https%3A%2F%2Fwww.rwb.org%2F&rl=&if=false&ts=1671149646536&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20Canada%27s%20Royal%20Winnipeg%20Ballet%5Cn%20%20%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22RWB%20Holiday%20Store%22%2C%22og%3Asite_name%22%3A%22Royal%20Winnipeg%20Ballet%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Frwb.org%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%22%3A%22%2Fuploads%2Fgallery%2F_poster%2F2_Reignite_2_Nut.jpg%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A154%2C%22w%22%3A353%7D%2C%22properties%22%3A%7B%22name%22%3A%22Canada%27s%20Royal%20Winnipeg%20Ballet%22%2C%22telephone%22%3A%22School%20204.957.3467%22%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A45%2C%22w%22%3A353%7D%2C%22properties%22%3A%7B%22streetAddress%22%3A%22380%20Graham%20Avenue%22%2C%22addressLocality%22%3A%22R3C%204K2%22%2C%22postalCode%22%3A%22R3C%204K2%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FPostalAddress%22%7D%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671149645752.1294398063&it=1671149645593&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Dec 2022 00:14:06 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.google.com/pagead/1p-user-list/842466087/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/842466087/?random=1671149646343&cv=11&fst=1671148800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.rwb.org%2F&tiba=Canada%27s%20Royal%20Winnipeg%20Ballet&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1475299821&rmt_tld=0&ipr=y
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 00:14:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/842466087/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/842466087/?random=1671149646343&cv=11&fst=1671148800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.rwb.org%2F&tiba=Canada%27s%20Royal%20Winnipeg%20Ballet&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1475299821&rmt_tld=1&ipr=y
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Dec 2022 00:14:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
script.touch-navigation-ck.js
www.rwb.org/js/min/
Redirect Chain
  • https://rwb.org/js/min/script.touch-navigation-ck.js
  • https://www.rwb.org/js/min/script.touch-navigation-ck.js
166 B
420 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rwb.org/js/min/script.touch-navigation-ck.js
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/
Protocol
HTTP/1.1
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
19e54b2dc925afcacc1dedc2f11ad4c230cd8e5e66713a0d2bc592209b79f1f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:06 GMT
Last-Modified
Tue, 02 Sep 2014 18:01:51 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
166

Redirect headers

Location
https://www.rwb.org/js/min/script.touch-navigation-ck.js
Date
Fri, 16 Dec 2022 00:14:06 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
264
Content-Type
text/html; charset=iso-8859-1
saq_pxl
tags.srv.stackadapt.com/ 		138 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=YCM6F9iy1fCnXm34loGZVw&is_js=true&landing_url=https%3A%2F%2Fwww.rwb.org%2F&t=Canada%27s%20Royal%20Winnipeg%20Ballet&tip=Wk93YBfTbxdDih_1kcdR4IXfyrV22ogu21q0UGa2ff8&host=https://www.rwb.org&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9fdfbc51916464817534e01eab7e53f5e50ff0766&sa-user-id-v2=s%253Aa4ubrGR9QwJpNL8QWEv9iVD_B2Y.runihceydysBgeS%252FQZCpnyX7hft%252F0gJtb%252FxNgsG4RSQ&sa-user-id=s%253A0-6b8b9bac-647d-4302-6934-bf10584bfd89.PqupKdB3NTexssQXOSicjHWmjna9tpE4MjLamUys5qg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-218-223.compute-1.amazonaws.com
Software
/
Resource Hash
fc0b0343d82f2d2e2b13b3ceb88e99feae43df871b51ddb42d1af2bf050d6a85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:06 GMT
Access-Control-Allow-Methods
GET
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.rwb.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
138
saq_pxl
tags.srv.stackadapt.com/ 		138 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=YCM6F9iy1fCnXm34loGZVw&is_js=true&landing_url=https%3A%2F%2Fwww.rwb.org%2F&t=Canada%27s%20Royal%20Winnipeg%20Ballet&tip=Wk93YBfTbxdDih_1kcdR4IXfyrV22ogu21q0UGa2ff8&host=https://www.rwb.org&sa_conv_data_css_value=%20%220-6b8b9bac-647d-4302-6934-bf10584bfd89%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd93c55eb5baf8742694533de22b6b6cda550ff0766&sa-user-id-v2=s%253Aa4ubrGR9QwJpNL8QWEv9iVD_B2Y.runihceydysBgeS%252FQZCpnyX7hft%252F0gJtb%252FxNgsG4RSQ&sa-user-id=s%253A0-6b8b9bac-647d-4302-6934-bf10584bfd89.PqupKdB3NTexssQXOSicjHWmjna9tpE4MjLamUys5qg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-218-223.compute-1.amazonaws.com
Software
/
Resource Hash
fc0b0343d82f2d2e2b13b3ceb88e99feae43df871b51ddb42d1af2bf050d6a85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:06 GMT
Access-Control-Allow-Methods
GET
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.rwb.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
138
script.lazy-load.js
www.rwb.org/js/
Redirect Chain
  • https://rwb.org/js/script.lazy-load.js
  • https://www.rwb.org/js/script.lazy-load.js
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/js/script.lazy-load.js
Protocol
HTTP/1.1
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:08 GMT
Last-Modified
Tue, 24 Nov 2015 17:40:56 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1981

