urlscan.io logo urlscan.io
SecurityTrails logo

cultureevolution.com Open in urlscan Pro
35.213.140.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://covid19cultureevolution.com/
Effective URL: https://cultureevolution.com/culture-audit/
Submission Tags: falconsandbox
Submission: On May 22 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 8 countries across 24 domains to perform 96 HTTP transactions. The main IP is 35.213.140.42, located in Singapore, Singapore and belongs to GOOGLE, US. The main domain is cultureevolution.com.
TLS certificate: Issued by R3 on March 28th 2021. Valid for: 3 months.
This is the only time cultureevolution.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.161.187.200 8100 (ASN-QUADR...)
1 1 188.164.131.200 34971 (PDDA-AS)
1 2 35.213.140.42 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
20 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.14.217 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
6 11 34.246.96.178 16509 (AMAZON-02)
1 104.244.42.3 13414 (TWITTER)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2 35.244.159.8 15169 (GOOGLE)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 142.250.185.162 15169 (GOOGLE)
3 8 185.33.220.145 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:211... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
18 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
96 29
1    192.161.187.200 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 192.161.187.200.static.quadranet.com
covid19cultureevolution.com
1    188.164.131.200 (Italy)

ASN34971 (PDDA-AS, IT)
PTR: parking.namesilo.com
www.covid19cultureevolution.com
2    35.213.140.42 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
PTR: 42.140.213.35.bc.googleusercontent.com
cultureevolution.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
20    2606:4700::6811:d125 (United States)

ASN13335 (CLOUDFLARENET, US)
arthur.kartra.com
app.kartra.com
2    151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
tag.perfectaudience.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
11    34.246.96.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-96-178.eu-west-1.compute.amazonaws.com
pixel-geo.prfct.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
8    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:9000:20eb:7c00:1c:2135:3780:21 (United States)

ASN16509 (AMAZON-02, US)
d2uolguxr56s4e.cloudfront.net
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:9000:211e:f400:6:a951:7b00:21 (United States)

ASN16509 (AMAZON-02, US)
d1aettbyeyfilo.cloudfront.net
1    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
18    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
10    2a00:1450:4001:3c::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5e6nzl.googlevideo.com
2    2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
18 www.youtube.com app.kartra.com
www.youtube.com
arthur.kartra.com
16 app.kartra.com arthur.kartra.com
app.kartra.com
static.cloudflareinsights.com
11 pixel-geo.prfct.co 6 redirects cultureevolution.com
tag.perfectaudience.com
arthur.kartra.com
10 r3---sn-4g5e6nzl.googlevideo.com www.youtube.com
8 secure.adnxs.com 3 redirects cultureevolution.com
tag.perfectaudience.com
7 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 arthur.kartra.com cultureevolution.com
arthur.kartra.com
3 yt3.ggpht.com www.youtube.com
3 d2uolguxr56s4e.cloudfront.net arthur.kartra.com
d2uolguxr56s4e.cloudfront.net
2 i.ytimg.com www.youtube.com
2 d1aettbyeyfilo.cloudfront.net arthur.kartra.com
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects cultureevolution.com
2 www.facebook.com cultureevolution.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 tag.perfectaudience.com cultureevolution.com
arthur.kartra.com
2 connect.facebook.net cultureevolution.com
connect.facebook.net
2 cultureevolution.com 1 redirects
1 www.gstatic.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 googleads.g.doubleclick.net www.youtube.com
1 static.cloudflareinsights.com app.kartra.com
1 fonts.googleapis.com arthur.kartra.com
1 pixel.rubiconproject.com cultureevolution.com
1 ads.yahoo.com cultureevolution.com
1 analytics.twitter.com cultureevolution.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com cultureevolution.com
1 www.covid19cultureevolution.com 1 redirects
1 covid19cultureevolution.com 1 redirects
96 31

This site contains no links.

Subject Issuer Validity Valid
cultureevolution.com
R3		 2021-03-28 -
2021-06-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
ssl744422.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-04-07 -
2021-10-14		 6 months crt.sh
*.perfectaudience.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.prfct.co
DigiCert SHA2 Secure Server CA		 2019-09-03 -
2021-10-27		 2 years crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-11 -
2021-06-30		 2 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-11 -
2021-07-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-05-11 -
2021-07-20		 2 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://cultureevolution.com/culture-audit/
Frame ID: F4089B56D7F1EC29D0189141AA0AE375
Requests: 20 HTTP requests in this frame

Frame: https://arthur.kartra.com/page/Culture_Audit
Frame ID: 1E6809866943267894D7A95FF12E86BD
Requests: 40 HTTP requests in this frame

Frame: https://app.kartra.com/external_video/youtube/UM28EH7qs4s?autoplay=true
Frame ID: 827CAA3965F4D18CFDCC21246E58B769
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
Frame ID: 52FB6ADCA3744FB19B0F2C9F07100388
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://covid19cultureevolution.com/ HTTP 301
    http://www.covid19cultureevolution.com/ HTTP 301
    https://cultureevolution.com/culture-audit HTTP 301
    https://cultureevolution.com/culture-audit/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

96
Requests

100 %
HTTPS

68 %
IPv6

24
Domains

31
Subdomains

29
IPs

8
Countries

4075 kB
Transfer

8822 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://covid19cultureevolution.com/ HTTP 301
    http://www.covid19cultureevolution.com/ HTTP 301
    https://cultureevolution.com/culture-audit HTTP 301
    https://cultureevolution.com/culture-audit/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://pixel-geo.prfct.co/tagjs?a_id=58397&source=js_tag HTTP 302
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=58397&source=js_tag
Request Chain 10
  • https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
  • https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_fGTJCrtaIUezi9h2u
Request Chain 11
  • https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_fGTJCrtaIUezi9h2u&sigv=1&esig=2~da97343ec0f2b20a2367f51efa12a4c7633d6312
Request Chain 12
  • https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_fGTJCrtaIUezi9h2u HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_fGTJCrtaIUezi9h2u
Request Chain 13
  • https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_fGTJCrtaIUezi9h2u
Request Chain 14
  • https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfZkdUSkNydGFJVWV6aTloMnU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfZkdUSkNydGFJVWV6aTloMnU&google_tc= HTTP 302
  • https://pixel-geo.prfct.co/cb?partnerId=goo
Request Chain 16
  • https://secure.adnxs.com/seg?t=2&add=21219608 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D21219608
Request Chain 17
  • https://secure.adnxs.com/seg?t=2&add=4908195 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4908195
Request Chain 18
  • https://secure.adnxs.com/seg?t=2&add=4908196 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4908196

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cultureevolution.com/culture-audit/
Redirect Chain
  • http://covid19cultureevolution.com/
  • http://www.covid19cultureevolution.com/
  • https://cultureevolution.com/culture-audit
  • https://cultureevolution.com/culture-audit/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cultureevolution.com/culture-audit/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.140.42 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
42.140.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ee429381a3c83b2faaf2f697e219856d4eb5ca2e844a9c66ccc5d3d68e594688

Request headers

:method
GET
:authority
cultureevolution.com
:scheme
https
:path
/culture-audit/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=2ae187eb7919572648407463cae866d9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Sat, 22 May 2021 06:44:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding User-Agent,Accept-Encoding
pragma
no-cache
x-cache-enabled
True
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://cultureevolution.com/wp-json/>; rel="https://api.w.org/", <https://cultureevolution.com/wp-json/wp/v2/pages/2645>; rel="alternate"; type="application/json", <https://cultureevolution.com/?p=2645>; rel=shortlink
x-httpd
1
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-encoding
br

Redirect headers

server
nginx
date
Sat, 22 May 2021 06:44:56 GMT
content-type
text/html; charset=UTF-8
location
https://cultureevolution.com/culture-audit/
pragma
no-cache
vary
User-Agent
x-cache-enabled
True
expires
Sat, 22 May 2021 07:44:56 GMT
cache-control
max-age=3600
x-redirect-by
WordPress
set-cookie
PHPSESSID=2ae187eb7919572648407463cae866d9; path=/
x-httpd
1
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:SKIP_CACHE_SET_COOKIE
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-58882139-1
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b18d83eae07a6819ced89c082798f9b12d67c0f0243200abe37aeeaaddd02b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35743
x-xss-protection
0
last-modified
Sat, 22 May 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 22 May 2021 06:45:05 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24156
x-fb-rlafr
0
pragma
public
x-fb-debug
OF7lGjNNZMExz1HMPEoR4+QoSzyldnBNrNaK16FhjN8L63ZbLFEKWq7LSj6U8/P/S3NrcfvKJrEs9ie8fvmKUQ==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 22 May 2021 06:45:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
Culture_Audit
arthur.kartra.com/page/ Frame 1E68 		137 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://arthur.kartra.com/page/Culture_Audit
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215a74c36c546bbbbe643b7f3da99795bda87f0154142b979b527dd71087580e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
arthur.kartra.com
:scheme
https
:path
/page/Culture_Audit
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cultureevolution.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cultureevolution.com/

