itgetsbetter.org Open in urlscan Pro
199.16.173.70 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://itgetsbetter.org/
Effective URL:
https://itgetsbetter.org/
Submission: On December 17 via api (December 17th 2023, 1:32:24 am UTC) from US — Scanned from DE

Summary HTTP 483 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 53 IPs in 4 countries across 39 domains to perform 483 HTTP transactions. The main IP is 199.16.173.70, located in United States and belongs to AUTOMATTIC, US. The main domain is itgetsbetter.org.
TLS certificate: Issued by R3 on November 27th 2023. Valid for: 3 months.

This is the only time itgetsbetter.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	199.16.173.70 199.16.173.70	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
21	23.38.98.10 23.38.98.10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
25	192.0.77.39 192.0.77.39	2635 (AUTOMATTIC) (AUTOMATTIC)
23	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:c57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
25	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2 5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
20	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2.16.62.104 2.16.62.104	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
26	2606:4700::68... 2606:4700::6812:c55f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	54.147.159.60 54.147.159.60	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
5	35.156.217.216 35.156.217.216	16509 (AMAZON-02) (AMAZON-02)
8	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	65.9.95.80 65.9.95.80	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.95.68 65.9.95.68	16509 (AMAZON-02) (AMAZON-02)
1	54.75.201.254 54.75.201.254	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:212... 2600:9000:2127:b400:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.121.38 13.32.121.38	16509 (AMAZON-02) (AMAZON-02)
29	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6812:7c49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
55	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
4	44.237.23.177 44.237.23.177	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:401... 2a00:1450:4013:c05::5c	15169 (GOOGLE) (GOOGLE)
1	198.137.150.81 198.137.150.81	16509 (AMAZON-02) (AMAZON-02)
42	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::ac43:4743	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
17	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
483	53

12 199.16.173.70 (United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

itgetsbetter.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 23.38.98.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-10.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 192.0.77.39 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

149352635.v2.pressablecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:c57 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.juicer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.juicer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.62.104 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-62-104.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700::6812:c55f (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
give.itgetsbetter.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.159.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-159-60.compute-1.amazonaws.com

secure.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.156.217.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-217-216.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-80.prg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-68.prg50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.201.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-201-254.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2127:b400:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-38.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:7c49 (United States)

ASN13335 (CLOUDFLARENET, US)

pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.237.23.177 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-23-177.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4013:c05::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.137.150.81 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:4743 (United States)

ASN13335 (CLOUDFLARENET, US)

www.juicer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.juicer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

youtu.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	stripe.com js.stripe.com — Cisco Umbrella Rank: 1282 q.stripe.com — Cisco Umbrella Rank: 7730 m.stripe.com — Cisco Umbrella Rank: 1245 r.stripe.com — Cisco Umbrella Rank: 3529 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5257	1 MB
72	wp.com c0.wp.com — Cisco Umbrella Rank: 8588 stats.wp.com — Cisco Umbrella Rank: 2814 i0.wp.com — Cisco Umbrella Rank: 3858 pixel.wp.com — Cisco Umbrella Rank: 2796	4 MB
58	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2109 play.google.com — Cisco Umbrella Rank: 32 translate.google.com — Cisco Umbrella Rank: 1298	1 MB
28	gstatic.com fonts.gstatic.com www.gstatic.com	610 KB
26	itgetsbetter.org 1 redirects itgetsbetter.org give.itgetsbetter.org	3 MB
25	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1544 ka-p.fontawesome.com — Cisco Umbrella Rank: 3304	44 KB
25	pressablecdn.com 149352635.v2.pressablecdn.com	4 MB
21	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	278 KB
20	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	2 MB
17	w.org s.w.org — Cisco Umbrella Rank: 3043	17 KB
17	juicer.io assets.juicer.io — Cisco Umbrella Rank: 11566 www.juicer.io — Cisco Umbrella Rank: 13089 static.juicer.io — Cisco Umbrella Rank: 25393	973 KB
15	classy.org sdk.classy.org — Cisco Umbrella Rank: 45996 prod-frs.content.classy.org — Cisco Umbrella Rank: 42375 pay.classy.org — Cisco Umbrella Rank: 47051	1 MB
13	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 jnn-pa.googleapis.com — Cisco Umbrella Rank: 203 translate.googleapis.com — Cisco Umbrella Rank: 947	170 KB
8	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 758 tr6.snapchat.com — Cisco Umbrella Rank: 88800	2 KB
7	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248	3 KB
5	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 5151	137 KB
5	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2618	9 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	352 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	102 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	127 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1361	16 KB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2580 content.hotjar.io — Cisco Umbrella Rank: 6459	419 B
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	56 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	216 B
2	gaug.es secure.gaug.es — Cisco Umbrella Rank: 28181	4 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	842 B
2	t.co t.co — Cisco Umbrella Rank: 589	470 B
1	youtu.be 1 redirects youtu.be — Cisco Umbrella Rank: 7983	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	31 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 13515	43 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 857	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 26902	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	3 KB
1	google.ru www.google.ru — Cisco Umbrella Rank: 10882	455 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	245 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2266	963 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 945	18 KB
483	39

	Domain	Requested by
43	i0.wp.com	itgetsbetter.org
42	play.google.com	www.gstatic.com www.youtube.com
39	r.stripe.com	js.stripe.com
27	js.stripe.com	cdn.transcend.io js.stripe.com
25	149352635.v2.pressablecdn.com	itgetsbetter.org 149352635.v2.pressablecdn.com
24	ka-p.fontawesome.com	kit.fontawesome.com itgetsbetter.org
23	c0.wp.com	itgetsbetter.org
21	analytics.tiktok.com	itgetsbetter.org analytics.tiktok.com
20	www.youtube.com	itgetsbetter.org www.youtube.com cdn.transcend.io c0.wp.com
17	s.w.org	itgetsbetter.org
16	q.stripe.com	itgetsbetter.org
15	www.gstatic.com	www.youtube.com www.gstatic.com pay.google.com
14	give.itgetsbetter.org	sdk.classy.org give.itgetsbetter.org cdn.transcend.io itgetsbetter.org
13	prod-frs.content.classy.org	give.itgetsbetter.org cdn.transcend.io itgetsbetter.org prod-frs.content.classy.org
13	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
12	www.juicer.io	assets.juicer.io itgetsbetter.org
12	pay.google.com	js.stripe.com pay.google.com itgetsbetter.org www.gstatic.com
12	itgetsbetter.org	1 redirects itgetsbetter.org 149352635.v2.pressablecdn.com
8	jnn-pa.googleapis.com	www.youtube.com
7	tr.snapchat.com	sc-static.net itgetsbetter.org
5	cdn.transcend.io	give.itgetsbetter.org cdn.transcend.io
5	tags.srv.stackadapt.com	itgetsbetter.org tags.srv.stackadapt.com
5	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com www.youtube.com
4	m.stripe.com	m.stripe.network
4	assets.juicer.io	itgetsbetter.org
4	fonts.googleapis.com	itgetsbetter.org cdn.transcend.io
4	www.googletagmanager.com	itgetsbetter.org www.googletagmanager.com
3	www.google.com	itgetsbetter.org www.youtube.com
3	connect.facebook.net	itgetsbetter.org connect.facebook.net
3	pixel.wp.com	itgetsbetter.org
3	stats.wp.com	itgetsbetter.org
2	m.stripe.network	js.stripe.com m.stripe.network
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	i.ytimg.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	www.facebook.com	itgetsbetter.org
2	secure.gaug.es	itgetsbetter.org
2	analytics.twitter.com	itgetsbetter.org
2	t.co	itgetsbetter.org
1	translate.googleapis.com
1	static.juicer.io	assets.juicer.io
1	youtu.be	1 redirects
1	translate.google.com	149352635.v2.pressablecdn.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	code.jquery.com	cdn.transcend.io
1	pay.classy.org	cdn.transcend.io
1	cdn.plaid.com	cdn.transcend.io
1	unpkg.com	cdn.transcend.io
1	htp.tokenex.com	cdn.transcend.io
1	static.cloudflareinsights.com	give.itgetsbetter.org
1	content.hotjar.io	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	tr6.snapchat.com	sc-static.net
1	yt3.ggpht.com	www.youtube.com
1	static.hotjar.com	www.googletagmanager.com
1	www.google.ru	itgetsbetter.org
1	sdk.classy.org	itgetsbetter.org
1	www.google-analytics.com	www.googletagmanager.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	kit.fontawesome.com	itgetsbetter.org
1	static.ads-twitter.com	itgetsbetter.org
1	sc-static.net	itgetsbetter.org
483	62

This site contains links to these domains. Also see Links.

Domain
give.itgetsbetter.org
youtu.be
www.50states50grants.com
www.facebook.com
www.instagram.com
www.youtube.com
itgetsbetterproject.tumblr.com
www.tiktok.com
www.twitch.tv
www.queenandpapis.com
wordpress.com
pressable.com
jetpack.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.v2.pressablecdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-02` - `2024-09-01`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-17` - `2024-04-16`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com.ru GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2023-03-02` - `2024-04-01`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
give.itgetsbetter.org Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-01-12`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://itgetsbetter.org/
Frame ID: 070E9AD94AF9FF44EE5B84737F9C206C
Requests: 244 HTTP requests in this frame

Frame: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
Frame ID: 6026D30845583312C58793CFBB2E7ECF
Requests: 23 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=50f8e197-c76c-447a-9833-230403118d24&u_scsid=e9bcd085-6e36-46e1-a537-bcf0423771da&u_sclid=58b971b5-e03f-43af-99aa-4d5c44ee97c0
Frame ID: BFC76ECE315469707FA56597149A25AD
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=d4566af6-6002-4a1a-b903-6200b4a730fc&u_scsid=e9bcd085-6e36-46e1-a537-bcf0423771da&u_sclid=58b971b5-e03f-43af-99aa-4d5c44ee97c0
Frame ID: 17A37C8F39585489417BEE0DBC771CC8
Requests: 1 HTTP requests in this frame

Frame: https://give.itgetsbetter.org/give/533919/
Frame ID: 5FD572CAE85728522DA0EE747CC8F839
Requests: 50 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 222073630C5AEA0C5E2A0012411CDD3B
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A3DF086210C0E0EAEDA8412BB3F4CABA
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html
Frame ID: 49C982144150049667B6AA6681C9FAF7
Requests: 46 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html
Frame ID: 7C0B3CBBAF69B47F3B982DADE77C2B3E
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html
Frame ID: FC8B486702479C9FB72F80C547295E65
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html
Frame ID: DBAD8CD51FC80BFB2EB826BDE0E8B29C
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html
Frame ID: 9C6105D5B5E7A7F4119292627857C020
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html
Frame ID: 8B762F76DA8709DC782C2588046F75F3
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html
Frame ID: F496A3A02D92EEA2E1F50917141D7762
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 2358252B2813E3EED84A4A33985E87B4
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 0C33F664A08BDDFA771CBE6056290319
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 629810EFC7ED2183FD230D0691D529D2
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
Frame ID: 608A234C8EFC3A59584DD0E52740269E
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

It Gets Better – The It Gets Better Project exists to uplift, empower, and connect LGBTQ+ youth around the globe.Magnifying GlassClose search results

Page URL History Show full URLs

http://itgetsbetter.org/ HTTP 301
https://itgetsbetter.org/ Page URL

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

483
Requests

99 %
HTTPS

53 %
IPv6

39
Domains

62
Subdomains

53
IPs

4
Countries

19597 kB
Transfer

45626 kB
Size

55
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://give.itgetsbetter.org/campaign/believe-in-better-2023/c534203
Title: Donate

Search URL Search Domain Scan URL

URL: https://youtu.be/FkYumU0Z3bk
Title: https://youtu.be/FkYumU0Z3bk

Search URL Search Domain Scan URL

URL: https://www.50states50grants.com/
Title: 50 States. 50 Grants. 5000 Voices

Search URL Search Domain Scan URL

URL: https://www.facebook.com/itgetsbetterproject/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/itgetsbetter/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/itgetsbetterespanol/
Title: Instagram Es

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/itgetsbetterproject/
Title: YouTube

Search URL Search Domain Scan URL

URL: http://itgetsbetterproject.tumblr.com/
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@itgetsbetter
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/itgetsbetter
Title: Twitch

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0bCWj7A3VV/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0F7-zJrXO5/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0ZSdWet-ME/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CzjWaNqR68O/

Search URL Search Domain Scan URL

URL: http://www.queenandpapis.com/
Title: www.queenandpapis.com

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0JfLCTtQCG/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CzgnOQouwUw/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0IdHQ6oMHS/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CzSX-WIuAwi/

Search URL Search Domain Scan URL

URL: https://give.itgetsbetter.org/
Title: Donate

Search URL Search Domain Scan URL

URL: https://wordpress.com/wp/?partner_domain=itgetsbetter.org&utm_source=Automattic&utm_medium=colophon&utm_campaign=Concierge%20Referral&utm_term=itgetsbetter.org
Title: Proudly powered by WordPress.

Search URL Search Domain Scan URL

URL: https://pressable.com/?utm_source=Automattic&utm_medium=rpc&utm_campaign=Concierge%20Referral&utm_term=concierge
Title: Hosted by Pressable.