Redirect headers

Location
https://www.rwb.org/js/script.lazy-load.js
Date
Fri, 16 Dec 2022 00:14:08 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
250
Content-Type
text/html; charset=iso-8859-1
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTX4X9T
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 23:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2971
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 16 Dec 2022 01:24:37 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=461536157&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.rwb.org%2F&ul=en-us&de=UTF-8&dt=Canada%27s%20Royal%20Winnipeg%20Ballet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll_tracking&ea=https%3A%2F%2Fwww.rwb.org%2F&el=25&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1353250781.1671149646&tid=UA-3429272-1&_gid=96445914.1671149646&gtm=2wgbu0NTX4X9T&z=810849355
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 13:42:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37886
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=461536157&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.rwb.org%2F&ul=en-us&de=UTF-8&dt=Canada%27s%20Royal%20Winnipeg%20Ballet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll_tracking&ea=https%3A%2F%2Fwww.rwb.org%2F&el=50&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1353250781.1671149646&tid=UA-3429272-1&_gid=96445914.1671149646&gtm=2wgbu0NTX4X9T&z=911015984
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 13:42:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37886
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
script.lazy-load.js
www.rwb.org/js/
Redirect Chain
  • https://rwb.org/js/script.lazy-load.js
  • https://www.rwb.org/js/script.lazy-load.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rwb.org/js/script.lazy-load.js
Protocol
HTTP/1.1
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
eb36df0ee7f6b1cf277f97a46e509442c4f1a06ad5ab64d9461887f0026436c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:08 GMT
Last-Modified
Tue, 24 Nov 2015 17:40:56 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1981

Redirect headers

Location
https://www.rwb.org/js/script.lazy-load.js
Date
Fri, 16 Dec 2022 00:14:08 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
250
Content-Type
text/html; charset=iso-8859-1
2022_RD_Registration_Header_v2.jpg
www.rwb.org/uploads/gallery/_feature/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/uploads/gallery/_feature/2022_RD_Registration_Header_v2.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
8c5be1a27f200afa7561c31f1452df0df96f078489bbffdcd10ac08bc64ca10c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:08 GMT
Last-Modified
Wed, 18 May 2022 16:30:43 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
27103
2_Reignite_2_Nut.jpg
www.rwb.org/uploads/gallery/_feature/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/uploads/gallery/_feature/2_Reignite_2_Nut.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
24aaa694a71ffe696c790e77fdaa2b94b1c3b813fb0280fd46f7dd70ce087618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:08 GMT
Last-Modified
Wed, 30 Nov 2022 17:08:22 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
40007
2223-FS-Web-Thumbnail-425x315-D1.jpg
www.rwb.org/uploads/gallery/_feature/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/uploads/gallery/_feature/2223-FS-Web-Thumbnail-425x315-D1.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
6c624c08273ecc9274c2e2d819e9c78abbec6cffa882f807d489558fe075bd17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:08 GMT
Last-Modified
Mon, 31 Oct 2022 17:41:55 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
16794
2022_RD_Registration_Header_v2.jpg
www.rwb.org/uploads/gallery/_feature/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/uploads/gallery/_feature/2022_RD_Registration_Header_v2.jpg
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/js/min/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
8c5be1a27f200afa7561c31f1452df0df96f078489bbffdcd10ac08bc64ca10c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:09 GMT
Last-Modified
Wed, 18 May 2022 16:30:43 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
27103
2223-FS-Web-Thumbnail-425x315-D1.jpg
www.rwb.org/uploads/gallery/_feature/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/uploads/gallery/_feature/2223-FS-Web-Thumbnail-425x315-D1.jpg
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/js/min/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
6c624c08273ecc9274c2e2d819e9c78abbec6cffa882f807d489558fe075bd17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:09 GMT
Last-Modified
Mon, 31 Oct 2022 17:41:55 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
16794
2_Reignite_2_Nut.jpg
www.rwb.org/uploads/gallery/_feature/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rwb.org/uploads/gallery/_feature/2_Reignite_2_Nut.jpg
Requested by
Host: www.rwb.org
URL: https://www.rwb.org/js/min/jquery-1.11.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
158.106.184.151 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
host1.thinkshiftinc.com
Software
Apache /
Resource Hash
24aaa694a71ffe696c790e77fdaa2b94b1c3b813fb0280fd46f7dd70ce087618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rwb.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 16 Dec 2022 00:14:09 GMT
Last-Modified
Wed, 30 Nov 2022 17:08:22 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
40007