Response headers

date
Sat, 22 May 2021 06:45:05 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
cf-request-id
0a346b11c10000c29f34b81000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65341462ced5c29f-FRA
content-encoding
gzip
56e3bbe6409c5d2c2300000d.js
tag.perfectaudience.com/serve/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.perfectaudience.com/serve/56e3bbe6409c5d2c2300000d.js
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
cd044b40f895d7812f661c9cde02a33bedeb81aef88c4b860c4b8c8236a26e88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:05 GMT
via
1.1 vegur, 1.1 varnish
x-content-type-options
nosniff
server
Cowboy
age
0
x-served-by
cache-fra19145-FRA
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript
content-encoding
gzip
cache-control
max-age=1800
accept-ranges
bytes
x-timer
S1621665905.134981,VS0,VE195
content-length
3748
x-cache-hits
0
304613799943496
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/304613799943496?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2176cdb370f26a268bcfa6f575f69f0bbd91a24cf2a3a5e5fdc0efcb3e5d3dda
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
n0RGAoP/AUVUt9tuN+Y2LGSCUdidCBPR1wc+gsu45WX5sxLtYv53Lrbp37iP+fIi6Q+SfNbzsbs0NGIdotb19A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 22 May 2021 06:45:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-58882139-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4509
date
Sat, 22 May 2021 05:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 22 May 2021 07:29:56 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1876017227&t=pageview&_s=1&dl=https%3A%2F%2Fcultureevolution.com%2Fculture-audit%2F&ul=en-us&de=UTF-8&dt=FREE%20Organizational%20Culture%20Audit%20Initiative&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1192472682&gjid=515944556&cid=1536321461.1621665905&tid=UA-58882139-1&_gid=296170073.1621665905&_r=1&gtm=2ou5c1&z=1860196160
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 22 May 2021 06:45:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cultureevolution.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-58882139-1&cid=1536321461.1621665905&jid=1192472682&gjid=515944556&_gid=296170073.1621665905&_u=YEBAAUAAAAAAAC~&z=1396298261
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 22 May 2021 06:45:05 GMT
content-type
text/plain
access-control-allow-origin
https://cultureevolution.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=304613799943496&ev=PageView&dl=https%3A%2F%2Fcultureevolution.com%2Fculture-audit%2F&rl=&if=false&ts=1621665905204&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1621665905202.739304541&it=1621665905091&coo=false&exp=l0&rqm=GET
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 22 May 2021 06:45:05 GMT
tagjs
pixel-geo.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/tagjs?a_id=58397&source=js_tag
  • https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=58397&source=js_tag
125 B
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=58397&source=js_tag
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.96.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-96-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
eb4d7fb31921b4daa298f12919c9e3efe20b60464f94f60f068249782e3db46d

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
125
Content-Type
text/javascript

Redirect headers

Location
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=58397&source=js_tag
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
adsct
analytics.twitter.com/i/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=twtr
  • https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_fGTJCrtaIUezi9h2u
43 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_fGTJCrtaIUezi9h2u
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Sat, 22 May 2021 06:45:05 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
5ec889c440e0dfa96993d0dfa5314c7f5f4f9b96f64f45554e73acb2470bee44
x-transaction
fa7d6fd51d58a68c
expires
Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_fGTJCrtaIUezi9h2u
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
v1
ads.yahoo.com/cms/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=yah
  • https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_fGTJCrtaIUezi9h2u&sigv=1&esig=2~da97343ec0f2b20a2367f51efa12a4c7633d6312
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_fGTJCrtaIUezi9h2u&sigv=1&esig=2~da97343ec0f2b20a2367f51efa12a4c7633d6312
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:05 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_fGTJCrtaIUezi9h2u&sigv=1&esig=2~da97343ec0f2b20a2367f51efa12a4c7633d6312
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=opx
  • https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_fGTJCrtaIUezi9h2u
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_fGTJCrtaIUezi9h2u
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_fGTJCrtaIUezi9h2u
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 06:45:05 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_fGTJCrtaIUezi9h2u
date
Sat, 22 May 2021 06:45:05 GMT
via
1.1 google
server
OXGW/16.207.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=rbcn
  • https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_fGTJCrtaIUezi9h2u
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_fGTJCrtaIUezi9h2u
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_fGTJCrtaIUezi9h2u
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cb
pixel-geo.prfct.co/
Redirect Chain
  • https://pixel-geo.prfct.co/cs/?partnerId=goo
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfZkdUSkNydGFJVWV6aTloMnU
  • https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfZkdUSkNydGFJVWV6aTloMnU&google_tc=
  • https://pixel-geo.prfct.co/cb?partnerId=goo
43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.96.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-96-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 06:45:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pixel-geo.prfct.co/seg/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-geo.prfct.co/seg/?add=4908196,4908195,21219608&source=js_tag&a_id=58397
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.96.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-96-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
43
Content-Type
image/gif
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?t=2&add=21219608
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D21219608
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D21219608
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 06:45:05 GMT
X-Proxy-Origin
185.216.35.121; 185.216.35.121; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.136:80
AN-X-Request-Uuid
4b6c6719-41f5-463a-82fb-c66d157e8e07
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 22 May 2021 06:45:05 GMT
X-Proxy-Origin
185.216.35.121; 185.216.35.121; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.10:80
AN-X-Request-Uuid
c4485566-8b67-45b5-b875-b4ce4095700a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D21219608
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?t=2&add=4908195
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4908195
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4908195
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 06:45:05 GMT
X-Proxy-Origin
185.216.35.121; 185.216.35.121; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.44:80
AN-X-Request-Uuid
62dbe95c-3593-4c7b-8d03-cdbf1372a18b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 22 May 2021 06:45:05 GMT
X-Proxy-Origin
185.216.35.121; 185.216.35.121; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.248:80
AN-X-Request-Uuid
429bda21-8ae6-440c-ad70-54bbe64cb13e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4908195
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?t=2&add=4908196
  • https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4908196
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4908196
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 06:45:05 GMT
X-Proxy-Origin
185.216.35.121; 185.216.35.121; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.183:80
AN-X-Request-Uuid
f4d76ab3-0b21-4a99-a1de-e5f46635f354
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 22 May 2021 06:45:05 GMT
X-Proxy-Origin
185.216.35.121; 185.216.35.121; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.148:80
AN-X-Request-Uuid
68e9a536-4d47-429a-aa4e-9261b1581555
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D4908196
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame 1E68 		56 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,600,600i,700,700i,900,900i|Roboto:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i|Raleway:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i&display=swap
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9eaed3996cddd852ac35569bdead382d016b758587626ae41f5064598c2fd95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 22 May 2021 06:45:05 GMT
server
ESF
date
Sat, 22 May 2021 06:45:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 22 May 2021 06:45:05 GMT
kartra_components.css
d2uolguxr56s4e.cloudfront.net/internal/pages/css/ Frame 1E68 		2 MB
148 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2uolguxr56s4e.cloudfront.net/internal/pages/css/kartra_components.css
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7c00:1c:2135:3780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0256697f7cbb0e0262f0ea474eae2ced585cada18518f9f7d24f7646ee7779f0

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jrPHPz3TrzX5ti4.cS4f7UPlFNuNHGFP
content-encoding
gzip
last-modified
Wed, 19 May 2021 06:12:55 GMT
server
AmazonS3
age
40687
etag
W/"bc5e8cdf8cc29b26aee9e3035bca4d91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
date
Sat, 22 May 2021 06:13:04 GMT
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
qTYOS5r3z1Dm6TGuhpNbKATiUNsMgssjoRwlzWHASxE9HWEgFNmRvA==
font-awesome.css
app.kartra.com/css/new/css/pages/ Frame 1E68 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/css/new/css/pages/font-awesome.css
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84c937068d291fbedcc2d1d0fd98d52ed9dffcb1347a19e383ff4e34298495b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:05 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
2427
cf-polished
origSize=29881
cf-request-id
0a346b14320000c29f02330000000001
last-modified
Mon, 04 May 2020 06:23:36 GMT
server
cloudflare
etag
W/"5eafb4e8-74b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
expires
Sat, 22 May 2021 06:50:05 GMT
cache-control
public, max-age=300
cf-ray
65341466bccbc29f-FRA
cf-bgj
minify
new_bootstrap.css
d2uolguxr56s4e.cloudfront.net/internal/pages/css/ Frame 1E68 		73 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2uolguxr56s4e.cloudfront.net/internal/pages/css/new_bootstrap.css
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7c00:1c:2135:3780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
502817a1dcb822bace7eb50f395601d99c90771935740c8f54e8cb10e4de6501