Search URL Search Domain Scan URL

URL: https://jetpack.com/upgrade/search/?utm_source=poweredby
Title: Search powered by Jetpack

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://itgetsbetter.org/ HTTP 301
https://itgetsbetter.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 169

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 428

https://youtu.be/FkYumU0Z3bk?_=1 HTTP 303
https://www.youtube.com/watch?_=1&v=FkYumU0Z3bk&feature=youtu.be

Request Chain 469

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

483 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
itgetsbetter.org/
Redirect Chain

http://itgetsbetter.org/
https://itgetsbetter.org/

218 KB
37 KB

2437ms
2422ms

Document
text/html

199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ae8dc30169c584dba638269e03ab9abd26c248beaf4bdbb0b65e15a1d29ea775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:52 GMT
host-header: Pressable
link: <https://itgetsbetter.org/wp-json/>; rel="https://api.w.org/" <https://itgetsbetter.org/wp-json/wp/v2/pages/11>; rel="alternate"; type="application/json" <https://wp.me/P9dPda-b>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 2.hhn _atomic_ams BYPASS

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 17 Dec 2023 01:31:50 GMT
Location: https://itgetsbetter.org/
Server: nginx
X-ac: 1.hhn _atomic_ams BYPASS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 65ms
30ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-696171030

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0855f389039bbbbcd14bbde660900af5d214e851c2b58bb3f550a1e52932cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72450
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 17 Dec 2023 01:31:52 GMT

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 175ms
103ms Script
application/javascript 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BUVFAJTD82FVM3BDSISG
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 74ff380b8c978796c3c92dc0d7fd4d439b4d6fa6f2cf0e4f94166e6a0e7d74cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 25b22ed0.1df5951b
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231217013153794C7F431618AA33F1A9-0E6A0C26B75D3659-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 91,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=7, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 20231217013153794C7F431618AA33F1A9
x-cache-remote: TCP_MISS from a23-220-106-10.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.106.10
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72ade06c3170b88d3eb3644efd164c281c63d8d0f4c589abf98ccb54e8a38a883f6438120e514dccf009a3dba6f3d02a3837a124c50e7e7f396bef8891c8ee7e0a1451422f539297b9832d6fcc753f0529dcc46f3635d9b06b2b22ba594029dbb9446
expires: Sun, 17 Dec 2023 01:31:53 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 60ms
31ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 167ee4702e76b96cfe396221bef5630f2182e4148a3406c303992ab2f44c357a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17610
x-amz-cf-id: 2c6w-JbvG8CStutXo0ndMmGxQfzV3d3VPdUPUOFOy5ot2EIvDxcrYQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 39ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230066-FRA

GET
H2 200 index.css
149352635.v2.pressablecdn.com/wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/ 1 KB
801 B 54ms
12ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css?ver=5.7.2

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7bc3b9fb8a119aa279b4b7ad5c778393eaecef6a8786673601309fc71cb4e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
x-ac: 2.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 31 Jul 2023 15:54:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.css
149352635.v2.pressablecdn.com/wp-content/plugins/woocommerce-pre-orders/build/ 1 B
393 B 54ms
12ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/woocommerce-pre-orders/build/index.css?ver=8615f6ce77cd241f630df36faabb09c2

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:52 GMT
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Thu, 31 Aug 2023 15:55:05 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/plugins/woocommerce-pre-orders/build/index.css>; rel="canonical"
content-length: 1
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.min.css
c0.wp.com/c/6.4.2/wp-includes/css/dist/block-library/ 107 KB
13 KB 5402ms
5398ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Sun, 05 Nov 2023 19:40:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:53 GMT

GET
BLOB 200
OK 2f20f443-d22c-4197-b252-e31d29a991a4
https://itgetsbetter.org/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://itgetsbetter.org/2f20f443-d22c-4197-b252-e31d29a991a4
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 11 KB
3 KB 35ms
10ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:52 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 4 KB
1 KB 36ms
11ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:52 GMT

GET
H3 200 igb-blocks.css
149352635.v2.pressablecdn.com/wp-content/mu-plugins/igb-blocks/dist/front/ 1 KB
877 B 18ms
14ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/mu-plugins/igb-blocks/dist/front/igb-blocks.css?ver=1614276094

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ad1a9d38fb19479061ecffb38db571f803ccbb15e0d51d1523ab219ea568d550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Thu, 25 Feb 2021 18:01:34 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/mu-plugins/igb-blocks/dist/front/igb-blocks.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style-coblocks-1.css
149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/ 265 KB
35 KB 18ms
15ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/style-coblocks-1.css?ver=3.1.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

17a408bf3a3aeb1cf6fffe16bfda1126ff1a4d996ea28ea3b85bf5dcc3a6c1aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
x-ac: 2.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 17:45:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/coblocks/dist/style-coblocks-1.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style-coblocks-extensions.css
149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/ 2 KB
737 B 54ms
14ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/style-coblocks-extensions.css?ver=3.1.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9c197c685d1cfde9e68e198bd0c023f58202efd10e5991a58aeacb01db67f844

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 17:45:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/coblocks/dist/style-coblocks-extensions.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 link-checker-public.css
149352635.v2.pressablecdn.com/wp-content/plugins/team51-link-checker/public/css/ 98 B
503 B 54ms
15ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/team51-link-checker/public/css/link-checker-public.css?ver=1.0.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:52 GMT
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 08 Aug 2022 19:46:48 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/plugins/team51-link-checker/public/css/link-checker-public.css>; rel="canonical"
content-length: 98
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 woocommerce-layout.css
c0.wp.com/p/woocommerce/8.4.0/assets/css/ 17 KB
3 KB 1652ms
1648ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.4.0/assets/css/woocommerce-layout.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f3025cb2afeb54d4dcb1ca02606b0e2e48639ee78a9d55ef4e9a80767351e118

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 28 Nov 2023 16:35:55 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:53 GMT

GET
H3 200 woocommerce-smallscreen.css
c0.wp.com/p/woocommerce/8.4.0/assets/css/ 7 KB
1 KB 1674ms
1670ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.4.0/assets/css/woocommerce-smallscreen.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Aug 2023 21:45:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:53 GMT

GET
H3 200 woocommerce.css
c0.wp.com/p/woocommerce/8.4.0/assets/css/ 22 KB
0 5421ms
5418ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.4.0/assets/css/woocommerce.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 28 Nov 2023 16:35:55 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:53 GMT

GET
H2 200 ez-toc-sticky.min.css
149352635.v2.pressablecdn.com/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
2 KB 54ms
15ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/easy-table-of-contents/assets/css/ez-toc-sticky.min.css?ver=2.0.58

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f27902b2b9390fb8b4b9b4239b762bc52fb4e6e2098d3dfecc1fdb37c9431b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 28 Nov 2023 06:34:49 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/easy-table-of-contents/assets/css/ez-toc-sticky.min.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
553 B 68ms
26ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&ver=1.0.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 16 Dec 2023 23:52:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Dec 2023 01:31:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 240 B
305 B 70ms
27ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400i&text=1234567890%2C&ver=1.0.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0faac6667b9444d10e4d1d4b3551491e48687f885f612b88379c1c2f8e4f3447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 01:31:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Dec 2023 01:31:53 GMT

GET
H2 200 style.css
149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/ 301 KB
40 KB 54ms
15ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/style.css?ver=2.0.1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6f362df700f594c70c744881a38ffcaf3863ef11faa6a67db1645a45849b9a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
x-ac: 2.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Thu, 29 Jun 2023 08:01:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/themes/itgetsbetter-2017/style.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed.css
assets.juicer.io/ 93 KB
14 KB 60ms
21ms Stylesheet
text/css 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.juicer.io/embed.css?ver=6.4.2
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23dca5372d66da8f8d2f2df62e684a4675def324a17be322e592f477a783b754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:52 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Thu, 14 Dec 2023 18:30:42 GMT
server: cloudflare
age: 1265
vary: Accept-Encoding, Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702580293&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=OdcCvn9tSVkznFNsx3HThO15FsbgnwejQRjd%2Bj%2Bvn3w%3D"}]}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 836b68b7e8f58fe2-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702580293&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=OdcCvn9tSVkznFNsx3HThO15FsbgnwejQRjd%2Bj%2Bvn3w%3D

GET
H2 200 jetpack.css
149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/css/ 99 KB
19 KB 61ms
22ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/css/jetpack.css?ver=13.0-a.5

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0a7b0a284797adccf96f301f77028fba8f187bba33267584582d77a50b2926d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
x-ac: 2.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 11 Dec 2023 20:39:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/jetpack/css/jetpack.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/ 8 KB
3 KB 57ms
33ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:52 GMT

GET
H2 200 regenerator-runtime.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/ 6 KB
3 KB 46ms
23ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 19 Sep 2023 19:30:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:52 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/ 112 KB
34 KB 47ms
24ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:52 GMT

GET
H2 200 hooks.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/dist/ 5 KB
2 KB 55ms
33ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/dist/hooks.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:52 GMT

GET
H2 200 w.js Show response
stats.wp.com/ 11 KB
4 KB 47ms
10ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/w.js?ver=202350
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 585d4af3a08847a4604f8796b4841ebf7eaec7211606cc954f88dc9f27c72b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/11154-1698845937340.7637
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 02 Dec 2024 09:23:13 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/jquery/ 86 KB
29 KB 55ms
33ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/jquery.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:52 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/jquery/ 13 KB
5 KB 34ms
12ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:52 GMT

GET
H2 200 link-checker-public.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/team51-link-checker/public/js/ 838 B
870 B 60ms
22ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/team51-link-checker/public/js/link-checker-public.js?ver=1.0.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 08 Aug 2022 19:46:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/team51-link-checker/public/js/link-checker-public.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/say-what/assets/build/ 917 B
752 B 61ms
24ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/say-what/assets/build/frontend.js?ver=fd31684c45e4d85aeb4e

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f5d443de6f68d2fa95c8f5493cf7e248b5025615c40333a24c4eda1366626ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
x-ac: 2.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 17:46:04 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/say-what/assets/build/frontend.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.blockUI.min.js Show response
c0.wp.com/p/woocommerce/8.4.0/assets/js/jquery-blockui/ 9 KB
4 KB 5413ms
5413ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.4.0/assets/js/jquery-blockui/jquery.blockUI.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 18 Jul 2023 19:53:36 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:53 GMT

GET
H3 200 add-to-cart.min.js Show response
c0.wp.com/p/woocommerce/8.4.0/assets/js/frontend/ 3 KB
1 KB 10ms
10ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.4.0/assets/js/frontend/add-to-cart.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 18 Jul 2023 19:53:36 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:53 GMT

GET
H3 200 js.cookie.min.js Show response
c0.wp.com/p/woocommerce/8.4.0/assets/js/js-cookie/ 2 KB
1 KB 9ms
8ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.4.0/assets/js/js-cookie/js.cookie.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 18 Jul 2023 19:53:36 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:53 GMT

GET
H3 200 woocommerce.min.js Show response
c0.wp.com/p/woocommerce/8.4.0/assets/js/frontend/ 2 KB
1 KB 13ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.4.0/assets/js/frontend/woocommerce.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 18 Jul 2023 19:53:36 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:53 GMT

GET
H2 200 i18n.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/dist/ 9 KB
4 KB 44ms
22ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/dist/i18n.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:52 GMT

GET
H2 200 i18n-loader.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-assets/build/ 6 KB
3 KB 61ms
24ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-assets/build/i18n-loader.js?minify=true&ver=ee939953aa2115e2ca59

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

236fb88931feead5473c70f542473d5dc064578ffb45ea743414720e2aea3929

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:52 GMT
content-encoding: br
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 14 Nov 2023 17:55:08 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-assets/build/i18n-loader.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 s-202350.js Show response
stats.wp.com/ 9 KB
4 KB 19ms
9ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/s-202350.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d92c0cb8715f872b995e9166602b68fd389905b7942fe245ce0eaf9ae9743686

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
last-modified: Thu, 07 Dec 2023 08:03:56 GMT
server: nginx
etag: W/"65717c6c-25ea"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 09 Dec 2024 21:45:55 GMT

GET
H2 200 dc8c838d72.js Show response
kit.fontawesome.com/ 12 KB
5 KB 455ms
418ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/dc8c838d72.js?ver=6.4.2
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c360d10c38b63a55255ad2264a2c8826587a36de09ce8ee4fb1b2861d56f5765

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 836b68b7eb903666-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F6AgkcRk3ZRlkrsMfnLD

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
93 KB 65ms
55ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-MBL48JF

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed441934aaf91c6a3dede178627296ae9249e04b3a13fe8895bfd43dc2a27c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95413
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:53 GMT

GET
H2 200 img-home-page-hero-poster.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/ 29 KB
30 KB 24ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/img-home-page-hero-poster.jpg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b09bbc10887550bcc13732c26f52ebf50bb347b310978bf08271e13a34c8b3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:52 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 30182
x-nc: HIT hhn 2
last-modified: Thu, 25 May 2023 09:20:03 GMT
server: nginx
etag: "db2e6923efb86a36"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://itgetsbetter.org/wp-content/uploads/2021/05/img-home-page-hero-poster.jpg>; rel="canonical"
expires: Sat, 24 May 2025 21:20:03 GMT

GET
H3 200 igb-logo-10.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/ 3 KB
4 KB 14ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/igb-logo-10.jpg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c046f278de5092451d72870f6205ba519550a6b5911369b46d9edc2095e304d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3272
x-nc: HIT hhn 3
last-modified: Thu, 25 May 2023 05:18:55 GMT
server: nginx
etag: "9b3cfa7e23c917e3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://itgetsbetter.org/wp-content/uploads/2021/05/igb-logo-10.jpg>; rel="canonical"
expires: Sat, 24 May 2025 17:18:55 GMT

GET
H3 200 igb-logo-mobile-10.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/ 9 KB
10 KB 14ms
9ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/igb-logo-mobile-10.jpg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

148f8b31db59c14b3a649f5c3d3ddbd85f061aa23e93418966149aea03afbcf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 9706
x-nc: HIT hhn 1
last-modified: Thu, 25 May 2023 05:18:55 GMT
server: nginx
etag: "eb681fa49ab1c18c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://itgetsbetter.org/wp-content/uploads/2021/05/igb-logo-mobile-10.jpg>; rel="canonical"
expires: Sat, 24 May 2025 17:18:55 GMT

GET
H2 200 /
itgetsbetter.org/ 13 KB
4 KB 124ms
123ms Stylesheet
text/css 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/?custom-css=f908e700be