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
o2.eyereturn.com
URL
https://o2.eyereturn.com/?site=7613&page=generic_buttons
Domain
o2.eyereturn.com
URL
https://o2.eyereturn.com/?site=7613&page=generic

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| html5 object| Modernizr function| yepnope object| dataLayer function| fbq function| _fbq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| saq function| _saq object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery string| domainPath object| jQuery111109561600890887612 object| google_conversion_id object| google_conversion_label object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| onYouTubeIframeAPIReady function| gtag object| GooglebQhCsO string| res object| saCookies string| current_window_url_param object| $features undefined| videoID undefined| vidSource undefined| newposter undefined| vidmp4id undefined| vidmp4webm undefined| vidmp4ogv function| startVideo

14 Cookies

Domain/Path Name / Value
www.rwb.org/ Name: exp_last_visit
Value: 1355789644
www.rwb.org/ Name: exp_last_activity
Value: 1671149644
www.rwb.org/ Name: exp_tracker
Value: a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D
www.rwb.org/ Name: exp_csrf_token
Value: 2fe7ba0a6bddbca06ccef932dd71076f292cbba7
.rwb.org/ Name: _fbp
Value: fb.1.1671149645752.1294398063
.rwb.org/ Name: _gcl_au
Value: 1.1.1636090896.1671149646
.rwb.org/ Name: _ga
Value: GA1.2.1353250781.1671149646
.rwb.org/ Name: _gid
Value: GA1.2.96445914.1671149646
.rwb.org/ Name: _gat_UA-3429272-1
Value: 1
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-6b8b9bac-647d-4302-6934-bf10584bfd89.PqupKdB3NTexssQXOSicjHWmjna9tpE4MjLamUys5qg
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Aa4ubrGR9QwJpNL8QWEv9iVD_B2Y.runihceydysBgeS%2FQZCpnyX7hft%2F0gJtb%2FxNgsG4RSQ
www.rwb.org/ Name: sa-user-id
Value: s%253A0-6b8b9bac-647d-4302-6934-bf10584bfd89.PqupKdB3NTexssQXOSicjHWmjna9tpE4MjLamUys5qg
www.rwb.org/ Name: sa-user-id-v2
Value: s%253Aa4ubrGR9QwJpNL8QWEv9iVD_B2Y.runihceydysBgeS%252FQZCpnyX7hft%252F0gJtb%252FxNgsG4RSQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnV-ZwZpLi9IfMtIrn3VVMn5Z9UQE8TX2Bk6h-zHfu_QqbPdCgn-50qn-Ow