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eck4lREtHmKv3tPvROKKUlGCVfGBjHm4
content-encoding
gzip
last-modified
Wed, 19 May 2021 06:12:54 GMT
server
AmazonS3
age
40687
etag
W/"9df7e75e9a43859273433d9112d11521"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
date
Sat, 22 May 2021 06:13:04 GMT
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
ELykblNFO-2Cvmx9VxKcNrrv_DFICkkEZbEoWgeJ4zKFE95Yk_40hA==
skeleton-above.js
arthur.kartra.com/js/build/front/pages/ Frame 1E68 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arthur.kartra.com/js/build/front/pages/skeleton-above.js
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c91f8e7e9587cef67cf196f88bf70b147d97ba0dde32db0991a1489559d51c72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arthur.kartra.com/page/Culture_Audit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
REVALIDATED
cf-polished
origSize=186151
cf-request-id
0a346b14270000c29fe4287000000001
last-modified
Tue, 11 May 2021 11:01:09 GMT
server
cloudflare
etag
W/"609a63f5-2d727"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=utf-8
expires
Sat, 22 May 2021 06:50:06 GMT
cache-control
public, max-age=300
cf-ray
65341466acb2c29f-FRA
cf-bgj
minify
optin.js
app.kartra.com/js/build/front/pages/ Frame 1E68 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/js/build/front/pages/optin.js
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af3fd50e4c578d49b1d1751e0dc9380b5987bca811a5a25e28208d86c3140a44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:05 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
2106
cf-polished
origSize=33197
cf-request-id
0a346b14fb0000c29f07327000000001
last-modified
Thu, 25 Feb 2021 08:10:14 GMT
server
cloudflare
etag
W/"60375b66-81ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=utf-8
expires
Sat, 22 May 2021 06:50:05 GMT
cache-control
public, max-age=300
cf-ray
65341467fea4c29f-FRA
cf-bgj
minify
skeleton-immediate.js
arthur.kartra.com/js/build/front/pages/ Frame 1E68 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arthur.kartra.com/js/build/front/pages/skeleton-immediate.js
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fda0820478381b07d4294f2cb508287a705bfbdb0f9a7d425d4258913221da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arthur.kartra.com/page/Culture_Audit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 24 Jun 2020 06:12:14 GMT
server
cloudflare
etag
W/"5ef2eebe-1c52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
65341467fea6c29f-FRA
cf-request-id
0a346b14fc0000c29f3f12e000000001
expires
Sat, 22 May 2021 06:50:06 GMT
skeleton-below.js
arthur.kartra.com/js/build/front/pages/ Frame 1E68 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arthur.kartra.com/js/build/front/pages/skeleton-below.js
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0580ca0bf23bb345c8dc3e28b1a7573ba53b0017033d1b9bcec2573e1399637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arthur.kartra.com/page/Culture_Audit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Aug 2020 08:25:35 GMT
server
cloudflare
etag
W/"5f3ce1ff-2fcb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
65341469e9cfc29f-FRA
cf-request-id
0a346b16330000c29f24b88000000001
expires
Sat, 22 May 2021 06:50:06 GMT
52gYMjg3
app.kartra.com/resources/js/analytics/ Frame 1E68 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/resources/js/analytics/52gYMjg3
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
592a8b27e9a69bbaf008ada9590dfde98d161a1d5e489a8a9d51f66c5cc242f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cf-ray
65341469e9d2c29f-FRA
cf-request-id
0a346b16340000c29f0f3d7000000001
page_check
app.kartra.com/resources/js/ Frame 1E68 		127 B
193 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/resources/js/page_check?page_id=0Hem2xUOWs9c
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04ba9191a34da1249205be89a6290068726ffc1d18bd809ddabb2d3ef2fe2405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cf-ray
65341469e9d3c29f-FRA
cf-request-id
0a346b16340000c29f3b9e8000000001
kartra_embed_wild_card
app.kartra.com/resources/js/ Frame 1E68 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/resources/js/kartra_embed_wild_card?type=kartra_page&owner=52gYMjg3
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c23cb8bd5c026b3fdc092710a2b8bf6bcfdcf0ecb2fc251c5cd4648208f3fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cf-ray
65341467fea8c29f-FRA
cf-request-id
0a346b14fc0000c29ff6865000000001
0Hem2xUOWs9c
app.kartra.com/analytics/visitorTime/ Frame 1E68 		0
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/analytics/visitorTime/0Hem2xUOWs9c
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/js/build/front/pages/skeleton-above.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://arthur.kartra.com
access-control-allow-credentials
true
cf-ray
65341469e9ccc29f-FRA
cf-request-id
0a346b16330000c29fe1289000000001
truncated
/ Frame 1E68 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
UM28EH7qs4s
app.kartra.com/external_video/youtube/ Frame 827C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/external_video/youtube/UM28EH7qs4s?autoplay=true
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3b748f7b7a08905e237ab08bc734b9ad79b83064f72617e7a29c0746b4736b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
app.kartra.com
:scheme
https
:path
/external_video/youtube/UM28EH7qs4s?autoplay=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://arthur.kartra.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://arthur.kartra.com/

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
cf-request-id
0a346b16340000c29f49106000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65341469e9d6c29f-FRA
content-encoding
gzip
truncated
/ Frame 1E68 		26 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame 1E68 		343 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33bd07594a35b1fe9bfd084a672f88c508acf66d71d6b2ab43408c63aa1d317a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 1E68 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,600,600i,700,700i,900,900i|Roboto:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i|Raleway:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://arthur.kartra.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
140459
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 20 May 2022 15:44:07 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 1E68 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,600,600i,700,700i,900,900i|Roboto:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i|Raleway:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://arthur.kartra.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 03:56:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
96498
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
expires
Sat, 21 May 2022 03:56:48 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1E68 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,600,600i,700,700i,900,900i|Roboto:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i|Raleway:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://arthur.kartra.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 12:08:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
66985
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Sat, 21 May 2022 12:08:41 GMT
kartra-external-icon-set.woff2
d2uolguxr56s4e.cloudfront.net/icons/ Frame 1E68 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2uolguxr56s4e.cloudfront.net/icons/kartra-external-icon-set.woff2?edagnx
Requested by
Host: d2uolguxr56s4e.cloudfront.net
URL: https://d2uolguxr56s4e.cloudfront.net/internal/pages/css/kartra_components.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7c00:1c:2135:3780:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6188ef041f0e7f7ec6a7ccc3ffe5fb8d38533612c4030abe50922ee4a8c1f3ab

Request headers

Origin
https://arthur.kartra.com
Referer
https://d2uolguxr56s4e.cloudfront.net/internal/pages/css/kartra_components.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cHq.bGsujCdgaW6GIVwuStlNnuf0M7Tq
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
etag
"172926ba58b7cc752b2350ab13c809a6"
x-amz-cf-pop
FRA2-C1
x-cache
RefreshHit from cloudfront
content-length
37392
last-modified
Mon, 04 Jan 2021 13:35:35 GMT
server
AmazonS3
date
Sat, 22 May 2021 06:45:07 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag, x-amz-meta-custom-header
x-amz-meta-version-id
8LXFviI1NhPVIq7kFG8Fh636sdbdCxvS
accept-ranges
bytes
x-amz-cf-id
_urOzcWEXJjskqwbnW9QcE1dyAJ7qFSFmnalFoUfKd2HE4srYP2YpQ==
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 1E68 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,600,600i,700,700i,900,900i|Roboto:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i|Raleway:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://arthur.kartra.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:05 GMT
server
sffe
age
506488
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23248
x-xss-protection
0
expires
Mon, 16 May 2022 10:03:38 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1E68 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,600,600i,700,700i,900,900i|Roboto:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i|Raleway:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://arthur.kartra.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 10:13:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
73898
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Sat, 21 May 2022 10:13:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 1E68 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,600,600i,700,700i,900,900i|Roboto:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i|Raleway:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://arthur.kartra.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
379786
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 17 May 2022 21:15:20 GMT
truncated
/ Frame 1E68 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ Frame 1E68 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ Frame 1E68 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
56e3bbe6409c5d2c2300000d.js
tag.perfectaudience.com/serve/ Frame 1E68 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.perfectaudience.com/serve/56e3bbe6409c5d2c2300000d.js
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
cd044b40f895d7812f661c9cde02a33bedeb81aef88c4b860c4b8c8236a26e88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
via
1.1 vegur, 1.1 varnish
x-content-type-options
nosniff
server
Cowboy
age
1
x-served-by
cache-fra19145-FRA
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
content-encoding
gzip
cache-control
max-age=1800
accept-ranges
bytes
x-timer
S1621665906.341112,VS0,VE0
content-length
3748
x-cache-hits
1
tagjs
pixel-geo.prfct.co/ Frame 1E68 		59 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel-geo.prfct.co/tagjs?a_id=58397&source=js_tag
Requested by
Host: tag.perfectaudience.com
URL: https://tag.perfectaudience.com/serve/56e3bbe6409c5d2c2300000d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.96.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-96-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7de2a6889fb2320bf94c60b5f0ec4ac9cdea6073b7d4d641f59a312dafa6f52a