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c95a52255502607fbc12722fb5e4e0b3ccdc44c4df9ffd5c17546bbbad547b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nananana: Batcache-Hit
date: Sun, 17 Dec 2023 01:31:53 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 17 Dec 2023 01:31:09 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
vary: Accept-Encoding, Cookie
content-type: text/css;charset=utf-8
cache-control: max-age=257, must-revalidate
host-header: Pressable
expires: Mon, 16 Dec 2024 01:31:09 GMT

GET
H2 200 glossary2023.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/03/ 30 KB
30 KB 33ms
11ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/03/glossary2023.jpg?resize=1920%2C798&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

8d1b040cdb0d8a3beb3dedf8127c8b3a10f77250044dc1d932f25bf0d5ce469f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:52 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 30678
x-nc: HIT hhn 4
last-modified: Tue, 25 Apr 2023 12:30:31 GMT
server: nginx
etag: "106545559def64f9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/03/glossary2023.jpg>; rel="canonical"
expires: Fri, 25 Apr 2025 00:30:31 GMT

GET
H2 200 Global-Summit-Header.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/03/ 43 KB
43 KB 60ms
39ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/03/Global-Summit-Header.jpg?resize=970%2C354&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6cee9f8dff2aab298eeeb2f8e731080bb832c14c9cf00de583b9e7e1dcce3ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:52 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 43740
x-nc: HIT hhn 3
last-modified: Mon, 22 May 2023 22:26:22 GMT
server: nginx
etag: "cbfa2156688f1e19"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/03/Global-Summit-Header.jpg>; rel="canonical"
expires: Thu, 22 May 2025 10:26:22 GMT

GET
H2 200 IGB_Donation_Banner-1.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/11/ 479 KB
480 KB 44ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/11/IGB_Donation_Banner-1.png?w=1024&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

28dbf1bfa9461838186542b43adf9dac9666b439de4cc026b2c2416784161bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:52 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 490316
x-nc: HIT hhn 2
last-modified: Tue, 14 Nov 2023 14:30:38 GMT
server: nginx
etag: "97680899fc359e29"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/11/IGB_Donation_Banner-1.png>; rel="canonical"
expires: Fri, 14 Nov 2025 02:30:38 GMT

GET
H3 200 Lesbian_Hayley-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 29 KB
30 KB 8ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Lesbian_Hayley-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

08c4f8203773f0d8c0820bd606e09d4ab1407d995c015a329e8f2ca737e141ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 30188
x-nc: HIT hhn 3
last-modified: Tue, 14 Nov 2023 14:56:55 GMT
server: nginx
etag: "2fd987bfb8436910"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Lesbian_Hayley-1024x576-1.jpg>; rel="canonical"
expires: Fri, 14 Nov 2025 02:56:55 GMT

GET
H3 200 Gay_Harper-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 20 KB
21 KB 15ms
10ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Gay_Harper-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

1a350b06a5af92f574257688acfb38dc3638f4b6753358aecd43cb8e74bac6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 20854
x-nc: HIT hhn 2
last-modified: Tue, 14 Nov 2023 14:56:54 GMT
server: nginx
etag: "3ecd99936bbe9a38"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Gay_Harper-1024x576-1.jpg>; rel="canonical"
expires: Fri, 14 Nov 2025 02:56:54 GMT

GET
H3 200 BiPan_Still.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/10/ 43 KB
43 KB 17ms
12ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/10/BiPan_Still.jpg?resize=1024%2C576&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

20ac027ad49317ebdf76a19e606ccdf892924bdce3996d90af1ed4cabcbe1de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 43678
x-nc: HIT hhn 1
last-modified: Tue, 29 Aug 2023 23:30:43 GMT
server: nginx
etag: "113e27b21907aeb8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/10/BiPan_Still.jpg>; rel="canonical"
expires: Fri, 29 Aug 2025 11:30:43 GMT

GET
H3 200 trans_FB.00_06_32_22.Still001-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 37 KB
37 KB 23ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/trans_FB.00_06_32_22.Still001-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

1ae9be0de86ea5204f07a8baa11bb5ba1aa1d6ed4e8cf7d10c8fbd7160661954

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 37944
x-nc: HIT hhn 2
last-modified: Tue, 14 Nov 2023 14:56:54 GMT
server: nginx
etag: "a217deb98c5b5db9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/trans_FB.00_06_32_22.Still001-1024x576-1.jpg>; rel="canonical"
expires: Fri, 14 Nov 2025 02:56:54 GMT

GET
H3 200 Queer_Blair-Imani-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 58 KB
59 KB 26ms
21ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Queer_Blair-Imani-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

9e8189a6b9d88051b90735e02168330e7faecb461157e686314ab82c29a18cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
x-optim-disabled: true
alt-svc: h3=":443"; ma=86400
content-length: 59692
x-nc: HIT hhn 3
last-modified: Fri, 10 Nov 2023 11:32:34 GMT
server: nginx
etag: "892eaa1927497487"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Queer_Blair-Imani-1024x576-1.jpg>; rel="canonical"
expires: Sun, 09 Nov 2025 23:32:34 GMT

GET
H3 200 Nonbinary_Jerwin-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 27 KB
28 KB 29ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Nonbinary_Jerwin-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

2b3f86a5519461bf7afb2a8587e94830b00edecb94fb1c1cb0ae0b4e897f0ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 28038
x-nc: HIT hhn 3
last-modified: Tue, 14 Nov 2023 14:56:54 GMT
server: nginx
etag: "60adc46caf3e58f6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Nonbinary_Jerwin-1024x576-1.jpg>; rel="canonical"
expires: Fri, 14 Nov 2025 02:56:54 GMT

GET
H3 200 Global-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 22 KB
22 KB 28ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Global-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

03d27c71ce9e1f4da7c9948f62f6e43900a6377b66879400d0f9587218326124

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 22308
x-nc: HIT hhn 3
last-modified: Tue, 14 Nov 2023 14:30:38 GMT
server: nginx
etag: "96ac87fd62795244"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Global-1024x576-1.jpg>; rel="canonical"
expires: Fri, 14 Nov 2025 02:30:38 GMT

GET
H3 200 Celebs_Kelly-Clarkson-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 48 KB
49 KB 31ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Celebs_Kelly-Clarkson-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

a82f47323ee6ab4f06c4ff619a0ef63855b6896c2fc3e79387b0ee9b3dd80a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 49358
x-nc: HIT hhn 3
last-modified: Tue, 14 Nov 2023 14:56:55 GMT
server: nginx
etag: "a153abb50db2e575"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Celebs_Kelly-Clarkson-1024x576-1.jpg>; rel="canonical"
expires: Fri, 14 Nov 2025 02:56:55 GMT

GET
H3 200 Webseries_Activism-1024x576-1.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 498 KB
499 KB 34ms
29ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Webseries_Activism-1024x576-1.png?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b0665a16f0f78a80f527b00fe5463d469e79d1288a7389b19a0452596c9c9749

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 510150
x-nc: HIT hhn 4
last-modified: Tue, 14 Nov 2023 14:56:55 GMT
server: nginx
etag: "3c7b4eb06592eb65"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Webseries_Activism-1024x576-1.png>; rel="canonical"
expires: Fri, 14 Nov 2025 02:56:55 GMT

GET
H3 200 Screenshot-2023-11-20-at-11.59.44-AM.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/11/ 713 KB
713 KB 36ms
31ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/11/Screenshot-2023-11-20-at-11.59.44-AM.png?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b0627e3c20e0eaac0d740514ee496d5cb00597819f9b70e211d93d7c398ec410

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 730074
x-nc: HIT hhn 2
last-modified: Tue, 21 Nov 2023 16:28:32 GMT
server: nginx
etag: "027c57838cc9b6a0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/11/Screenshot-2023-11-20-at-11.59.44-AM.png>; rel="canonical"
expires: Fri, 21 Nov 2025 04:28:32 GMT

GET
H3 200 Screenshot-2023-12-11-at-11.55.35-AM.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/12/ 684 KB
684 KB 38ms
34ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/12/Screenshot-2023-12-11-at-11.55.35-AM.png?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5202377fd493d6cb7364f4007edf6040e2ab8027f0d9ef0d71291fbe2868a433

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 700526
x-nc: HIT hhn 4
last-modified: Mon, 11 Dec 2023 21:44:15 GMT
server: nginx
etag: "f8626dd1e8b01536"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/12/Screenshot-2023-12-11-at-11.55.35-AM.png>; rel="canonical"
expires: Thu, 11 Dec 2025 09:44:15 GMT

GET
H3 200 SquareBrian.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/12/ 101 KB
101 KB 37ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/12/SquareBrian.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

0e459102d172831a8eeb317d128fa35e0a749f9a6406a8a4f360f47ed6a82878

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 103156
x-nc: HIT hhn 3
last-modified: Thu, 07 Dec 2023 19:46:21 GMT
server: nginx
etag: "d9132aa2aacb81ae"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/12/SquareBrian.jpg>; rel="canonical"
expires: Sun, 07 Dec 2025 07:46:21 GMT

GET
H3 200 Screenshot-2023-12-05-at-11.53.54-AM.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/12/ 188 KB
188 KB 39ms
36ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/12/Screenshot-2023-12-05-at-11.53.54-AM.png?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

06d9c9326c7fa24c99554f45c49585782e6f1207e942cd8afdb71422ff2d59ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 192196
x-nc: HIT hhn 2
last-modified: Tue, 05 Dec 2023 20:44:14 GMT
server: nginx
etag: "12705e76177d0913"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/12/Screenshot-2023-12-05-at-11.53.54-AM.png>; rel="canonical"
expires: Fri, 05 Dec 2025 08:44:14 GMT

GET
H2 200 embed.js Show response
assets.juicer.io/ 631 KB
139 KB 22ms
22ms Script
application/javascript 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.juicer.io/embed.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ca4d6df311da0b41ee14e75717db5a290acc8c6f0e0f020b638dd080e728492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Thu, 14 Dec 2023 18:30:42 GMT
server: cloudflare
age: 1907
vary: Accept-Encoding, Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702582900&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KpI05T49R72wpS6SQL3gYp1ctnLFMDxOcFd0kBXSrIw%3D"}]}
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 836b68b859178fe2-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702582900&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KpI05T49R72wpS6SQL3gYp1ctnLFMDxOcFd0kBXSrIw%3D

GET
H2 200 embed.css
assets.juicer.io/ 93 KB
14 KB 22ms
22ms Stylesheet
text/css 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.juicer.io/embed.css
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23dca5372d66da8f8d2f2df62e684a4675def324a17be322e592f477a783b754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Thu, 14 Dec 2023 18:30:42 GMT
server: cloudflare
age: 1532
vary: Accept-Encoding, Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702579926&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=1zsz0WMClTfEsE%2FpqLyHTlXyE5fayOWSQFJY6HIClqc%3D"}]}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 836b68b8691c8fe2-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702579926&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=1zsz0WMClTfEsE%2FpqLyHTlXyE5fayOWSQFJY6HIClqc%3D

GET
H2 200 image-cdn.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 701 B
789 B 8ms
6ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 08 May 2023 16:57:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 url.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/dist/ 9 KB
4 KB 9ms
9ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/dist/url.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

65f976cffe2202ce71f130a2a4496ca28762a5323229d71ae014d1205c4ffdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:53 GMT

GET
H2 200 jp-search.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 7 KB
4 KB 7ms
6ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=156632ec530008abc8ff

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8cc972b71226ec94578a47c204f06ca46f34494ef1f70acc44a27aa5b5e2d80f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 04 Dec 2023 06:52:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend-checkout.min.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/woocommerce-table-rate-shipping/assets/js/ 190 B
601 B 7ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/woocommerce-table-rate-shipping/assets/js/frontend-checkout.min.js?ver=3.1.2

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7a98cfd53fb371872ceef03beaed46b74a7e02d44caa34bab76913cccf0249bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
x-ac: 2.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 15:54:43 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/plugins/woocommerce-table-rate-shipping/assets/js/frontend-checkout.min.js>; rel="canonical"
content-length: 190
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 coblocks-animation.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/js/ 407 B
798 B 7ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=3.1.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2f167ae1780938fa19464993733924d0d078d5f5ce7955a596a55c210cb36cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
x-ac: 2.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 17:45:42 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/plugins/coblocks/dist/js/coblocks-animation.js>; rel="canonical"
content-length: 407
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tiny-swiper.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/js/vendors/ 10 KB
5 KB 7ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/js/vendors/tiny-swiper.js?ver=3.1.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bfd761a9c6e6c5c0f50a303e473b15669ed19851fb18b331008b281c9fd0caa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
x-ac: 2.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 17:45:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/coblocks/dist/js/vendors/tiny-swiper.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 coblocks-tinyswiper-initializer.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/js/ 14 KB
6 KB 8ms
8ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/js/coblocks-tinyswiper-initializer.js?ver=3.1.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3f7af01f4d8414f9dfe9e2dc0f693ad62b3081e7a345aee612114e4c4aebcd2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 17:45:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/coblocks/dist/js/coblocks-tinyswiper-initializer.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jetpack-carousel.min.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/_inc/build/carousel/ 24 KB
8 KB 7ms
7ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=13.0-a.5

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0200bc38d986631f9cc4680084d7d263ccf17fa4a3c627b26ff347e0cfcf1d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
x-ac: 2.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 30 May 2023 17:03:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 index.js Show response
149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/assets/dist/js/ 133 KB
35 KB 8ms
8ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/assets/dist/js/index.js?ver=2.0.1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f4125873a800fd8df636016b1d34e0af85e54abb5a1a06e26360e8f2af1d2eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 27 Sep 2023 17:16:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/themes/itgetsbetter-2017/assets/dist/js/index.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed-no-jquery.js Show response
assets.juicer.io/ 534 KB
106 KB 24ms
24ms Script
application/javascript 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.juicer.io/embed-no-jquery.js?ver=6.4.2
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26638825653a95442df1b6a3910341dafbfff1cd0b2aa3bace865edd4a8d1a08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Thu, 14 Dec 2023 18:30:42 GMT
server: cloudflare
age: 884
vary: Accept-Encoding, Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702581105&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=JyReQsuJhly%2FxakczT2LjHyS2lbph1YurPkMu%2FH%2F02M%3D"}]}
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 836b68b8e97b8fe2-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702581105&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=JyReQsuJhly%2FxakczT2LjHyS2lbph1YurPkMu%2FH%2F02M%3D