3 Console Messages

Source Level URL
Text
network error URL: https://hello.myfonts.net/count/2b5562
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://o2.eyereturn.com/?site=7613&page=generic_buttons
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://o2.eyereturn.com/?site=7613&page=generic
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hello.myfonts.net
o2.eyereturn.com
rwb.org
stats.g.doubleclick.net
tags.srv.stackadapt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.rwb.org
o2.eyereturn.com
142.250.180.226
158.106.184.151
2606:4700::6811:f449
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:400d:807::2004
2a00:1450:400d:807::2008
2a00:1450:400d:807::200a
2a00:1450:400d:808::2003
2a00:1450:4025:401::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
44.209.218.223
1926cf926d6236d64b17bc05061ce89d2774e8f6074cb726d9d17a01a8aef8b0
19e54b2dc925afcacc1dedc2f11ad4c230cd8e5e66713a0d2bc592209b79f1f0
1e8c6cce52b78b8fc4d0769a22584ea9dc19e2ad86a2de7ebae23f1dcea422a6
24aaa694a71ffe696c790e77fdaa2b94b1c3b813fb0280fd46f7dd70ce087618
2f3298e36b8bdcd4dde56932f2867da29fc050fda590e8aad6ef1d2f5c41e920
3066ab1b04afcb10988e6a994f975e1da71a5a3bf33c2cd334675f78858a21d3
3102b620e254077cc0a8823f43f6ce6a48968f92e39dda0158c6f5a8894a4179
37e3f60b0105f4ee41e58f37925762194b10c6753dd440f8654d1fc5add9e41e
4241ed08ff0203f3bc755d254ec09279142da36ffebf1ac45976906a2f797606
45e3207eb69a063dcf4458c16399ffcecc0cec315231296dd2a13bb915364b59
4b5013649b6cfebc44e8df446c49ce51ff300cc787611e450056a4a49737e188
533bc5361cff54b122313ca18575f0e22308258e3f621949cf93d19ffd87bc21
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5564d783c2e92c0d3b50ad9ff4389845b4922c05d1cb62807930c56c2f295993
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5b7ae8278cc9d9b21f5f15427183c6ec3580070df13fdcf88846d36f5bc63fbc
5e5c80cfdb0255ba5d494e8fc73dd533a4b8d965198e28636b593bd33385225a
5f94cbb562e49720f2ad57cc1e944560160523e8f22b48b1577c0f0170e4efe3
65b9101ebaf51b5346e68cd8ff3b854beb184849f007ba0e08d44d5337eb3cfb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c624c08273ecc9274c2e2d819e9c78abbec6cffa882f807d489558fe075bd17
75612e7452e9d61e12788a27d1a8910b38edb1dd0b159ad1b6f1c91b980446b0
7a477225fc9bec38ef4855999aedfad3028d470bb1b127bf85254372dbcc2cea
7aa4f77f57a0f64a53af45da95ec7cda1e966c918722d7812682ffc92afad078
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8538031441d7aa120d37b5e1ecadc0b5e7f7861da00d3c5106ad06f26766115f
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8c5be1a27f200afa7561c31f1452df0df96f078489bbffdcd10ac08bc64ca10c
8e4497ecbac7988f50a61ffe3b008a3fc17ce429d60fe07a648aaffd05100567
8f00b79763a64df0a02ba2e84a513b941d03790b6d55daa00e5a65a57c8c6164
92c7894913d27feffe47ea6bdb8c94f1e4a8cf7fa96a11cd91730ede945712e2
9625d69836119679eca4f0e1b026584d5c9543000b9c6a58953bfc122e869624
b06a9f3078b6a78e9303a2f69a5a99e3318e59f66f0f93eaded054370aec51fb
b1ef795c25fd5f8a504cd42007b3494323cc75288588fb4bf29f11766176defd
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b511924a24cc16913536f748b47cc57a808942a56391ae240ade474f18ee6aa9
b9f62834997284828681dd6468d6093effb3b3659b7f16f912f1326c6c272531
c8f3f707f343630b82957a4b202c9464d75e98df4cd517eb514908bd1f09f7ea
da38f21e557255d66479b204b0379a54dec8cb17b19d7c69102d677461b31fc8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84d15630ccb503477088d9e74c49de4d36500050e910111be65d99270c79cba
eb36df0ee7f6b1cf277f97a46e509442c4f1a06ad5ab64d9461887f0026436c3
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb122a1c5fc8402deffb530b0a754c9bf7520fe7a028d0385360e41c36c6bb20
fc0b0343d82f2d2e2b13b3ceb88e99feae43df871b51ddb42d1af2bf050d6a85