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
59
Content-Type
text/javascript
8617692_1584954005730covid19-banner.webp
d1aettbyeyfilo.cloudfront.net/Arthur/ Frame 1E68 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aettbyeyfilo.cloudfront.net/Arthur/8617692_1584954005730covid19-banner.webp
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:f400:6:a951:7b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
530f08b91432771115b3a959cc643c8b92c24f2b6b58de36347c59d2e285772d

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
last-modified
Mon, 23 Mar 2020 09:00:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"22c6cb669769b363cc710551a0b170ba"
x-cache
Miss from cloudfront
x-amz-version-id
CK29ONBKlXtYicTfH.14443Unrde6rA2
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
image/webp
content-length
83384
x-amz-cf-id
jvr4_BBdVLt8fehKrXGIeB8pGb-0ZN5I4TELx1fgSDUYgHr1ZvUu1g==
seg
secure.adnxs.com/ Frame 1E68 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?t=2&add=4908195
Requested by
Host: tag.perfectaudience.com
URL: https://tag.perfectaudience.com/serve/56e3bbe6409c5d2c2300000d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 06:45:06 GMT
X-Proxy-Origin
185.216.35.121; 185.216.35.121; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid
21a8fd83-bfc3-4994-b99d-38cefad302fa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
seg
secure.adnxs.com/ Frame 1E68 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?t=2&add=4908196
Requested by
Host: tag.perfectaudience.com
URL: https://tag.perfectaudience.com/serve/56e3bbe6409c5d2c2300000d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 May 2021 06:45:06 GMT
X-Proxy-Origin
185.216.35.121; 185.216.35.121; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid
eea61cb4-6136-420e-ab11-8ec8c1608691
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
pixel-geo.prfct.co/seg/ Frame 1E68 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-geo.prfct.co/seg/?add=4908196,4908195&source=js_tag&a_id=58397
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.96.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-96-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, private
Connection
keep-alive
P3P
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
43
Content-Type
image/gif
ZHBqdtGUiyYf
app.kartra.com/pages/open/load_optin/ Frame 1E68 		92 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/pages/open/load_optin/ZHBqdtGUiyYf?callback=test&_=1621665906208
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/js/build/front/pages/skeleton-above.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b972aee84d44034eabae62f18e39929418979efa8434682020b6af66ca0140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html; charset=UTF-8
cf-ray
6534146b4bcdc29f-FRA
cf-request-id
0a346b170d0000c29fdea17000000001
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=304613799943496&ev=Microdata&dl=https%3A%2F%2Fcultureevolution.com%2Fculture-audit%2F&rl=&if=false&ts=1621665906707&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22FREE%20Organizational%20Culture%20Audit%20Initiative%22%2C%22meta%3Adescription%22%3A%22We%20are%20giving%20away%20%241%2C000%2C000%20in%20Culture%20Audits%20to%20support%20companies%20and%20Moral%20by%20Nurturing%20Purpose%20through%20Improving%20Work%20Culture%20during%20downtime%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&fbp=fb.1.1621665905202.739304541&it=1621665905091&coo=false&es=automatic&tm=3&exp=l0&rqm=GET
Requested by
Host: cultureevolution.com
URL: https://cultureevolution.com/culture-audit/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://cultureevolution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sat, 22 May 2021 06:45:06 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame 827C 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: app.kartra.com
URL: https://app.kartra.com/external_video/youtube/UM28EH7qs4s?autoplay=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198eedf9d8a1ad8d85e2d631ea8667a47a66b7ce838847359045beb4e8f3a635

Request headers

Referer
https://app.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 23:53:29 GMT
server
cloudflare
etag
W/"edaab647-ad35-4f09-a18c-7588cff79e00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6534146d2d7e4eaa-FRA
cf-request-id
0a346b183b00004eaa2617b000000001
jquery-1.10.2.min.js
app.kartra.com/js/node_modules/kartra-jquery/jquery-1.10.2/ Frame 827C 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/js/node_modules/kartra-jquery/jquery-1.10.2/jquery-1.10.2.min.js
Requested by
Host: app.kartra.com
URL: https://app.kartra.com/external_video/youtube/UM28EH7qs4s?autoplay=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98ce6096a91b73a5b047f6b6bad2c1c3c204ca24e3cb60e58f511c287ee3862
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://app.kartra.com/external_video/youtube/UM28EH7qs4s?autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
age
2474
etag
W/"1dc09d84-16c1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
6534146d1e5ec29f-FRA
cf-request-id
0a346b18300000c29f1420e000000001
expires
Sat, 22 May 2021 06:50:06 GMT
UM28EH7qs4s
www.youtube.com/embed/ Frame 52FB 		52 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
Requested by
Host: app.kartra.com
URL: https://app.kartra.com/external_video/youtube/UM28EH7qs4s?autoplay=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f241bab91b6264874d6349a0ec0af2717ca1b63a10661d7e038c84e5baec6846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://app.kartra.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://app.kartra.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 22 May 2021 06:45:06 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=y5HYmQbvn30; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=PcciJAS3rk4; Domain=.youtube.com; Expires=Thu, 18-Nov-2021 06:45:06 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+572; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iframe_api
www.youtube.com/ Frame 827C 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: app.kartra.com
URL: https://app.kartra.com/external_video/youtube/UM28EH7qs4s?autoplay=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83dc0e72a5bb7e112cca913cd73421083e518e3194d04251f1e844a20e085a41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 22 May 2021 06:45:06 GMT
www-widgetapi.js
www.youtube.com/s/player/c39bcc11/www-widgetapi.vflset/ Frame 827C 		120 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c39bcc11/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95d1a26865d0d6ec7135f60b0de176537bcdca6063d3dab302b37355fcf3f804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 00:16:20 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
23326
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40884
x-xss-protection
0
expires
Sun, 22 May 2022 00:16:20 GMT
www-player-webp.css
www.youtube.com/s/player/c39bcc11/ Frame 52FB 		359 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c39bcc11/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
600473b6152d1d0a50097aa6fd6811dcbc9edd23e5ec77afc39b4369f14339a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:31:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
83635
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46248
x-xss-protection
0
expires
Sat, 21 May 2022 07:31:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 52FB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 06:54:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
604262
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Sun, 15 May 2022 06:54:04 GMT
www-embed-player.js
www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/ Frame 52FB 		191 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ae1bf1458589d1f72a7bf9a7fb9c21e8344aee819519c1dc8cbcfd9d6c16f54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:31:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
83643
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64589
x-xss-protection
0
expires
Sat, 21 May 2022 07:31:03 GMT
base.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 52FB 		2 MB
465 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e34fa30d251bc425762a596368b08a20812bca6fcbba712c2cdce66c86bdf8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
83361
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
476025
x-xss-protection
0
expires
Sat, 21 May 2022 07:35:45 GMT
fetch-polyfill.js
www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/ Frame 52FB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:31:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
83643
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Sat, 21 May 2022 07:31:03 GMT
optin_fill_in
app.kartra.com//resources/js/ Frame 1E68 		1 KB
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com//resources/js/optin_fill_in?optin=ZHBqdtGUiyYf
Requested by
Host: app.kartra.com
URL: https://app.kartra.com/js/build/front/pages/optin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d55b5f7c84bced8ac24841e15dedf93f1aae42b78230c0500d58de42e07451c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cf-ray
6534146e3835c29f-FRA
cf-request-id
0a346b18df0000c29f0f3f7000000001
santitation_for_naked_checkout.js
app.kartra.com/js/ Frame 1E68 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/js/santitation_for_naked_checkout.js
Requested by
Host: app.kartra.com
URL: https://app.kartra.com/js/build/front/pages/optin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6f2523af0f83778d2741093a4d88e2cd06338f6a512960753ecdb62444e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:06 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
2352
cf-polished
origSize=9573
cf-request-id
0a346b18df0000c29f17ae7000000001
last-modified
Mon, 18 Jan 2021 12:37:16 GMT
server
cloudflare
etag
W/"600580fc-2565"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=utf-8
expires
Sat, 22 May 2021 06:50:06 GMT
cache-control
public, max-age=300
cf-ray
6534146e3838c29f-FRA
cf-bgj
minify
optin_front_javascript
app.kartra.com//resources/js/ Frame 1E68 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com//resources/js/optin_front_javascript?form_id=ZHBqdtGUiyYf
Requested by
Host: app.kartra.com
URL: https://app.kartra.com/js/build/front/pages/optin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d9c4bd43153061b2e07823b5f5fefed05bb8fd290ac4117cf0e94106ea7512e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cf-ray
6534146e3839c29f-FRA
cf-request-id
0a346b18df0000c29fe12ba000000001
id
googleads.g.doubleclick.net/pagead/ Frame 52FB 		113 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e18e0018500dd53d398124a40ad1c40819c56c626dbebfa2a8fbd2fec2fb4f93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 52FB 		29 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:33:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
687
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Sat, 22 May 2021 06:48:40 GMT
7WadPQM5Sz4PCIdYDiKmUZbGuJNx7cvT5MT2dFmDNsc.js
www.google.com/js/th/ Frame 52FB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/7WadPQM5Sz4PCIdYDiKmUZbGuJNx7cvT5MT2dFmDNsc.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed669d3d03394b3e0f0887580e22a65196c6b89371edcbd3e4c4f674598336c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 05:22:01 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 11:00:00 GMT
server
sffe
age
4986
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13162
x-xss-protection
0
expires
Sun, 22 May 2022 05:22:01 GMT
embed.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 52FB 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a9eae06d8bed89c745eb7f92f3ca81bdc456c50e0d86d28885d413b788a7d25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
83107
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7449
x-xss-protection
0
expires
Sat, 21 May 2022 07:40:00 GMT
player
www.youtube.com/youtubei/v1/ Frame 52FB 		79 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f889d44ce0881e42dc6fe058a94f19e90abde29ab517ef45bb1313d308c9b6d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210519.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id
CgtQY2NpSkFTM3JrNCjy0KKFBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19888
x-xss-protection
0
expires
Sat, 22 May 2021 06:45:07 GMT
truncated
/ Frame 52FB 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnheE6gyGtQYZi1R_YjAVkYxcBYhTTCRyy4dfhD735k=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 52FB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnheE6gyGtQYZi1R_YjAVkYxcBYhTTCRyy4dfhD735k=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
62b420d478f867e9fce349172a2e31095fa7f52c50e5d43b0b437ea8c85f1021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:19:31 GMT
x-content-type-options
nosniff
age
1536
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
server
fife
etag
"v5d10"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 16 May 2021 09:34:31 GMT
truncated
/ Frame 52FB 		281 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14eff6cab105c3f3d668b6de09e513886e2084061629fd8252eb7f23ec397c6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
8551571_1584610007068Back.webp
d1aettbyeyfilo.cloudfront.net/Arthur/ Frame 1E68 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1aettbyeyfilo.cloudfront.net/Arthur/8551571_1584610007068Back.webp
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:f400:6:a951:7b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4414e620bce743d1d43813f32e4fc94c38a5f15865640f91c94d047bba00e32f