GET
H2 200 e-202350.js Show response
stats.wp.com/ 7 KB
3 KB 16ms
9ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202350.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1684464982353.1523
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 08 Dec 2024 22:20:13 GMT

GET
H3 200 mediaelement-and-player.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 154 KB
35 KB 7ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/mediaelement-and-player.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 29 Sep 2022 14:21:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:53 GMT

GET
H3 200 mediaelement-migrate.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 1 KB
820 B 7ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/mediaelement-migrate.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:53 GMT

GET
H3 200 wp-mediaelement.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 1 KB
795 B 7ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/wp-mediaelement.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 07 Feb 2023 16:00:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:53 GMT

GET
H3 200 vimeo.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/renderers/ 6 KB
2 KB 7ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/renderers/vimeo.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:53 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/696171030/ 3 KB
2 KB 97ms
30ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696171030/?random=1702776712927&cv=11&fst=1702776712927&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fitgetsbetter.org%2F&hn=www.googleadservices.com&frm=0&tiba=It%20Gets%20Better%20%E2%80%93%20The%20It%20Gets%20Better%20Project%20exists%20to%20uplift%2C%20empower%2C%20and%20connect%20LGBTQ%2B%20youth%20around%20the%20globe.&auid=1341389555.1702776713&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-696171030

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c702a0e67c54d1c8eae87a2b5f04d79ffda92dc7581e849be96f67eb40bf1abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 41ms
9ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.10158699832425189
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 01:31:53 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 main.MTdjYzNiZDU2NA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 432 KB
112 KB 23ms
16ms Script
application/javascript 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BUVFAJTD82FVM3BDSISG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f0fc7af60b98a57cccf7d5d7ea6e10f640db6f7553fb131e991b120dd6a62e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 1df5957b
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023110907314746BDC5EB6423DDDCE162
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018fc3cb793aba0f73f0ffb74ebc8a86cb2ac8f7dd8f3005f102b609684329cb76441a0d1bf91365e1d9c35ad025e84b2afd17ed92e97b271d4aef07883d9e30e39100154c19d2745ba39fcfde9b4484ab904f7470e43330993240dbf78da2a9fe
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=16
content-length: 114263

GET
H2 200 adsct
t.co/i/ 43 B
376 B 155ms
119ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=cdf02aaa-d257-4967-a1e4-7cba868133c7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c241cee2-d1de-4c35-9d56-2e134ce7e6a0&tw_document_href=https%3A%2F%2Fitgetsbetter.org%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4zya&type=javascript&version=2.3.29

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 109
date: Sun, 17 Dec 2023 01:31:53 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3cf864d4fe0ecac8
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 0c44855690e303e4f31b2faaa9a9501b3f56846968457cf19e1872a3018dc059
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 240ms
187ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=cdf02aaa-d257-4967-a1e4-7cba868133c7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c241cee2-d1de-4c35-9d56-2e134ce7e6a0&tw_document_href=https%3A%2F%2Fitgetsbetter.org%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4zya&type=javascript&version=2.3.29

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 179
date: Sun, 17 Dec 2023 01:31:53 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 73ec0f4b477ea060
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: fe65957a8bfbbdcba92acebe89b7caf251bfce88731b67a3f5f5e4d8e0a9e6d8
content-length: 43

GET
H2 200 pro-v4-shims.min.js Show response
ka-p.fontawesome.com/releases/v6.5.1/js/ 27 KB
8 KB 65ms
23ms Fetch
application/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/js/pro-v4-shims.min.js?token=dc8c838d72
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/dc8c838d72.js?ver=6.4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b06bb41004d7fcd9051c499749c319244ffdacf890af122d1b9be2f413fb43ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:54 GMT
server: cloudflare
age: 34771
etag: "6568c5a2-1df2"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 836b68bacd93699f-FRA
content-length: 7666

GET
H2 200 pro.min.js Show response
ka-p.fontawesome.com/releases/v6.5.1/js/ 60 KB
18 KB 63ms
21ms Fetch
application/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/js/pro.min.js?token=dc8c838d72
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/dc8c838d72.js?ver=6.4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e1f1cd3369c758e19b92899eac17de20750b6888d0600673811208162dab08d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:54 GMT
server: cloudflare
age: 72662
etag: "6568c5a2-4583"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 836b68bacd90699f-FRA
content-length: 17795

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
93 KB 41ms
35ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-MBL48JF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-696171030

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e9eafa16a3ea77f0df3303e7ad366c5641df015f609c9c4be9fe338ddfced91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95491
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:53 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 62ms
27ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 17 Dec 2023 01:31:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: glm1SRUVOUgDN5GPE/J/Sco7jJWh2Fyc3Pj1RWOtIs6mpKn9/AKsEeaxQbLDhwJJEH3DYqjiiAeif6G8NO007w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 280 KB
94 KB 63ms
58ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5QWJNP

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df31f580306f20d0fbc3c931bace1463fd32478940fdb809693c4cdd2010e47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96243
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 17 Dec 2023 01:31:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 465 B
763 B 74ms
26ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Annie+Use+Your+Telescope&display=swap

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/?custom-css=f908e700be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9307bfc8d9261402d1e44aa45a4ab1e133dabe80c84172fa4cc2d23acaa4487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 01:31:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Dec 2023 01:31:53 GMT

GET
H2 200 bwkUX98fktI Show response
www.youtube.com/embed/ Frame 6026 91 KB
40 KB 161ms
106ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75685e2c359089398c9a0d617841487e10f64607d7fb1d26e7b1562da3406554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 01:31:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 IGB_Video_Faces_compressed.mp4
itgetsbetter.org/wp-content/uploads/2021/05/ 96 KB
0 258ms
256ms Media
video/mp4 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/uploads/2021/05/IGB_Video_Faces_compressed.mp4

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itgetsbetter.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
last-modified: Fri, 21 May 2021 15:57:57 GMT
server: nginx
etag: "60a7d885-66a3a1"
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-6726560/6726561
Content-Length: 6726561

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 20ms
17ms Script
application/javascript 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 1df59596
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073136FEDC675495BC05EA7848
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015ebf0c445aaa86c0c7b65a26901913e4f395246009a496d8520067e16b761ce006af2c5194a4cd9778afc28c7db97291836d76ba3faa1b75b868088a4c7b4d5ea13d3b6203d0ed8e39f12535c248fed7606bb82c8b8796e51fd89fcaf9e5a832
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=2
content-length: 36079

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Screenshot-2023-11-20-at-11.59.44-AM.png
149352635.v2.pressablecdn.com/wp-content/uploads/2023/11/ 1 MB
1 MB 11ms
10ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149352635.v2.pressablecdn.com/wp-content/uploads/2023/11/Screenshot-2023-11-20-at-11.59.44-AM.png

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

09de594226b72397977af42907bcac46d6248ba806bd88d22bc93733325b1541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 20 Nov 2023 20:04:13 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/uploads/2023/11/Screenshot-2023-11-20-at-11.59.44-AM.png>; rel="canonical"
content-length: 1539731
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Dec 2023 01:31:53 GMT

GET
H3 200 Screenshot-2023-12-11-at-11.55.35-AM.png
149352635.v2.pressablecdn.com/wp-content/uploads/2023/12/ 1 MB
1 MB 13ms
12ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149352635.v2.pressablecdn.com/wp-content/uploads/2023/12/Screenshot-2023-12-11-at-11.55.35-AM.png

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

eb3dc9d945c295c2591ca055f94a70be1de81642c9561800c24ca2d6cd2ae5d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 11 Dec 2023 19:57:05 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/uploads/2023/12/Screenshot-2023-12-11-at-11.55.35-AM.png>; rel="canonical"
content-length: 1286588
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Dec 2023 01:31:53 GMT

GET
H3 200 SquareBrian.jpg
149352635.v2.pressablecdn.com/wp-content/uploads/2023/12/ 326 KB
327 KB 14ms
13ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149352635.v2.pressablecdn.com/wp-content/uploads/2023/12/SquareBrian.jpg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

006a2b313915b4c2dd538d1316e935ba593bdb7793a21a493b05de60473769c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
x-ac: 2.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 06 Dec 2023 00:06:55 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/uploads/2023/12/SquareBrian.jpg>; rel="canonical"
content-length: 334125
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Dec 2023 01:31:53 GMT

GET
H3 200 Screenshot-2023-12-05-at-11.53.54-AM.png
149352635.v2.pressablecdn.com/wp-content/uploads/2023/12/ 406 KB
407 KB 16ms
16ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149352635.v2.pressablecdn.com/wp-content/uploads/2023/12/Screenshot-2023-12-05-at-11.53.54-AM.png

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3f631e6316191fa33655184b7eb8fe3a9941ee26fbbec21b1930349e2a70b9d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
x-ac: 1.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 05 Dec 2023 20:02:58 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/uploads/2023/12/Screenshot-2023-12-05-at-11.53.54-AM.png>; rel="canonical"
content-length: 416006
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Dec 2023 01:31:53 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
843 B 166ms
165ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 27f44d3b.1df5959b
date: Sun, 17 Dec 2023 01:31:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231217013153CFEB3CAA8EC03AB4FC6E-44FB88A36738DDA2-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 145,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=59, inner; dur=56
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231217013153CFEB3CAA8EC03AB4FC6E
x-cache-remote: TCP_MISS from a23-220-106-26.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 59,23.220.106.26
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72ade06c3170b88d3eb3644efd164c281c63d3e35c0d0f39bd8e090e39b3b191f4ac623883fbee103866a2db57550e38bc01d4d6ba161e3daa2cf72429a4d21df54a98203cf75e2614dfcfdfd02da6709f20a7119008a86e56b1c626888a94705475b
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:53 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
842 B 202ms
201ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 35e1c4ab.1df5959d
date: Sun, 17 Dec 2023 01:31:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231217013153131129194BEEE1B2D907-04384F71767E1D6D-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 186,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=105, inner; dur=102
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231217013153131129194BEEE1B2D907
x-cache-remote: TCP_MISS from a23-220-106-22.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 105,23.220.106.22
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72ade06c3170b88d3eb3644efd164c281c63d406259b9eb9cc7a69acc4a21cc7a0a58d4d70abd4fdf1939a471e2fb3ca1655277543b20f94857af2a3bfd91b9997f87c906e7ed34a22aeb033ccebfc979179540240e202881520fb7ad97ada52dadf7
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:53 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
842 B 108ms
107ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a259d838.1df5959e
date: Sun, 17 Dec 2023 01:31:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121701315327763D8FFC238197B105-6B77BAD761111532-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 92,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=10, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023121701315327763D8FFC238197B105
x-cache-remote: TCP_MISS from a23-48-100-143.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.48.100.143
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72adebd96bc584317333dbebbba779a7aab9525b89e7004457dc6900cd573cb59612974e328fe1ef769c7e625d99b76a0814a7ad634d543d93688197bf7701302aa9524153aa4c556b5f99e9f1ceb855bd629f56dd53d7e649b59e951966b56d5199c
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:53 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
841 B 118ms
117ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4c57d987.1df595a2
date: Sun, 17 Dec 2023 01:31:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231217013153F614F0822B8FBA464CB7-006DD0ECD2D76FC3-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 98,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=13, inner; dur=10
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231217013153F614F0822B8FBA464CB7
x-cache-remote: TCP_MISS from a23-220-106-5.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.220.106.5
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72ade06c3170b88d3eb3644efd164c281c63d68d7a7dab43062d8daa465f6d668e49ca664f5131ef31ddc71e8cbcae9daa953b50d61d46a3e1b1607dab733371b593551be14635dc1906a42cb766d357b7723359d0e778dfa575fe0b815b478097432
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:53 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
841 B 325ms
324ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 14f5c080.1df595a3
date: Sun, 17 Dec 2023 01:31:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312170131537CA4F71438B499C03F9C-6044EC2B5C2D9B9E-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 306,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=125, origin; dur=185, inner; dur=133
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312170131537CA4F71438B499C03F9C
x-cache-remote: TCP_MISS from a23-220-106-27.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 185,23.220.106.27
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72ade06c3170b88d3eb3644efd164c281c63d6baea1313f2ea8e4fe4e8f1040953ca9bfd840c2d21542165b135de251d16aa95bcf8e481c0a7d10aafd191bfa954072bf454f8aca0b9b3a023cc3d63a3915a10e82d5800dc99d2b8e431503172e40dd
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:53 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
840 B 114ms
113ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4b2cbba9.1df595a5
date: Sun, 17 Dec 2023 01:31:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121701315394F685D5906520D52300-7901CC4C8F8B81C6-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 93,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=10, inner; dur=7
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023121701315394F685D5906520D52300
x-cache-remote: TCP_MISS from a23-48-100-144.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.48.100.144
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72adebd96bc584317333dbebbba779a7aab9509f0789b92591c2195eb7b8360b8e44b43391a1f74b9bc29ed9e6e1b392f37655a25d9931e5a1e08dfee14f94edcd77f958c1ca508fb50ddc9a2d0de1431963429f2958cbbb8a43eaa39669a652b5363
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:53 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
840 B 122ms
122ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 359330f2.1df595a6
date: Sun, 17 Dec 2023 01:31:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231217013153CDA16B1BEE80B7DBC3A0-3B447CE89C134203-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 104,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=16, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231217013153CDA16B1BEE80B7DBC3A0
x-cache-remote: TCP_MISS from a23-220-106-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.220.106.6
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72ade06c3170b88d3eb3644efd164c281c63d3919a0f917d3e9d1316e4dffcf7a1cb9e5f1aa234fc92b86205e06acb30fa7e4827115ed69c54f1156a555daf37f5cfe2f6bad29f25cea5206685a1d36d310c8e1d8644e1c61e9ac43e6c24cc06595a7
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:53 GMT

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
963 B 150ms
102ms Ping
text/plain 2.16.62.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.62.104 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-62-104.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7074a616.2dc7707
date: Sun, 17 Dec 2023 01:31:53 GMT
x-bytefaas-request-id: 20231217013153F1F269F20ADD0ED1EBF5
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231217013153F1F269F20ADD0ED1EBF5-377D8C1BD06D3357-00
x-cache: TCP_MISS from a2-16-62-100.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
x-parent-response-time: 90,2.16.62.100
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231217013153F1F269F20ADD0ED1EBF5
x-cache-remote: TCP_MISS from a23-213-246-196.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.75
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01a5f3a80f8e903a0aad69dd9f8628ee2533c0b48668071b4c2326c9df44dd5a0a23a49f7e5e48980615d489c43ee1ce7f940a0333c27c5bd68eea450f5129304654cb5c0d682b9574f3889af318eb90c710ad3660da34e3dc9cd1aa82f0e5fe543de6c53e2db9a62a0092095cddbf5efb
x-origin-response-time: 10,23.213.246.196
access-control-allow-headers: *
expires: Sun, 17 Dec 2023 01:31:53 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
844 B 157ms
157ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: bc6590d1.1df595a7
date: Sun, 17 Dec 2023 01:31:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231217013153F55D72698BA91B860F79-5289D02F9D1FC3C0-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 140,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=52, inner; dur=50
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231217013153F55D72698BA91B860F79
x-cache-remote: TCP_MISS from a23-48-100-133.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 52,23.48.100.133
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72adebd96bc584317333dbebbba779a7aab95c8df503fbfe416b4f26a48a1aebea8ca699f593981892d9aae2b49629b18591afc477f7dabafa0e82d2b35780927dfbd13bf3a7fbfbfc26ab6a050cec55d912335560e0504c39065453bd6910a5ddaf3
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:53 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
245 B 80ms
24ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Y69L8SW4D9&gtm=45Pe3bt0v9104262636&_p=1702776712823&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1957050522.1702776714&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702776713&sct=1&seg=0&dl=https%3A%2F%2Fitgetsbetter.org%2F&dt=It%20Gets%20Better%20%E2%80%93%20The%20It%20Gets%20Better%20Project%20exists%20to%20uplift%2C%20empower%2C%20and%20connect%20LGBTQ%2B%20youth%20around%20the%20globe.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3192
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-MBL48JF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 01:31:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://itgetsbetter.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 48ms
14ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 19:20:06 GMT
x-content-type-options: nosniff
age: 108707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 19:20:06 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 46ms
13ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 10:41:59 GMT
x-content-type-options: nosniff
age: 139794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 10:41:59 GMT

GET
H2 200 embedded-giving.js Show response
sdk.classy.org/ 42 KB
11 KB 441ms
415ms Script
text/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.classy.org/embedded-giving.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8d62871a4937a6fa0b3cd0ec07d890468cdb93c086b107c5f3b2d0ac7cdbe6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Dec 2023 00:58:09 GMT
cf-bgj: minify
server: cloudflare
x-amz-request-id: BH0XJC7GJ5ZP0XPJ
etag: W/"c099d86795ed6a99807f82cb5cb5a700"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60, s-maxage=900, stale-while-revalidate=60
cf-ray: 836b68bbef419188-FRA
x-amz-id-2: xH6L4FhhQVlNteKdP//vtWgp5Eoq2yJrOAlZ5EaIAB5BTuAZBtH88AoK1Qf8d1DndhYE1tn0Ua6ST8nOfgZeEg==

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 7ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.24871585718374867
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 01:31:53 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 icon-arrow-down-white.svg
149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/assets/dist/images/ 190 B
588 B 8ms
8ms Image
image/svg+xml 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/assets/dist/images/icon-arrow-down-white.svg

Requested by

Host: 149352635.v2.pressablecdn.com
URL: https://149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/style.css?ver=2.0.1

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

498a873a8912a66c10eddf5fb07274c747847eaa3e8e3fb1a14daba3425a980c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/style.css?ver=2.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 17 Dec 2023 01:31:53 GMT
x-ac: 2.hhn _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 01 Mar 2023 11:30:20 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/themes/itgetsbetter-2017/assets/dist/images/icon-arrow-down-white.svg>; rel="canonical"
content-length: 190
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Dec 2023 01:31:53 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/d23221b6/ Frame 6026 366 KB
47 KB 17ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee11928e9a31b92c22b88f0c49dae1f791043fe071dacf46b848efe85254c003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 21:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48218
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 15 Dec 2024 21:43:53 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/ Frame 6026 52 KB
16 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

423e4d25aa44ebb87acf362a69dc084449650df8fd4f7d325d2f4a136075726c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 00:21:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16627
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 16 Dec 2024 00:21:35 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/d23221b6/www-embed-player.vflset/ Frame 6026 322 KB
96 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c71106628b235959659a80caca8df6f9e8dfc9eac825605e79d2738726f287d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98540
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 15 Dec 2024 23:47:59 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/ Frame 6026 2 MB
768 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f19936a920a8171fd23d2e11b15228bf208b542066e72f8689afd2e2f2ce934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786314
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 16 Dec 2024 01:18:27 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/696171030/ 42 B
455 B 63ms
26ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/696171030/?random=1702776712927&cv=11&fst=1702774800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fitgetsbetter.org%2F&frm=0&tiba=It%20Gets%20Better%20%E2%80%93%20The%20It%20Gets%20Better%20Project%20exists%20to%20uplift%2C%20empower%2C%20and%20connect%20LGBTQ%2B%20youth%20around%20the%20globe.&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_45SiVM6xxBcNQCWmMAOsXuX-Wix8Lg&random=3957558820&rmt_tld=0&ipr=y

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 01:31:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ru/pagead/1p-user-list/696171030/ 42 B
455 B 64ms
26ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ru/pagead/1p-user-list/696171030/?random=1702776712927&cv=11&fst=1702774800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fitgetsbetter.org%2F&frm=0&tiba=It%20Gets%20Better%20%E2%80%93%20The%20It%20Gets%20Better%20Project%20exists%20to%20uplift%2C%20empower%2C%20and%20connect%20LGBTQ%2B%20youth%20around%20the%20globe.&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_45SiVM6xxBcNQCWmMAOsXuX-Wix8Lg&random=3957558820&rmt_tld=1&ipr=y

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 01:31:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
841 B 113ms
112ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: f882bdab.1df595c1
date: Sun, 17 Dec 2023 01:31:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312170131537E7289F3FDDB3FAE22A8-41E81C77CB0F9501-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 98,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=11, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312170131537E7289F3FDDB3FAE22A8
x-cache-remote: TCP_MISS from a23-48-100-138.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.48.100.138
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72adebd96bc584317333dbebbba779a7aab950da785c847f59378e8c2b1bc580752f43921d1d80e5b46a600afe35474fe0bdda81003537081fb5369f82173830e1c267283131b5941159cd2908095c788c9e41150dc5ee825bc0820fcd15d7f82613d
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:53 GMT

GET
H2 200 716750585601397 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 134ms
133ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/716750585601397?v=2.9.138&r=stable&domain=itgetsbetter.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5015b2e49faca5b3b14c98d2a3745aa664eca6b7d79822ffb3d21cbb92381538

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 17 Dec 2023 01:31:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: KwBsQ5UIqIdJqf2fdgm4ROf5kxm+EfAL7+LBmhhu0WUKL+V6UfB5qsOyCm1ff/1Xz1IUhstM+wAcW5O3e2+/tQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 7ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=136282148&post=11&tz=-8&srv=itgetsbetter.org&hp=atomic&ac=3&amp=0&j=1%3A13.0-a.5&host=itgetsbetter.org&ref=&rand=0.3908870728785827
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 01:31:53 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK track.js Show response
secure.gaug.es/ 4 KB
4 KB 576ms
100ms Script
application/javascript 54.147.159.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gaug.es/track.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.159.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-159-60.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 17 Dec 2023 01:31:54 GMT
Last-Modified: Tue, 10 Oct 2023 07:12:49 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6524f971-ef5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3829

GET
H3 200 American-Eagle_366_white.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 2 KB
2 KB 9ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/American-Eagle_366_white.png?resize=366%2C26&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

9cb482e4bbe7ddb2e5c64230d4bf9e90f5b0b41ad1c503a7c888ecff4b72fb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2130
x-nc: HIT hhn 4
last-modified: Mon, 27 Feb 2023 15:18:27 GMT
server: nginx
etag: "db37c8390da01739"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/American-Eagle_366_white.png>; rel="canonical"
expires: Thu, 27 Feb 2025 03:18:27 GMT

GET
H3 200 aerie-1.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 7 KB
8 KB 17ms
12ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/aerie-1.png?resize=735%2C466&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

af5147e593f6a8dc6f6329c4fcbe2f8f512662d1afaf26bc2a3422643bb3f71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7358
x-nc: HIT hhn 4
last-modified: Tue, 12 Dec 2023 21:29:58 GMT
server: nginx
etag: "f074ddc34949c5ba"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/aerie-1.png>; rel="canonical"
expires: Fri, 12 Dec 2025 09:29:58 GMT

GET
H3 200 TikTok-White-126_30.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/09/ 1 KB
2 KB 18ms
13ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/09/TikTok-White-126_30.png?resize=126%2C30&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

1eb63ab6ef15987ab229241ca2fd8da090d9a7d1ee5406fe8118d0acaf9fa386

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1290
x-nc: HIT hhn 3
last-modified: Sat, 16 Sep 2023 13:36:56 GMT
server: nginx
etag: "c2fa6cd75d483d89"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/09/TikTok-White-126_30.png>; rel="canonical"
expires: Tue, 16 Sep 2025 01:36:56 GMT

GET
H3 200 HAF-Logo-Horizontal-2.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 21 KB
21 KB 21ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/HAF-Logo-Horizontal-2.png?resize=824%2C440&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4b7b9c0ddaab33312029946c1a9d7a5fa088e1fcf114cf573721519470b7df47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 21434
x-nc: HIT hhn 2
last-modified: Sat, 01 Oct 2022 14:03:26 GMT
server: nginx
etag: "f3c269e4878fdc14"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/HAF-Logo-Horizontal-2.png>; rel="canonical"
expires: Tue, 01 Oct 2024 02:03:26 GMT

GET
H3 200 Bath-Body-Works-Emblem.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 19 KB
19 KB 22ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Bath-Body-Works-Emblem.png?resize=900%2C506&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

78d82b67110e48b2e2c570a0d3fa10db72edc69e1c42ab271a5b0c8d59f3edf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 19386
x-nc: HIT hhn 1
last-modified: Sat, 01 Oct 2022 14:03:26 GMT
server: nginx
etag: "38e3938bd2161008"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Bath-Body-Works-Emblem.png>; rel="canonical"
expires: Tue, 01 Oct 2024 02:03:26 GMT

GET
H3 200 pg-1.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 27 KB
27 KB 18ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/pg-1.png?resize=838%2C791&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

a6914ac53aa3855febfe548abb43a66d1df9e1272656c8c378074e0680de2398

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 27406
x-nc: HIT hhn 2
last-modified: Sat, 01 Oct 2022 14:03:26 GMT
server: nginx
etag: "6d18b64418dc13fb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/pg-1.png>; rel="canonical"
expires: Tue, 01 Oct 2024 02:03:26 GMT

GET
H3 200 TBF_HorCenter_FullColor.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 19 KB
19 KB 19ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/TBF_HorCenter_FullColor.png?resize=900%2C358&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

42b35aef6cb136d6e11834fb43089610eb13bb7ce0323547d559679615db9c4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 19236
x-nc: HIT hhn 1
last-modified: Wed, 25 Oct 2023 16:51:07 GMT
server: nginx
etag: "ce9d068bdbe6329d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/TBF_HorCenter_FullColor.png>; rel="canonical"
expires: Sat, 25 Oct 2025 04:51:07 GMT

GET
H3 200 converse.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 6 KB
6 KB 25ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/converse.png?resize=1074%2C434&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

24c50da5304d6ce8ec81d988c926f3ebd7dc438489952772052a7c152dcf8756

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5832
x-nc: HIT hhn 2
last-modified: Sat, 01 Oct 2022 14:03:26 GMT
server: nginx
etag: "85547d94693161d1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/converse.png>; rel="canonical"
expires: Tue, 01 Oct 2024 02:03:26 GMT

GET
H3 200 ardene-logo-vector.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 3 KB
4 KB 24ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ardene-logo-vector.png?resize=900%2C500&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5834b33dd181a3cf8d3fd6623b1316bb7a8674ce7327bd5700d2f2d46e01a3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3362
x-nc: HIT hhn 3
last-modified: Tue, 14 Feb 2023 18:05:23 GMT
server: nginx
etag: "cce3f8a26517102f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/ardene-logo-vector.png>; rel="canonical"
expires: Fri, 14 Feb 2025 06:05:23 GMT

GET
H3 200 Banter.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 27 KB
27 KB 26ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Banter.png?resize=2382%2C977&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3ba5387729ccfe1bd125870a2d0d64d7db0b71e7c16403c9700a88b7c5ab344c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 27750
x-nc: HIT hhn 2
last-modified: Wed, 25 Oct 2023 16:51:07 GMT
server: nginx
etag: "3f25aa917fa80a46"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Banter.png>; rel="canonical"
expires: Sat, 25 Oct 2025 04:51:07 GMT

GET
H3 200 Bungie-white-01.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/ 83 KB
84 KB 26ms
22ms Image
image/png 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/Bungie-white-01.png?resize=7200%2C2581&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