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:08 GMT
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
last-modified
Thu, 19 Mar 2020 09:26:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
"203182ce7fdb00e4266e2a4e51e2c8ca"
x-cache
Miss from cloudfront
x-amz-version-id
JxHSe73l82iduJn90gIqbqHRaUmLxIGg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
image/webp
content-length
3366
x-amz-cf-id
7h6g78tGIjpdgpN0l_L-OGsoc1-2ZSf2INvgPNU-nZ-kn_D8WdXvLg==
generate_204
www.youtube.com/ Frame 52FB 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?mwscfw
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/page/Culture_Audit
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
performance
app.kartra.com/cdn-cgi/beacon/ Frame 827C 		0
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/cdn-cgi/beacon/performance?req_id=65341469e9d6c29f
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.kartra.com/external_video/youtube/UM28EH7qs4s?autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
x-content-type-options
nosniff
server
cloudflare
cf-ray
65341470cc37c29f-FRA
x-frame-options
DENY
qoe
www.youtube.com/api/stats/ Frame 52FB 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=134&afmt=251&cpn=_q1cH-pF_6UTTAa9&ei=c6ioYNqcCcjV1gKM7pmACQ&el=embedded&docid=UM28EH7qs4s&ns=yt&fexp=23948546%2C23983296%2C23986713%2C23995927%2C23997375%2C23999405%2C24001373%2C24004644%2C24007246%2C24019954%2C24035275%2C24036901%2C24040786%2C24042868%2C24044575&cl=375022155&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210519.1.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.291:N&afs=0.290:251::i&vfs=0.291:134:134::r&view=0.291:555:312&bwe=0.291:130000&bat=0.291:1:1&vis=0.291:0&cmt=0.291:0.000&bh=0.291:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 22 May 2021 06:45:07 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r3---sn-4g5e6nzl.googlevideo.com/ Frame 52FB 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nzl.googlevideo.com/videoplayback?expire=1621687507&ei=c6ioYNqcCcjV1gKM7pmACQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACBC1R4MwAifzgfs1CkxzzMOd2EVZqemDNYLjBdKaPLT&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=Eg&mm=31%2C26&mn=sn-4g5e6nzl%2Csn-5go7yner&ms=au%2Conr&mv=m&mvi=3&pl=50&initcwndbps=656250&vprv=1&mime=video%2Fmp4&ns=2n7b3MJLBCh_i1SaEAgXluAF&gir=yes&clen=16065973&otfp=1&dur=315.800&lmt=1585211014412425&mt=1621665675&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=2216222&n=y-J9wxH1KlPkDQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgUHhm6l8lgC3UAlN_E3dfG6qvMwBdU4gL8iPfHRpblAMCIQDLTmPkt-FJLp13F1c0umFogxuOnrBC1-ZJSK6_Y3Ehbw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMdRiKh-aPQrSP4pRSpwFwStdlhIcAXeiZNvC6WVHKs4AiEAtH1LGX_XdrpxNzSuVIYRxfJuVt49CoKDnKGgS-sJKnw%3D&alr=yes&cpn=_q1cH-pF_6UTTAa9&cver=1.20210519.1.1&range=0-159530&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
9b13272b0a64351a0ba8226637646bd74ccdad62d2c977985c14cf5c89dc8af6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 06:45:07 GMT
X-Restrict-Formats-Hint
None
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1077
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Content-Type-Options
nosniff
Expires
Sat, 22 May 2021 06:45:07 GMT
videoplayback
r3---sn-4g5e6nzl.googlevideo.com/ Frame 52FB 		1009 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nzl.googlevideo.com/videoplayback?expire=1621687507&ei=c6ioYNqcCcjV1gKM7pmACQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACBC1R4MwAifzgfs1CkxzzMOd2EVZqemDNYLjBdKaPLT&itag=251&source=youtube&requiressl=yes&mh=Eg&mm=31%2C26&mn=sn-4g5e6nzl%2Csn-5go7yner&ms=au%2Conr&mv=m&mvi=3&pl=50&initcwndbps=656250&vprv=1&mime=audio%2Fwebm&ns=2n7b3MJLBCh_i1SaEAgXluAF&gir=yes&clen=4135432&otfp=1&dur=315.841&lmt=1585211012415456&mt=1621665675&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=2211222&n=y-J9wxH1KlPkDQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALcqe16ZkXgjNdBYQhbgvz9wLSAx1HmJJp7sZEy8c5myAiACJRXcPNsfcWkjS36Ghz2T_KiXH3wFPmb-w60-DPDNig%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMdRiKh-aPQrSP4pRSpwFwStdlhIcAXeiZNvC6WVHKs4AiEAtH1LGX_XdrpxNzSuVIYRxfJuVt49CoKDnKGgS-sJKnw%3D&alr=yes&cpn=_q1cH-pF_6UTTAa9&cver=1.20210519.1.1&range=0-66342&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
5a3787b898152e91113a3d649ff8362c228362e693611dd82b082a11982b66c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 06:45:07 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1009
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Sat, 22 May 2021 06:45:07 GMT
remote.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 52FB 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5f48c02692bd5d8044836018be9f76909dcab3ceabe1d8a29f1f9375e9a90b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:35:46 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
83361
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30855
x-xss-protection
0
expires
Sat, 21 May 2022 07:35:46 GMT
captions.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 52FB 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/captions.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ee6fb7085f7081f3007cd8d9aa04ebb8ef2bf1e50d66477624c4b0808a60562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:38:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
83224
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23364
x-xss-protection
0
expires
Sat, 21 May 2022 07:38:03 GMT
endscreen.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 52FB 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b52cbe87fccd27b7a84fb404bb457befdb2ca77ebc31976145f1726caaf2bd0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:38:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
83224
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7147
x-xss-protection
0
expires
Sat, 21 May 2022 07:38:03 GMT
annotations_module.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 52FB 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/annotations_module.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba13a050012282bb847fefb4c6336d0ddcaa0cbd9d3f5f916342407d5d6110c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:44:33 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
82834
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19741
x-xss-protection
0
expires
Sat, 21 May 2022 07:44:33 GMT
next
www.youtube.com/youtubei/v1/ Frame 52FB 		70 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c38512b07e8712b333da959f00730fda76b8d027a6ef2f973390e095d6e833fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20210519.1.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id
CgtQY2NpSkFTM3JrNCjy0KKFBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5869
x-xss-protection
0
expires
Sat, 22 May 2021 06:45:07 GMT
sddefault.webp
i.ytimg.com/vi_webp/UM28EH7qs4s/ Frame 52FB 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/UM28EH7qs4s/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bdf4b762a999645a4fb5dc718568f42363ddae669d176e33712bf7a9b34fda97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
x-content-type-options
nosniff
server
sffe
etag
"1585210952"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35772
x-xss-protection
0
expires
Sat, 22 May 2021 08:45:07 GMT
videoplayback
r3---sn-4g5e6nzl.googlevideo.com/ Frame 52FB 		65 KB
65 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nzl.googlevideo.com/videoplayback?expire=1621687507&ei=c6ioYNqcCcjV1gKM7pmACQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACBC1R4MwAifzgfs1CkxzzMOd2EVZqemDNYLjBdKaPLT&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=2n7b3MJLBCh_i1SaEAgXluAF&gir=yes&clen=4135432&otfp=1&dur=315.841&lmt=1585211012415456&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=2211222&n=y-J9wxH1KlPkDQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALcqe16ZkXgjNdBYQhbgvz9wLSAx1HmJJp7sZEy8c5myAiACJRXcPNsfcWkjS36Ghz2T_KiXH3wFPmb-w60-DPDNig%3D%3D&alr=yes&cpn=_q1cH-pF_6UTTAa9&cver=1.20210519.1.1&redirect_counter=1&cm2rm=sn-4g5ed77s&cms_redirect=yes&mh=Eg&mm=34&mn=sn-4g5e6nzl&ms=ltu&mt=1621665645&mv=m&mvi=3&pl=50&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgOp4Fq0EGoWIm8jqgV5EMHOGhoH-Er1lE7HfjCj9uvCwCIQDqpzaFcOH5i-l1t8q6A5-2Dn7Vjey5QM1Dv1yiCQr_9A%3D%3D&range=0-66342&rn=3&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