9e9eace97f5f8cf4982c875c3cac72f504b1620e0b86d8bec2bf0cb511e05c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
x-bytes-saved: 88408
alt-svc: h3=":443"; ma=86400
content-length: 85460
x-nc: HIT hhn 4
last-modified: Sun, 25 Jun 2023 16:42:38 GMT
server: nginx
etag: "af2590858f79ba59"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/06/Bungie-white-01.png>; rel="canonical"
expires: Wed, 25 Jun 2025 04:42:38 GMT

GET
H3 200 Funko-White-01.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/ 111 KB
111 KB 28ms
24ms Image
image/png 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/Funko-White-01.png?resize=7200%2C3037&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

95e877a86db1f072d5039946c2ff76ea5848d155a6d98df2b34ade6579572e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
x-bytes-saved: 126791
alt-svc: h3=":443"; ma=86400
content-length: 113512
x-nc: HIT hhn 3
last-modified: Mon, 26 Jun 2023 22:17:27 GMT
server: nginx
etag: "a6db81f801934276"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/06/Funko-White-01.png>; rel="canonical"
expires: Thu, 26 Jun 2025 10:17:27 GMT

GET
H3 200 Hulu-Green-digital.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 2 KB
2 KB 29ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Hulu-Green-digital.png?resize=1345%2C541&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4e13d3bd6eb7dc170086f2a756b912a19b009df9d47aef62d0ed5b60a60a93f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2132
x-nc: HIT hhn 4
last-modified: Sat, 01 Oct 2022 14:03:26 GMT
server: nginx
etag: "c8f80a54e7d97b24"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Hulu-Green-digital.png>; rel="canonical"
expires: Tue, 01 Oct 2024 02:03:26 GMT

GET
H3 200 Oribe-White-01.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/ 92 KB
92 KB 34ms
29ms Image
image/png 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/Oribe-White-01.png?resize=7200%2C2719&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

f70f8ae9e901910b342fc2ffeb47668d9f504e4e26a68279d02c72c84035bee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
x-bytes-saved: 78633
alt-svc: h3=":443"; ma=86400
content-length: 94192
x-nc: HIT hhn 4
last-modified: Wed, 25 Oct 2023 16:51:10 GMT
server: nginx
etag: "36ee4960feab486a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/06/Oribe-White-01.png>; rel="canonical"
expires: Sat, 25 Oct 2025 04:51:10 GMT

GET
H3 200 Zenni.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 6 KB
6 KB 31ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Zenni.png?resize=1200%2C627&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

67f7b9d565e432a272c8a087cef5d5bd71a41c4979b2cba3b1e1b8dbe3566388

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5770
x-nc: HIT hhn 4
last-modified: Sat, 01 Oct 2022 14:03:26 GMT
server: nginx
etag: "8a8e0ff42686b1c6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Zenni.png>; rel="canonical"
expires: Tue, 01 Oct 2024 02:03:26 GMT

GET
H3 200 lillypulitzer.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 9 KB
9 KB 31ms
27ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/lillypulitzer.png?resize=658%2C313&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

6d3401e57ca271a7ea8fbba27bc7580c9ac443178ee71976ecdd32db9b517b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8910
x-nc: HIT hhn 1
last-modified: Sat, 01 Oct 2022 14:03:26 GMT
server: nginx
etag: "66626968b4e402dc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/lillypulitzer.png>; rel="canonical"
expires: Tue, 01 Oct 2024 02:03:26 GMT

GET
H3 200 e-l-f.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 5 KB
6 KB 29ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/e-l-f.png?resize=885%2C609&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

8cbb165442212630f1ef3fef9321e086db9d58150abeca635dbe767e1f367bed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5558
x-nc: HIT hhn 1
last-modified: Sat, 07 Oct 2023 10:41:22 GMT
server: nginx
etag: "b9fb15e5b7d91e1e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/e-l-f.png>; rel="canonical"
expires: Mon, 06 Oct 2025 22:41:22 GMT

GET
H3 200 traillerparkgrouop.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 6 KB
7 KB 32ms
28ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/traillerparkgrouop.png?resize=600%2C300&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

4abf322e82c1e642eb0ee166a8dca80581b098c4b6ce21b29610c272e0a20440

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6494
x-nc: HIT hhn 2
last-modified: Sat, 07 Oct 2023 10:41:22 GMT
server: nginx
etag: "d6cc19da2b7da036"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/traillerparkgrouop.png>; rel="canonical"
expires: Mon, 06 Oct 2025 22:41:22 GMT

GET
H3 200 Disney-Theatrical-Group.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 45 KB
45 KB 37ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Disney-Theatrical-Group.png?resize=1200%2C1244&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

db7fb0d2d815f32f28ec22cb27abc0ed6bda4f64f1f4f975d04f5157df92176f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 45582
x-nc: HIT hhn 4
last-modified: Sat, 01 Oct 2022 14:03:26 GMT
server: nginx
etag: "a197db72a138b1f5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Disney-Theatrical-Group.png>; rel="canonical"
expires: Tue, 01 Oct 2024 02:03:26 GMT

GET
H3 200 statefarmcompaniesfoundation.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 8 KB
9 KB 37ms
34ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/statefarmcompaniesfoundation.png?resize=600%2C300&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

c4f3e54234d954492686d0c340031058d44f93a5dc2b75d565a40c08da36ce1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8580
x-nc: HIT hhn 3
last-modified: Sat, 01 Oct 2022 14:03:26 GMT
server: nginx
etag: "a4d3cf43e6879fe5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/statefarmcompaniesfoundation.png>; rel="canonical"
expires: Tue, 01 Oct 2024 02:03:26 GMT

GET
H3 200 ChapStick-Logo.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 14 KB
15 KB 38ms
34ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ChapStick-Logo.png?resize=900%2C563&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

9ed9e6f1a0e7db46c951859be33131dee436a1e0405021ddf76a814f23b8a3eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 14728
x-nc: HIT hhn 2
last-modified: Sat, 07 Oct 2023 10:41:22 GMT
server: nginx
etag: "0f0dec5ff2ba9109"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/ChapStick-Logo.png>; rel="canonical"
expires: Mon, 06 Oct 2025 22:41:22 GMT

GET
H3 200 Gant-white-01.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/ 30 KB
31 KB 44ms
40ms Image
image/png 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/Gant-white-01.png?resize=6101%2C1547&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

15794828b4a570d8200f86adc3c07657f6939022d2120f31ba031de2af5421db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
x-bytes-saved: 43436
alt-svc: h3=":443"; ma=86400
content-length: 30953
x-nc: HIT hhn 1
last-modified: Mon, 26 Jun 2023 22:17:26 GMT
server: nginx
etag: "e448a08eeb30152c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/06/Gant-white-01.png>; rel="canonical"
expires: Thu, 26 Jun 2025 10:17:26 GMT

GET
H3 200 Salt-Lime_Logo_White-350w.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 16 KB
16 KB 46ms
42ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Salt-Lime_Logo_White-350w.png?resize=350%2C154&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

8a7e706df924c35378447275d51e61208da84b4280763fed7da27cc70934ffed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 15964
x-nc: HIT hhn 4
last-modified: Fri, 30 Sep 2022 11:02:09 GMT
server: nginx
etag: "e8731d040e27d1cc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Salt-Lime_Logo_White-350w.png>; rel="canonical"
expires: Sun, 29 Sep 2024 23:02:09 GMT

GET
H3 200 Redken-2021-Logo-WH.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/10/ 24 KB
24 KB 39ms
35ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/10/Redken-2021-Logo-WH.png?resize=3807%2C1009&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

79ea29e7ff6a116e3c2d983d73f94e30798465011dcf5a2bb2814303374a98ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 24112
x-nc: HIT hhn 4
last-modified: Fri, 28 Oct 2022 09:25:33 GMT
server: nginx
etag: "d6e09fd93a15a24d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/10/Redken-2021-Logo-WH.png>; rel="canonical"
expires: Sun, 27 Oct 2024 21:25:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6026 15 KB
15 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 180297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Dec 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6026 15 KB
15 KB 28ms
28ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 275426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 21:01:27 GMT

GET
H2 200 hotjar-2965374.js Show response
static.hotjar.com/c/ 10 KB
5 KB 103ms
41ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2965374.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5QWJNP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

9f16cb5e1a914039eb9fb00068f5e612b1f5d4be87d04cee88fbe1c827ad33a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:53 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/8a7ae350f5c6afcfc24307a376141897
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: HhIH5nfj8-A_cTpatc99Nb0io-8ICMufnuYmD1y48dTUKl1dr_GPgA==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 102ms
101ms Script
application/javascript 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BUVFAJTD82FVM3BDSISG&lib=ttq
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 16e5e97e660fac33acfb007f46f668c9ca947d89c73e100fe4a5f91f3d5133db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 3d438104.1df595df
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312170131530724821726B43AE46B10-601FB804CA0C0AF4-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 91,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=8, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202312170131530724821726B43AE46B10
x-cache-remote: TCP_MISS from a23-220-106-7.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.106.7
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72ade06c3170b88d3eb3644efd164c281c63de26a3314a87b6ccdec9663abf417397500b6f84ed3d4c8629a1b48afbdf85f532d01466d758d05246915527a8879745ff26df86ab88f0a954135650bb517b4b22de4551a582c5bdb56b3ceb197e717c6
expires: Sun, 17 Dec 2023 01:31:53 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 18 KB
7 KB 137ms
100ms Script
text/javascript 35.156.217.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.156.217.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-217-216.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c401b382447a3cc9927a0a47d018c03c540df4d451d6967089a1bf97d95ed1a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 01:31:53 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 adsct
t.co/1/i/ 43 B
94 B 112ms
108ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=3d51fc2a-0b18-4fbe-80ad-47b0786f15e4&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c241cee2-d1de-4c35-9d56-2e134ce7e6a0&tw_document_href=https%3A%2F%2Fitgetsbetter.org%2F&tw_iframe_status=0&txn_id=o4zya&type=javascript&version=2.3.29

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 102
date: Sun, 17 Dec 2023 01:31:53 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c138da665a19d132
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 0c44855690e303e4f31b2faaa9a9501b3f56846968457cf19e1872a3018dc059
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
446 B 113ms
109ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=3d51fc2a-0b18-4fbe-80ad-47b0786f15e4&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c241cee2-d1de-4c35-9d56-2e134ce7e6a0&tw_document_href=https%3A%2F%2Fitgetsbetter.org%2F&tw_iframe_status=0&txn_id=o4zya&type=javascript&version=2.3.29

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 103
date: Sun, 17 Dec 2023 01:31:52 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 24fcc02ad05372ab
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: fe65957a8bfbbdcba92acebe89b7caf251bfce88731b67a3f5f5e4d8e0a9e6d8
content-length: 43

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
837 B 119ms
118ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3a04a87c.1df595e8
date: Sun, 17 Dec 2023 01:31:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121701315314B93EEB28059871AB2C-5977238255A1650A-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 104,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=18, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023121701315314B93EEB28059871AB2C
x-cache-remote: TCP_MISS from a23-220-106-9.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 18,23.220.106.9
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72ade06c3170b88d3eb3644efd164c281c63d50ea38f975e0f2fe398eff7946d04561bf2195a81c20022da4a6058090153ab0b63e5315b727c6d6caedb3ee14a84a92879642f0e85c682a842ccfc10eae8eba19882b4fd225be833a2d0d63a062ebb2
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:53 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
840 B 121ms
121ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3a07421f.1df595e9
date: Sun, 17 Dec 2023 01:31:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312170131533F1F26EC22DFB4BA9373-513F54716AB5B4C7-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 106,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=22, inner; dur=18
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312170131533F1F26EC22DFB4BA9373
x-cache-remote: TCP_MISS from a23-220-106-9.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.220.106.9
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72ade06c3170b88d3eb3644efd164c281c63d50ea38f975e0f2fe398eff7946d04561f87c783ee2903d548c21e44ad540f35c2b1258941a5e5048f8922d657dc0f92c20f9ea036855f05ad09d796c40c554165825932f7e122335a3d2c61697072b86
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:53 GMT

GET
H2 200 50f8e197-c76c-447a-9833-230403118d24.js Show response
tr.snapchat.com/config/org/ 167 B
435 B 54ms
20ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/org/50f8e197-c76c-447a-9833-230403118d24.js?v=3.7.2-2312071952

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

0c1e77e2386d57fba1e4ff9b819788731310871bc158a3588394fd5159745948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://itgetsbetter.org/
Origin: https://itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://itgetsbetter.org
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame BFC7 0
201 B 55ms
23ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=50f8e197-c76c-447a-9833-230403118d24&u_scsid=e9bcd085-6e36-46e1-a537-bcf0423771da&u_sclid=58b971b5-e03f-43af-99aa-4d5c44ee97c0

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 17 Dec 2023 01:31:53 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 d4566af6-6002-4a1a-b903-6200b4a730fc.js Show response
tr.snapchat.com/config/org/ 178 B
236 B 53ms
22ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/org/d4566af6-6002-4a1a-b903-6200b4a730fc.js?v=3.7.2-2312071952

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

62663a137b91122c393c3039e9add966df8fa484bdbde7a7ae6687583447410e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://itgetsbetter.org/
Origin: https://itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://itgetsbetter.org
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 17A3 0
43 B 54ms
24ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=d4566af6-6002-4a1a-b903-6200b4a730fc&u_scsid=e9bcd085-6e36-46e1-a537-bcf0423771da&u_sclid=58b971b5-e03f-43af-99aa-4d5c44ee97c0

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 17 Dec 2023 01:31:53 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ 68 B
263 B 56ms
25ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=50f8e197-c76c-447a-9833-230403118d24&ev=PAGE_VIEW&u_c1=cf209d6c-3e77-438e-99e0-3c2f2c04d215&u_sclid=58b971b5-e03f-43af-99aa-4d5c44ee97c0&u_scsid=e9bcd085-6e36-46e1-a537-bcf0423771da&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=0&m_pi=3321&m_pl=0&m_pv=2&m_rd=3353&m_sh=1200&m_sl=447&m_sw=1600&pl=https%3A%2F%2Fitgetsbetter.org%2F&trackId=917415a6-46d6-4a75-9021-3357e3e0fc52&ts=1702776713699&v=3.7.2-2312071952

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 p
tr.snapchat.com/ 68 B
297 B 54ms
24ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=d4566af6-6002-4a1a-b903-6200b4a730fc&ev=PAGE_VIEW&intg=gtm&pids=d4566af6-6002-4a1a-b903-6200b4a730fc&u_c1=cf209d6c-3e77-438e-99e0-3c2f2c04d215&u_sclid=58b971b5-e03f-43af-99aa-4d5c44ee97c0&u_scsid=e9bcd085-6e36-46e1-a537-bcf0423771da&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=0&m_pi=3321&m_pl=0&m_pv=2&m_rd=3355&m_sh=1200&m_sl=447&m_sw=1600&pl=https%3A%2F%2Fitgetsbetter.org%2F&trackId=0e7aa599-08b9-4a03-bef1-2d421eae9f32&ts=1702776713700&v=3.7.2-2312071952

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 206 IGB_Video_Faces_compressed.mp4
itgetsbetter.org/wp-content/uploads/2021/05/ 41 KB
41 KB 167ms
167ms Media
video/mp4 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/uploads/2021/05/IGB_Video_Faces_compressed.mp4

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

17b408dfaca06b735d6b006ea17fefd0dd6c8aa8c4b11da4863d0317d5c16bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itgetsbetter.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=6684672-

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
last-modified: Fri, 21 May 2021 15:57:57 GMT
server: nginx
etag: "60a7d885-66a3a1"
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 6684672-6726560/6726561
Content-Length: 41889

GET
H3 200 1725067124456859 Show response
connect.facebook.net/signals/config/ 141 KB
36 KB 100ms
100ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1725067124456859?v=2.9.138&r=stable&domain=itgetsbetter.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52d44a082218e83c1ca1cd1eba9515f9b89a9f931deee158a29e3c9f9959e91a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 17 Dec 2023 01:31:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: kqQrUWBOWo6dRpuwFyPOus18DyiFytZYef1PktOHIiLxpFthJ+y9rHS0HUY8FWW2UNkf39KXknmbsmpP44BHjg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 28ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=716750585601397&ev=PageView&dl=https%3A%2F%2Fitgetsbetter.org%2F&rl=&if=false&ts=1702776713738&cd[source]=woocommerce&cd[version]=8.4.0&cd[pluginVersion]=3.1.5&sw=1600&sh=1200&v=2.9.138&r=stable&a=woocommerce-8.4.0-3.1.5&ec=0&o=4126&fbp=fb.1.1702776713737.1607597365&cs_est=true&ler=empty&it=1702776713591&coo=false&rqm=GET

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 17 Dec 2023 01:31:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6026
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

21ms
21ms

XHR
application/json

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8c060b7c9da431891f0a1473f91f55718a85d7228063dec56a626507f7c9cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 17 Dec 2023 01:31:53 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6026 29 B
495 B 48ms
13ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:21:11 GMT
x-content-type-options: nosniff
age: 642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Dec 2023 01:36:11 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 56ms
22ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 17 Dec 2023 01:31:53 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6026 87 KB
40 KB 32ms
30ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1951eab5e4c010d98562c6425faf813ca2e0b44e1483e293c12499208574dd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40814
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/ Frame 6026 116 KB
33 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d065099ccf0a0a61ade77c45457a9064ce7566f1bd58306608e3caad1ba15c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 00:33:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33540
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 16 Dec 2024 00:33:36 GMT

GET
H2 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame 6026 50 KB
20 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 13:56:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Dec 2024 13:56:43 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/bwkUX98fktI/ Frame 6026 52 KB
53 KB 79ms
23ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/bwkUX98fktI/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6e45edbffa2dc7f2134e257a1fc88cb79790a78672e220695b6975c5f2b1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:36:14 GMT
x-content-type-options: nosniff
age: 6939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53703
x-xss-protection: 0
server: sffe
etag: "1700661260"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 17 Dec 2023 01:36:14 GMT

GET
DATA 200
OK truncated
/ Frame 6026 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 q0UjM00bG58UIHhs7oUaOU6GdlCIFmHxap8aGI_2tnDkNNcvmWHjPGxVmxKAxPOxLJGx9UR4=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 6026 3 KB
3 KB 48ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/q0UjM00bG58UIHhs7oUaOU6GdlCIFmHxap8aGI_2tnDkNNcvmWHjPGxVmxKAxPOxLJGx9UR4=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c9a9b73b35b559533ae8c80db712ac4b69268fea5aece862b51969b65f316630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 22:51:19 GMT
x-content-type-options: nosniff
age: 9634
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2882
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:51:19 GMT

GET
H2 200 modules.f8398e1fcf749800c3fc.js Show response
script.hotjar.com/ 220 KB
55 KB 84ms
24ms Script
application/javascript 65.9.95.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2965374.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-80.prg50.r.cloudfront.net

Software

Resource Hash

fc1f36d89ddb377187edd50e7e1cbb9511baa256f6c57711f02601edab716361

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 12:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 221327
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55732
last-modified: Thu, 14 Dec 2023 12:02:27 GMT
etag: "ce5f5f2327c7562166cfcaad455b7a17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -hNNIiOnNLWUO4-nd40IiNeCDKDt5_i3XFL_goFl6kB3LhJU1tpHTw==

GET
H2 200 main.MTdjYzNiZDU2NA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 432 KB
112 KB 12ms
11ms Script
application/javascript 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BUVFAJTD82FVM3BDSISG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f0fc7af60b98a57cccf7d5d7ea6e10f640db6f7553fb131e991b120dd6a62e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id: 1df59632
date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023110907314746BDC5EB6423DDDCE162
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018fc3cb793aba0f73f0ffb74ebc8a86cb2ac8f7dd8f3005f102b609684329cb76441a0d1bf91365e1d9c35ad025e84b2afd17ed92e97b271d4aef07883d9e30e39100154c19d2745ba39fcfde9b4484ab904f7470e43330993240dbf78da2a9fe
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=16
content-length: 114263

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
842 B 146ms
145ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 87f6d638.1df59635
date: Sun, 17 Dec 2023 01:31:54 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-23121701315333772D685AF854D9F10E-6044EC2B5C2D9D4E-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 127,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=42, inner; dur=38
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023121701315333772D685AF854D9F10E
x-cache-remote: TCP_MISS from a23-48-100-142.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 42,23.48.100.142
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72adebd96bc584317333dbebbba779a7aab95e8b5718f90ebef207f0feda206ecd63f65d78eeac955f1db50fe2fd09bb883d153a130e9e170b1e78e7368378587d95d306c0f34a25520c6403b30b9cca938bbe9794aabcb32a109e8fc438e46d2e224
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:54 GMT

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 100ms
99ms Stylesheet
text/css 35.156.217.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.156.217.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-217-216.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: df8e73db73fe59b1404a69ee2f3b41da9423e4185fdc6752b8db3f9e44689b62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 01:31:53 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 115ms
99ms Fetch
image/jpeg 35.156.217.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.156.217.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-217-216.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 01:31:53 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 206 IGB_Video_Faces_compressed.mp4
itgetsbetter.org/wp-content/uploads/2021/05/ 3 MB
0 236ms
236ms Media
video/mp4 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/uploads/2021/05/IGB_Video_Faces_compressed.mp4

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itgetsbetter.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=65536-

Response headers

date: Sun, 17 Dec 2023 01:31:54 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
last-modified: Fri, 21 May 2021 15:57:57 GMT
server: nginx
etag: "60a7d885-66a3a1"
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 65536-6726560/6726561
Content-Length: 6661025

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 9ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1725067124456859&ev=PageView&dl=https%3A%2F%2Fitgetsbetter.org%2F&rl=&if=false&ts=1702776713893&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1702776713737.1607597365&cs_est=true&ler=empty&it=1702776713591&coo=false&rqm=GET

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 17 Dec 2023 01:31:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6026 90 B
134 B 24ms
23ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

095da7dec9d6b776685a93d027a4054dfe345783a6c9d040f926cb1d4230fef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 6026 4 KB
2 KB 91ms
21ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Dec 2023 01:31:54 GMT

POST
H2 200 p
tr6.snapchat.com/ 0
42 B 22ms
21ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 6026 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?gkHkwQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 20ms
20ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 17 Dec 2023 01:31:53 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 204 2965374 Show response
vc.hotjar.io/sessions/ 0
258 B 133ms
59ms XHR
text/plain 65.9.95.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2965374?s=0.25&r=0.21058830757452052
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-68.prg50.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:54 GMT
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: WkIoY64XxZ0jQiASTAuBm4GMnY_WGwp1vcy6x1TuC9Hv4o2g9hY-Og==

GET
H2 200 preact-incoming-feedback.c20c19b1cc6c85b5d8d1.js Show response
script.hotjar.com/ 190 KB
42 KB 25ms
25ms Script
application/javascript 65.9.95.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/preact-incoming-feedback.c20c19b1cc6c85b5d8d1.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-80.prg50.r.cloudfront.net

Software

Resource Hash

68947e9ddb590b11f6c1250e1080ff031fb91fddae5b9d41eb307a20ae306e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2106287
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 42783
last-modified: Wed, 22 Nov 2023 16:26:24 GMT
etag: "238d00d7f9c895e9f37ab6355e0076c2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: cOzA60S53fu2GGGMD_2C92iwg8FH_pQz9ce4DWDOXv1MQBTKUPeE1w==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 800ms
692ms XHR
application/json 54.75.201.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.75.201.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-201-254.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 48a92fbd0fa61304b08a4455567b91cc7c3a000adac1df1235539a59ee14f4db

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 01:31:54 GMT
content-length: 56
vary: Origin
content-type: application/json

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
840 B 124ms
124ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 27f46e41.1df59676
date: Sun, 17 Dec 2023 01:31:54 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312170131540AABC318B45910AA2276-4042109B60CC5BEC-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 108,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=22, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312170131540AABC318B45910AA2276
x-cache-remote: TCP_MISS from a23-220-106-26.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.220.106.26
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72ade06c3170b88d3eb3644efd164c281c63d3e35c0d0f39bd8e090e39b3b191f4ac6feeb225e856ad6af296009db5de9fbdb82f2c21715cfa2c65dafb94099f64e570f9023a3164bfe331dbe75b7187fee7df5fbda56a0e16de0ca798046298e6aa8
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:54 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
843 B 295ms
294ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 14f5cda9.1df5967d
date: Sun, 17 Dec 2023 01:31:54 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231217013154EAEF2C044A4C3580A8BC-58257AFB57565DF9-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 278,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=169, origin; dur=113, inner; dur=100
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231217013154EAEF2C044A4C3580A8BC
x-cache-remote: TCP_MISS from a23-220-106-27.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 114,23.220.106.27
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72ade06c3170b88d3eb3644efd164c281c63d6baea1313f2ea8e4fe4e8f1040953ca9c8931c0f33e15af075d3d377d1be7c2d63e66f9b608dd45507caffed43203072e4ea88dc393b3544d5e2686e480ceac5f00a444da23cd2ec6bd49923a20096c5
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:54 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
840 B 184ms
183ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 14f3e8a4.1df5967e
date: Sun, 17 Dec 2023 01:31:54 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231217013154972461BE2FA396C2DCF4-148794E25C6C19A6-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 169,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=141, origin; dur=33, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231217013154972461BE2FA396C2DCF4
x-cache-remote: TCP_MISS from a23-220-106-27.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,23.220.106.27
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72ade06c3170b88d3eb3644efd164c281c63d6baea1313f2ea8e4fe4e8f1040953ca97602efc233fcc0f2ecd89db9f279054b018c759b2750fa21ef187cb3c8cb8ecaf1959809c84cebd422223ee4e294e01cdfe630cd1ce77a8634ef124ad35f72d7
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:54 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
842 B 109ms
109ms Ping
text/plain 23.38.98.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2NA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-10.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4b2d14a3.1df5967f
date: Sun, 17 Dec 2023 01:31:54 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231217013154F6CF6C3867DD087CDB1B-6731DA68971970FD-00
x-cache: TCP_MISS from a23-38-99-74.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 94,23.38.99.74
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231217013154F6CF6C3867DD087CDB1B
x-cache-remote: TCP_MISS from a23-48-100-144.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.48.100.144
x-tt-trace-host: 01acd59ebe759e6dbc16d0040fe0c72adebd96bc584317333dbebbba779a7aab9509f0789b92591c2195eb7b8360b8e44bc4b4ac7bfb3d423c0bdc9aaea8f229ee805257be55521687647623496ae677c58a08eda256eee9dafdbc38d38118b97593a9ba7067938d52ce144798e563c70e
access-control-allow-headers: Authorization,*
expires: Sun, 17 Dec 2023 01:31:54 GMT

GET
H2 200 / Show response
give.itgetsbetter.org/give/533919/ Frame 5FD5 98 KB
30 KB 876ms
824ms Document
text/html 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/give/533919/

Requested by

Host: sdk.classy.org
URL: https://sdk.classy.org/embedded-giving.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aa517d72eeb79b4e27d82c8a44cfec0868dfbb4d310935a55201149c80184f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://itgetsbetter.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 836b68bf6b7518f9-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://itgetsbetter.org;
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 01:31:54 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 6026 50 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 18:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 17 Dec 2023 18:32:23 GMT