b07ba9dfcdd921d0bf880c4ffcd9908738db4deae9c23bf20746ce05c0b460d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66343
client-protocol
quic
last-modified
Thu, 26 Mar 2020 08:23:32 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 22 May 2021 06:45:07 GMT
videoplayback
r3---sn-4g5e6nzl.googlevideo.com/ Frame 52FB 		156 KB
156 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nzl.googlevideo.com/videoplayback?expire=1621687507&ei=c6ioYNqcCcjV1gKM7pmACQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACBC1R4MwAifzgfs1CkxzzMOd2EVZqemDNYLjBdKaPLT&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=2n7b3MJLBCh_i1SaEAgXluAF&gir=yes&clen=16065973&otfp=1&dur=315.800&lmt=1585211014412425&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=2216222&n=y-J9wxH1KlPkDQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgUHhm6l8lgC3UAlN_E3dfG6qvMwBdU4gL8iPfHRpblAMCIQDLTmPkt-FJLp13F1c0umFogxuOnrBC1-ZJSK6_Y3Ehbw%3D%3D&alr=yes&cpn=_q1cH-pF_6UTTAa9&cver=1.20210519.1.1&redirect_counter=1&cm2rm=sn-4g5ed77s&cms_redirect=yes&mh=Eg&mm=34&mn=sn-4g5e6nzl&ms=ltu&mt=1621665645&mv=m&mvi=3&pl=50&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgBUj36pdZjHtjCRlWsxqPihznjRS62m7kM4xaRGcUUScCIQD9B-xJWDaeYWFPM5GaavV3rTHqpDaocYeJ1oCpxTEAag%3D%3D&range=0-159530&rn=4&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
224db60e37526bfa5576d9e32a6d0b58654ce3841fb28bf2ed59c4bc5fbba623
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159531
client-protocol
quic
last-modified
Thu, 26 Mar 2020 08:23:34 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sat, 22 May 2021 06:45:07 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 52FB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Sat, 22 May 2021 06:45:07 GMT
truncated
/ Frame 52FB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnheE6gyGtQYZi1R_YjAVkYxcBYhTTCRyy4dfhD735k=s400-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 52FB 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnheE6gyGtQYZi1R_YjAVkYxcBYhTTCRyy4dfhD735k=s400-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fb053eabefa4e9a128442bad7b89345108e57cc6636cf8d126e415f870fd8e6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
x-content-type-options
nosniff
server
fife
etag
"v5d10"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49358
x-xss-protection
0
expires
Sun, 23 May 2021 06:45:07 GMT
maxresdefault.jpg
i.ytimg.com/vi/-vNMhoAwY1Y/ Frame 52FB 		182 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/-vNMhoAwY1Y/maxresdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2b4173f6f168a0981328f201fb447402fa7c0b5e0c09472d211a62eaf868f04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
x-content-type-options
nosniff
server
sffe
etag
"1607159480"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
185931
x-xss-protection
0
expires
Sat, 22 May 2021 08:45:07 GMT
truncated
/ Frame 52FB 		229 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
339be58cfd00cf6f56fbb5def7e0d410f2177b7ae00993c5647fe4083fcb5a6f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnheE6gyGtQYZi1R_YjAVkYxcBYhTTCRyy4dfhD735k=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 52FB 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnheE6gyGtQYZi1R_YjAVkYxcBYhTTCRyy4dfhD735k=s88-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f2635a8bc9a0ffa5dffb7657ae7fd9bae74e09a1a5129c4725003392ba0105d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3940
x-xss-protection
0
server
fife
etag
"v5d10"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 18 May 2021 10:47:33 GMT
videoplayback
r3---sn-4g5e6nzl.googlevideo.com/ Frame 52FB 		154 KB
154 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nzl.googlevideo.com/videoplayback?expire=1621687507&ei=c6ioYNqcCcjV1gKM7pmACQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACBC1R4MwAifzgfs1CkxzzMOd2EVZqemDNYLjBdKaPLT&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=2n7b3MJLBCh_i1SaEAgXluAF&gir=yes&clen=16065973&otfp=1&dur=315.800&lmt=1585211014412425&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=2216222&n=y-J9wxH1KlPkDQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgUHhm6l8lgC3UAlN_E3dfG6qvMwBdU4gL8iPfHRpblAMCIQDLTmPkt-FJLp13F1c0umFogxuOnrBC1-ZJSK6_Y3Ehbw%3D%3D&alr=yes&cpn=_q1cH-pF_6UTTAa9&cver=1.20210519.1.1&redirect_counter=1&cm2rm=sn-4g5ed77s&cms_redirect=yes&mh=Eg&mm=34&mn=sn-4g5e6nzl&ms=ltu&mt=1621665645&mv=m&mvi=3&pl=50&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgBUj36pdZjHtjCRlWsxqPihznjRS62m7kM4xaRGcUUScCIQD9B-xJWDaeYWFPM5GaavV3rTHqpDaocYeJ1oCpxTEAag%3D%3D&range=159531-317544&rn=5&rbuf=2500
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
d915cb1d3b418ca26dcc9b806042a951c1acb532e221fe5ed4d8c5e69ff9580e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158014
client-protocol
quic
last-modified
Thu, 26 Mar 2020 08:23:34 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sat, 22 May 2021 06:45:07 GMT
videoplayback
r3---sn-4g5e6nzl.googlevideo.com/ Frame 52FB 		300 KB
300 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nzl.googlevideo.com/videoplayback?expire=1621687507&ei=c6ioYNqcCcjV1gKM7pmACQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACBC1R4MwAifzgfs1CkxzzMOd2EVZqemDNYLjBdKaPLT&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=2n7b3MJLBCh_i1SaEAgXluAF&gir=yes&clen=16065973&otfp=1&dur=315.800&lmt=1585211014412425&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=2216222&n=y-J9wxH1KlPkDQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgUHhm6l8lgC3UAlN_E3dfG6qvMwBdU4gL8iPfHRpblAMCIQDLTmPkt-FJLp13F1c0umFogxuOnrBC1-ZJSK6_Y3Ehbw%3D%3D&alr=yes&cpn=_q1cH-pF_6UTTAa9&cver=1.20210519.1.1&redirect_counter=1&cm2rm=sn-4g5ed77s&cms_redirect=yes&mh=Eg&mm=34&mn=sn-4g5e6nzl&ms=ltu&mt=1621665645&mv=m&mvi=3&pl=50&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgBUj36pdZjHtjCRlWsxqPihznjRS62m7kM4xaRGcUUScCIQD9B-xJWDaeYWFPM5GaavV3rTHqpDaocYeJ1oCpxTEAag%3D%3D&range=317545-624726&rn=6&rbuf=4999
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
2aee03c15aa456114b2b4c09bd52d2e1a0ee032c8effe65c0fe3584cc15a6610
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:07 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
307182
client-protocol
quic
last-modified
Thu, 26 Mar 2020 08:23:34 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sat, 22 May 2021 06:45:07 GMT
videoplayback
r3---sn-4g5e6nzl.googlevideo.com/ Frame 52FB 		78 KB
78 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nzl.googlevideo.com/videoplayback?expire=1621687507&ei=c6ioYNqcCcjV1gKM7pmACQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACBC1R4MwAifzgfs1CkxzzMOd2EVZqemDNYLjBdKaPLT&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=2n7b3MJLBCh_i1SaEAgXluAF&gir=yes&clen=4135432&otfp=1&dur=315.841&lmt=1585211012415456&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=2211222&n=y-J9wxH1KlPkDQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALcqe16ZkXgjNdBYQhbgvz9wLSAx1HmJJp7sZEy8c5myAiACJRXcPNsfcWkjS36Ghz2T_KiXH3wFPmb-w60-DPDNig%3D%3D&alr=yes&cpn=_q1cH-pF_6UTTAa9&cver=1.20210519.1.1&redirect_counter=1&cm2rm=sn-4g5ed77s&cms_redirect=yes&mh=Eg&mm=34&mn=sn-4g5e6nzl&ms=ltu&mt=1621665645&mv=m&mvi=3&pl=50&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgOp4Fq0EGoWIm8jqgV5EMHOGhoH-Er1lE7HfjCj9uvCwCIQDqpzaFcOH5i-l1t8q6A5-2Dn7Vjey5QM1Dv1yiCQr_9A%3D%3D&range=66343-146114&rn=7&rbuf=5799
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
2111941af5e0b51ffa49bb5ced8adc72074600ff0978abbbbb0371130746fd30
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:08 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79772
client-protocol
quic
last-modified
Thu, 26 Mar 2020 08:23:32 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 22 May 2021 06:45:08 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 52FB 		28 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
X-YouTube-Client-Version
1.20210519.1.1
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtQY2NpSkFTM3JrNCjy0KKFBg%3D%3D
X-YouTube-Ad-Signals
dt=1621665906939&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C555%2C312&vis=1&wgl=true&ca_type=image&bid=ANyPxKq3ZhGjrEGCgCVWjgJBcHjwjZPE0w3n4p96Qn9RWBTfQmeFVBJ0h9yS0R3sH5HtCquE30qjywzdpRsmfVO39sTRc07R0g

Response headers

date
Sat, 22 May 2021 06:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 22 May 2021 06:45:09 GMT
52gYMjg3
app.kartra.com/analytics/track/ Frame 1E68 		116 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.kartra.com/analytics/track/52gYMjg3?kartra_page_tracking[]=0Hem2xUOWs9c&optin[]=ZHBqdtGUiyYf&device=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02fffaba9e664ff7840c82b102d6851ec0bb148cec462cef40999545309e599
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cf-ray
6534147f1ac9c29f-FRA
cf-request-id
0a346b236f0000c29f4ba33000000001
0Hem2xUOWs9c
app.kartra.com/analytics/visitorTime/ Frame 1E68 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/analytics/visitorTime/0Hem2xUOWs9c
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/js/build/front/pages/skeleton-above.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 22 May 2021 06:45:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://arthur.kartra.com
access-control-allow-credentials
true
cf-ray
653414a86b42c29f-FRA
cf-request-id
0a346b3d440000c29f4bbcb000000001
qoe
www.youtube.com/api/stats/ Frame 52FB 		0
178 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=134&afmt=251&cpn=_q1cH-pF_6UTTAa9&ei=c6ioYNqcCcjV1gKM7pmACQ&el=embedded&docid=UM28EH7qs4s&ns=yt&fexp=23948546%2C23983296%2C23986713%2C23995927%2C23997375%2C23999405%2C24001373%2C24004644%2C24007246%2C24019954%2C24035275%2C24036901%2C24040786%2C24042868%2C24044575&cl=375022155&seq=2&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210519.1.1&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=otfp&bwm=10.006:772928:1.148&bwe=10.006:1002073&bat=10.006:1:1&cmt=10.006:0.000&bh=10.006:12.321&df=10.006:0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UM28EH7qs4s?enablejsapi=1&autoplay=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 22 May 2021 06:45:17 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r3---sn-4g5e6nzl.googlevideo.com/ Frame 52FB 		103 KB
104 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nzl.googlevideo.com/videoplayback?expire=1621687507&ei=c6ioYNqcCcjV1gKM7pmACQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACBC1R4MwAifzgfs1CkxzzMOd2EVZqemDNYLjBdKaPLT&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=2n7b3MJLBCh_i1SaEAgXluAF&gir=yes&clen=4135432&otfp=1&dur=315.841&lmt=1585211012415456&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=2211222&n=y-J9wxH1KlPkDQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALcqe16ZkXgjNdBYQhbgvz9wLSAx1HmJJp7sZEy8c5myAiACJRXcPNsfcWkjS36Ghz2T_KiXH3wFPmb-w60-DPDNig%3D%3D&alr=yes&cpn=_q1cH-pF_6UTTAa9&cver=1.20210519.1.1&redirect_counter=1&cm2rm=sn-4g5ed77s&cms_redirect=yes&mh=Eg&mm=34&mn=sn-4g5e6nzl&ms=ltu&mt=1621665645&mv=m&mvi=3&pl=50&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgOp4Fq0EGoWIm8jqgV5EMHOGhoH-Er1lE7HfjCj9uvCwCIQDqpzaFcOH5i-l1t8q6A5-2Dn7Vjey5QM1Dv1yiCQr_9A%3D%3D&range=146115-251396&rn=8&rbuf=12348
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
30df7496f8e83c9ad4467bdf22bbb0a8d75a68754543ead2ee816f7dd526a653
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 06:45:17 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
105282
Last-Modified
Thu, 26 Mar 2020 08:23:32 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21290
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Sat, 22 May 2021 06:45:17 GMT
videoplayback
r3---sn-4g5e6nzl.googlevideo.com/ Frame 52FB 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nzl.googlevideo.com/videoplayback?expire=1621687507&ei=c6ioYNqcCcjV1gKM7pmACQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACBC1R4MwAifzgfs1CkxzzMOd2EVZqemDNYLjBdKaPLT&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=2n7b3MJLBCh_i1SaEAgXluAF&gir=yes&clen=16065973&otfp=1&dur=315.800&lmt=1585211014412425&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=2216222&n=y-J9wxH1KlPkDQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgUHhm6l8lgC3UAlN_E3dfG6qvMwBdU4gL8iPfHRpblAMCIQDLTmPkt-FJLp13F1c0umFogxuOnrBC1-ZJSK6_Y3Ehbw%3D%3D&alr=yes&cpn=_q1cH-pF_6UTTAa9&cver=1.20210519.1.1&redirect_counter=1&cm2rm=sn-4g5ed77s&cms_redirect=yes&mh=Eg&mm=34&mn=sn-4g5e6nzl&ms=ltu&mt=1621665645&mv=m&mvi=3&pl=50&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgBUj36pdZjHtjCRlWsxqPihznjRS62m7kM4xaRGcUUScCIQD9B-xJWDaeYWFPM5GaavV3rTHqpDaocYeJ1oCpxTEAag%3D%3D&range=624727-1835515&rn=9&rbuf=15360
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
7f1dfeb250499fe6c9424b09bb79d5eab82b23cdf7e85ae039fe0d2e9765d961
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:17 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210789
client-protocol
quic
last-modified
Thu, 26 Mar 2020 08:23:34 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21290
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Sat, 22 May 2021 06:45:17 GMT
videoplayback
r3---sn-4g5e6nzl.googlevideo.com/ Frame 52FB 		257 KB
257 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nzl.googlevideo.com/videoplayback?expire=1621687507&ei=c6ioYNqcCcjV1gKM7pmACQ&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-ACBC1R4MwAifzgfs1CkxzzMOd2EVZqemDNYLjBdKaPLT&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=2n7b3MJLBCh_i1SaEAgXluAF&gir=yes&clen=4135432&otfp=1&dur=315.841&lmt=1585211012415456&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=2211222&n=y-J9wxH1KlPkDQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALcqe16ZkXgjNdBYQhbgvz9wLSAx1HmJJp7sZEy8c5myAiACJRXcPNsfcWkjS36Ghz2T_KiXH3wFPmb-w60-DPDNig%3D%3D&alr=yes&cpn=_q1cH-pF_6UTTAa9&cver=1.20210519.1.1&redirect_counter=1&cm2rm=sn-4g5ed77s&cms_redirect=yes&mh=Eg&mm=34&mn=sn-4g5e6nzl&ms=ltu&mt=1621665645&mv=m&mvi=3&pl=50&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgOp4Fq0EGoWIm8jqgV5EMHOGhoH-Er1lE7HfjCj9uvCwCIQDqpzaFcOH5i-l1t8q6A5-2Dn7Vjey5QM1Dv1yiCQr_9A%3D%3D&range=251397-514381&rn=10&rbuf=20001
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
da6966a0d2bc3d9f8d283fc2af8c6f31b18bd0e7b90241236504223d0bca2551
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:45:18 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
262985
client-protocol
quic
last-modified
Thu, 26 Mar 2020 08:23:32 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21289
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 22 May 2021 06:45:18 GMT
0Hem2xUOWs9c
app.kartra.com/analytics/visitorTime/ Frame 1E68 		0
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.kartra.com/analytics/visitorTime/0Hem2xUOWs9c
Requested by
Host: arthur.kartra.com
URL: https://arthur.kartra.com/js/build/front/pages/skeleton-above.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://arthur.kartra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 22 May 2021 06:45:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://arthur.kartra.com
access-control-allow-credentials
true
cf-ray
653414e6e931c29f-FRA
cf-request-id
0a346b64540000c29f460fb000000001

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer function| fbq function| _fbq object| _pa object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| facebookEventsHelper object| _pq

7 Cookies

Domain/Path Name / Value
.cultureevolution.com/ Name: _fbp
Value: fb.1.1621665905202.739304541
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: PcciJAS3rk4
.cultureevolution.com/ Name: _gat_gtag_UA_58882139_1
Value: 1
.cultureevolution.com/ Name: _gid
Value: GA1.2.296170073.1621665905
.cultureevolution.com/ Name: _ga
Value: GA1.2.1536321461.1621665905
.youtube.com/ Name: YSC
Value: y5HYmQbvn30
cultureevolution.com/ Name: PHPSESSID
Value: 2ae187eb7919572648407463cae866d9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
analytics.twitter.com
app.kartra.com
arthur.kartra.com
cm.g.doubleclick.net
connect.facebook.net
covid19cultureevolution.com
cultureevolution.com
d1aettbyeyfilo.cloudfront.net
d2uolguxr56s4e.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
pixel-geo.prfct.co
pixel.rubiconproject.com
r3---sn-4g5e6nzl.googlevideo.com
secure.adnxs.com
static.cloudflareinsights.com
static.doubleclick.net
stats.g.doubleclick.net
tag.perfectaudience.com
us-u.openx.net
www.covid19cultureevolution.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.244.42.3
142.250.185.162
151.101.14.217
185.33.220.145
188.164.131.200
192.161.187.200
2600:9000:20eb:7c00:1c:2135:3780:21
2600:9000:211e:f400:6:a951:7b00:21
2606:4700::6810:5f41
2606:4700::6811:d125
2a00:1288:80:800::7001
2a00:1450:4001:3c::8
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:828::2006
2a00:1450:4001:828::2016
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:400c:c07::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.246.96.178
35.213.140.42
35.244.159.8
69.173.144.139
0256697f7cbb0e0262f0ea474eae2ced585cada18518f9f7d24f7646ee7779f0
04ba9191a34da1249205be89a6290068726ffc1d18bd809ddabb2d3ef2fe2405
0a9eae06d8bed89c745eb7f92f3ca81bdc456c50e0d86d28885d413b788a7d25
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f3b748f7b7a08905e237ab08bc734b9ad79b83064f72617e7a29c0746b4736b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14eff6cab105c3f3d668b6de09e513886e2084061629fd8252eb7f23ec397c6b
198eedf9d8a1ad8d85e2d631ea8667a47a66b7ce838847359045beb4e8f3a635
1ae1bf1458589d1f72a7bf9a7fb9c21e8344aee819519c1dc8cbcfd9d6c16f54
2111941af5e0b51ffa49bb5ced8adc72074600ff0978abbbbb0371130746fd30
215a74c36c546bbbbe643b7f3da99795bda87f0154142b979b527dd71087580e
2176cdb370f26a268bcfa6f575f69f0bbd91a24cf2a3a5e5fdc0efcb3e5d3dda
224db60e37526bfa5576d9e32a6d0b58654ce3841fb28bf2ed59c4bc5fbba623
23c23cb8bd5c026b3fdc092710a2b8bf6bcfdcf0ecb2fc251c5cd4648208f3fb
2aee03c15aa456114b2b4c09bd52d2e1a0ee032c8effe65c0fe3584cc15a6610
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ee6fb7085f7081f3007cd8d9aa04ebb8ef2bf1e50d66477624c4b0808a60562
30df7496f8e83c9ad4467bdf22bbb0a8d75a68754543ead2ee816f7dd526a653
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
339be58cfd00cf6f56fbb5def7e0d410f2177b7ae00993c5647fe4083fcb5a6f
33bd07594a35b1fe9bfd084a672f88c508acf66d71d6b2ab43408c63aa1d317a
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4414e620bce743d1d43813f32e4fc94c38a5f15865640f91c94d047bba00e32f
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d55b5f7c84bced8ac24841e15dedf93f1aae42b78230c0500d58de42e07451c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502817a1dcb822bace7eb50f395601d99c90771935740c8f54e8cb10e4de6501
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
530f08b91432771115b3a959cc643c8b92c24f2b6b58de36347c59d2e285772d
592a8b27e9a69bbaf008ada9590dfde98d161a1d5e489a8a9d51f66c5cc242f1
5a3787b898152e91113a3d649ff8362c228362e693611dd82b082a11982b66c3
600473b6152d1d0a50097aa6fd6811dcbc9edd23e5ec77afc39b4369f14339a4
6188ef041f0e7f7ec6a7ccc3ffe5fb8d38533612c4030abe50922ee4a8c1f3ab
62b420d478f867e9fce349172a2e31095fa7f52c50e5d43b0b437ea8c85f1021
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b18d83eae07a6819ced89c082798f9b12d67c0f0243200abe37aeeaaddd02b9
7c6f2523af0f83778d2741093a4d88e2cd06338f6a512960753ecdb62444e370
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7de2a6889fb2320bf94c60b5f0ec4ac9cdea6073b7d4d641f59a312dafa6f52a
7f1dfeb250499fe6c9424b09bb79d5eab82b23cdf7e85ae039fe0d2e9765d961
83dc0e72a5bb7e112cca913cd73421083e518e3194d04251f1e844a20e085a41
84c937068d291fbedcc2d1d0fd98d52ed9dffcb1347a19e383ff4e34298495b4
8e34fa30d251bc425762a596368b08a20812bca6fcbba712c2cdce66c86bdf8b
8fda0820478381b07d4294f2cb508287a705bfbdb0f9a7d425d4258913221da7
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
95d1a26865d0d6ec7135f60b0de176537bcdca6063d3dab302b37355fcf3f804
9b13272b0a64351a0ba8226637646bd74ccdad62d2c977985c14cf5c89dc8af6
9d9c4bd43153061b2e07823b5f5fefed05bb8fd290ac4117cf0e94106ea7512e
a0580ca0bf23bb345c8dc3e28b1a7573ba53b0017033d1b9bcec2573e1399637
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af3fd50e4c578d49b1d1751e0dc9380b5987bca811a5a25e28208d86c3140a44
b02fffaba9e664ff7840c82b102d6851ec0bb148cec462cef40999545309e599
b07ba9dfcdd921d0bf880c4ffcd9908738db4deae9c23bf20746ce05c0b460d3
b52cbe87fccd27b7a84fb404bb457befdb2ca77ebc31976145f1726caaf2bd0d
b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a
b98ce6096a91b73a5b047f6b6bad2c1c3c204ca24e3cb60e58f511c287ee3862
ba13a050012282bb847fefb4c6336d0ddcaa0cbd9d3f5f916342407d5d6110c5
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bdf4b762a999645a4fb5dc718568f42363ddae669d176e33712bf7a9b34fda97
c2b4173f6f168a0981328f201fb447402fa7c0b5e0c09472d211a62eaf868f04
c38512b07e8712b333da959f00730fda76b8d027a6ef2f973390e095d6e833fc
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c91f8e7e9587cef67cf196f88bf70b147d97ba0dde32db0991a1489559d51c72
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd044b40f895d7812f661c9cde02a33bedeb81aef88c4b860c4b8c8236a26e88
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d915cb1d3b418ca26dcc9b806042a951c1acb532e221fe5ed4d8c5e69ff9580e
d9eaed3996cddd852ac35569bdead382d016b758587626ae41f5064598c2fd95
da6966a0d2bc3d9f8d283fc2af8c6f31b18bd0e7b90241236504223d0bca2551
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e18e0018500dd53d398124a40ad1c40819c56c626dbebfa2a8fbd2fec2fb4f93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b972aee84d44034eabae62f18e39929418979efa8434682020b6af66ca0140
eb4d7fb31921b4daa298f12919c9e3efe20b60464f94f60f068249782e3db46d
ed669d3d03394b3e0f0887580e22a65196c6b89371edcbd3e4c4f674598336c7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee429381a3c83b2faaf2f697e219856d4eb5ca2e844a9c66ccc5d3d68e594688
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f241bab91b6264874d6349a0ec0af2717ca1b63a10661d7e038c84e5baec6846
f2635a8bc9a0ffa5dffb7657ae7fd9bae74e09a1a5129c4725003392ba0105d1
f5f48c02692bd5d8044836018be9f76909dcab3ceabe1d8a29f1f9375e9a90b0
f889d44ce0881e42dc6fe058a94f19e90abde29ab517ef45bb1313d308c9b6d3
fb053eabefa4e9a128442bad7b89345108e57cc6636cf8d126e415f870fd8e6c