POST
H2 200 p
tr.snapchat.com/ 0
92 B 24ms
23ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://itgetsbetter.org
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
332 B 100ms
100ms XHR
text/plain 35.156.217.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=vbAHM54TrwEXEvlzEW2ZCA&is_js=true&landing_url=https%3A%2F%2Fitgetsbetter.org%2F&t=It%20Gets%20Better%20%E2%80%93%20The%20It%20Gets%20Better%20Project%20exists%20to%20uplift%2C%20empower%2C%20and%20connect%20LGBTQ%2B%20youth%20around%20the%20globe.&tip=bmSfUMOjYPl-Rr52dcvPlp63OtF3MhHq4rp2lpUPUt8&host=https%3A%2F%2Fitgetsbetter.org&sa_conv_data_css_value=%270-1d95751e-d66f-534a-459e-51d7fa771e41%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd91d95751ed66f534a459e51d7fa771e41253a3905&sa-user-id-v3=s%253AAQAKINpRRmY3aqtA8uDzcbZJU5LOpnkBzGbXgGi365e3PO-0EHwYBCCJn_mrBjABOgQ8w7t9QgRm6V8s.3kYL8MgJMcey9aRKBJj47IngFRC03KSDPRY329jYYwg&sa-user-id-v2=s%253AHZV1HtZvU0pFnlHX-nceQSU6OQU.H6KH5ddnc0Nv0uJbunNPWOzX8d2E2uQVrRsi3z3Cde4&sa-user-id=s%253A0-1d95751e-d66f-534a-459e-51d7fa771e41.cMFzBedj5f4fr35X60oylJxbv1eDnfIQU8%252BaBclgNsI
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.156.217.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-217-216.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b34ec350f6dc9a300482363eb65082d9974412ff9db7ee4a53b49e1999045297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://itgetsbetter.org
date: Sun, 17 Dec 2023 01:31:54 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 138
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK track.gif
secure.gaug.es/ 35 B
389 B 108ms
107ms Image
image/gif 54.147.159.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.gaug.es/track.gif?h[site_id]=59c13db07218b57f54165674&h[resource]=https%3A%2F%2Fitgetsbetter.org%2F&h[referrer]=&h[title]=It%20Gets%20Better%20%E2%80%93%20The%20It%20Gets%20Better%20Project%20exists%20to%20uplift%2C%20empower%2C%20and%20connect%20LGBTQ%2B%20youth%20around%20the%20globe.&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1702776714203

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.159.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-159-60.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Dec 2023 01:31:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 17 Dec 2023 01:31:54 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, private
Connection: keep-alive
Content-Length: 35
Expires: Sat, 25 Nov 2000 05:00:00 GMT

GET woocommerce-layout.css
c0.wp.com/p/woocommerce/8.4.0/assets/css/ 0
0

GET
H2 200 main.css
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/ Frame 5FD5 1 MB
146 KB 37ms
28ms Stylesheet
text/css 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css

Requested by

Host: give.itgetsbetter.org
URL: https://give.itgetsbetter.org/give/533919/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd3d080b3efdafd916a7f950f339082a53a3832f3d9d13577b0664abeec587a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ZSC49CZ0HDW4RN80
age: 2180
cf-polished: origSize=1156430
x-amz-server-side-encryption: AES256
x-amz-id-2: rAsV7FXtvAgminjo7HV5EK9L1h4tuyKx3uvDq/zYlwAKXznfhYx2iB+L2kgKg1jIBf0igcW+ZrM=
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 22:05:11 GMT
server: cloudflare
etag: W/"0ceb9eeb4ac62d24b00d120740a22187"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 836b68c52c469188-FRA

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 5FD5 131 KB
45 KB 106ms
41ms Script
application/javascript 2600:9000:2127:b400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: give.itgetsbetter.org
URL: https://give.itgetsbetter.org/give/533919/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:b400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

76164d9d399c8baca4656cd791982fdbd043413f39cf1a56c2d36c12ceb0b7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:55 GMT
content-encoding: br
via: 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: PRG50-C1
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: cRpjS-97a8Vx_EpkkMlGaMws1vz2fwFpLVLSaGjgKNqXq1cVZMXI-g==
x-xss-protection: 1; mode=block

GET
H2 200 rocket-loader.min.js Show response
give.itgetsbetter.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 5FD5 12 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: give.itgetsbetter.org
URL: https://give.itgetsbetter.org/give/533919/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/give/533919/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 08 Dec 2023 17:59:01 GMT
server: cloudflare
content-encoding: gzip
etag: W/"65735965-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 836b68c57f0218f9-FRA
expires: Tue, 19 Dec 2023 01:31:55 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 5FD5 20 KB
7 KB 54ms
34ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: give.itgetsbetter.org
URL: https://give.itgetsbetter.org/give/533919/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://give.itgetsbetter.org/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:55 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 836b68c5df4f0476-FRA

GET
H2 200 xdi.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 5FD5 26 KB
12 KB 80ms
36ms Script
text/javascript 2600:9000:2127:b400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/xdi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:b400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9669a10126dc3af0dfb585a7d1f1359638262289968aa7c202ad70de3371f073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.itgetsbetter.org/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 2HwkiXQectHLaswMS7GXtsj7Fj29XM2H
content-encoding: gzip
via: 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
date: Sat, 16 Dec 2023 04:06:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: PRG50-C1
age: 77127
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"00c3b072683167edc19c510fffec8e50-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: GfKzpZYb567tleXsig9OqSV3WC76mnnow9pVHlx_FF_T-lAnyO1NLA==

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 5FD5 267 KB
73 KB 75ms
36ms Script
text/javascript 2600:9000:2127:b400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:b400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.itgetsbetter.org/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: pGLiXkBTZEwR1GE0xA6XjctsUE08zxMZ
content-encoding: br
via: 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
date: Sat, 16 Dec 2023 03:57:42 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: PRG50-C1
age: 77654
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fc84468acd1aa46963b34967f73979cb-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: jg0K2pe-JUEVefZYPhUQrUXQSoPk6PzDbayM3eKHmDp1xMgq4JE5-g==

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ Frame 5FD5 19 KB
5 KB 512ms
125ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:55 GMT
last-modified: Tue, 28 Nov 2023 19:37:14 GMT
etag: "051a3493222da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4905
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ Frame 5FD5 7 KB
3 KB 39ms
20ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:55 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1451378
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGFE8V93AKXXPZHBBRY97DSM-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 836b68c63e811e20-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/donation/ Frame 5FD5 184 KB
38 KB 25ms
24ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3073bd17061938f0b03a1cda1ed31d8e0f4ac3c5003ad3b38d9c7e2e837eb81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:11 GMT
server: cloudflare
x-amz-request-id: ZSC8Z620HRCSSKKS
age: 2129
etag: W/"2d306c8b40756deed670707bd257d4cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 836b68c62cc39188-FRA
x-amz-id-2: 0BMchr6iOwVEt8GYILVytDRe+Qea5YdgkHr5qbdOMp4cy8esjx55NP28FySoFW4KA/8r71rIsrQ=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/ Frame 5FD5 2 MB
388 KB 38ms
37ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24461e8609af6616b65acb3145728531e2470e8f3fef3373f8764cee4ff3d500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: ZSC9BYC50QE016HQ
age: 2239
etag: W/"9e8f84ac4daf7d759d927320005908c6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 836b68c62cc49188-FRA
x-amz-id-2: b4DcclNEQSgXl1f3jxHmZwNVdGP63JX3Srgj1LnxnvZFXfzOe9XwCwzgm7iwcwX+ChLf3uEteR0=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/ Frame 5FD5 1 MB
429 KB 42ms
41ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: ZSCCQNK7CJ8GEZA0
age: 2239
etag: W/"89ff3b468454fac32729fc74e3c9be17"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 836b68c62cc69188-FRA
x-amz-id-2: Aa7tn+YWECD5sO7HO8yujTD9u2juEsdoW05FkWOaSpfR+bsVirSNSWbudhknzGq9tGaU4RfXEAo=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame 5FD5 142 KB
43 KB 98ms
40ms Script
application/javascript 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2bcc6d8a3ce5d6635877ac053cb215645bfa74d86a1f3fea14d37864d4227347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: QwKKEDQUXTf_0Lw2b0ETSEUhVQsrd9qP
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
date: Sat, 16 Dec 2023 21:46:16 GMT
x-amz-request-id: P9PXQBSQMK6TYZZA
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
age: 13834
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: MlqErZ+fRMRWtcakt+p8yHQaW4xK2i5MYnZTeRQGQnZKwpyxYLCW2bq/beMmoHLmR4OaZ+PT35U=
last-modified: Thu, 14 Dec 2023 21:27:54 GMT
server: AmazonS3
etag: W/"87214bba3b022f3f15308b3c46127b42"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: UlwU47f8dtloCyv0by2xVCkNeO0qSBm7NxLCApakLrIxvY2cqz70Ow==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 5FD5 578 KB
161 KB 92ms
33ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3cf22b9a3c15bf0e20e085ed0b039686cfae3b53e4ca7d1bee1ef843aa1e98fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:55 GMT
via: 1.1 varnish
age: 6
x-cache: HIT
content-length: 164157
x-request-id: 783ae36a-955b-421c-b8db-5d0f30aeb3b1
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Sat, 16 Dec 2023 02:18:22 GMT
server: Fastly
etag: "758c8e94d5e04bf5f7c0956975acd740"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 5FD5 15 KB
4 KB 23ms
23ms Stylesheet
text/css 2600:9000:2127:b400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:b400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: JWSMp_NTaRFeSeqpmxFPkel0LiL4cMwY
content-encoding: gzip
via: 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
date: Sat, 16 Dec 2023 01:49:14 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: PRG50-C1
age: 85362
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fb3f2afd9f46893bb196329ab90276a6-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: 1AbAxGYxbQZQackYydAuafO8MgTWmn3-Adj7yreA_BvNIKBY5H9vRA==

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ Frame 5FD5 8 KB
2 KB 40ms
40ms Fetch
application/json 2600:9000:2127:b400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:b400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: Pw3hE5sAYQ0kvHESktDQjUKbfeKteOb6
content-encoding: gzip
via: 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
date: Sat, 16 Dec 2023 05:35:00 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: PRG50-C1
age: 71816
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"ecabc5423541bd640b7f7a45cb696671-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: 5W37XrK9b5WtCQ6ZP9wRuIybFzf93ACBADahGbyvXC56KhYbaHa4sg==

GET
H2 200 sdk.js Show response
give.itgetsbetter.org/sso/ Frame 5FD5 26 KB
7 KB 490ms
490ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/give/533919/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 16 Dec 2023 23:00:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 836b68c7990c18f9-FRA
expires: Sun, 17 Dec 2023 01:51:55 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 2220 200 B
818 B 9ms
9ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3365669
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 01:31:55 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 596533
x-content-type-options: nosniff
x-request-id: d4520285-929b-4693-9dad-d4a2d1db5f1a
x-served-by: cache-fra-eddf8230080-FRA

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame 5FD5 993 B
518 B 43ms
43ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98b7d90beeaf2d2944f47d2c001be5d943d1b6306bbf7dc27c240e092ed8544d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 17 Dec 2023 01:31:55 GMT

POST
H2 204 rum Show response
give.itgetsbetter.org/cdn-cgi/ Frame 5FD5 0
146 B 12ms
11ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-ebebe2ca6b1a1070----1702776715864
traceparent: 00-3d2b48843430f0670f7f11e83ff5aee0-ebebe2ca6b1a1070-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlYmViZTJjYTZiMWExMDcwIiwidHIiOiIzZDJiNDg4NDM0MzBmMDY3MGY3ZjExZTgzZmY1YWVlMCIsInRpIjoxNzAyNzc2NzE1ODY0fX0=
content-type: application/json
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Sun, 17 Dec 2023 01:31:55 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give.itgetsbetter.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 836b68ca2b1f18f9-FRA

GET
H2 200 tax-entities Show response
give.itgetsbetter.org/frs-api/organizations/63630/ Frame 5FD5 629 B
1 KB 455ms
455ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/frs-api/organizations/63630/tax-entities

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27e896d440c77cd698ac77e0a62aae776c5ad104b3f8df59f5896b88b3b43a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: bgY4guKI-peqgkpZL7WKpLcReEp4HABwzgH0
tracestate: 423787@nr=0-1-423787-363751183-2d41daffd8735e00----1702776715887
traceparent: 00-dd03900cb7aacd22f07e3f570d1e0740-2d41daffd8735e00-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyZDQxZGFmZmQ4NzM1ZTAwIiwidHIiOiJkZDAzOTAwY2I3YWFjZDIyZjA3ZTNmNTcwZDFlMDc0MCIsInRpIjoxNzAyNzc2NzE1ODg3fX0=
Accept: application/json, text/plain, */*
csrf-token: bgY4guKI-peqgkpZL7WKpLcReEp4HABwzgH0
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"275-t6zTU+ZUcNC5gskLBXhqsilb3Qs"
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=RA5CsFCIJc6cBV.exnoN8D9izTVbeW3gpyiU2_SJqsU-1702776716-1-ASnKl-tbVCZy6SRxjbeGESnpR0mGu3oim4O2zeFsdljvDwtRmhPohg0mMukGS_yh1UP-nR90n-wsW5iRhIwo5c7riJVbjH2_UPCMtqwzEsgdAyONf0BAxcPMnGgdangL0e5DpHNzs1TjwRCUrcMqlSBvdYzccjN3DEG89TnvaKA4; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=RA5CsFCIJc6cBV.exnoN8D9izTVbeW3gpyiU2_SJqsU-1702776716-1-ASnKl-tbVCZy6SRxjbeGESnpR0mGu3oim4O2zeFsdljvDwtRmhPohg0mMukGS_yh1UP-nR90n-wsW5iRhIwo5c7riJVbjH2_UPCMtqwzEsgdAyONf0BAxcPMnGgdangL0e5DpHNzs1TjwRCUrcMqlSBvdYzccjN3DEG89TnvaKA4"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 836b68ca4b2918f9-FRA

GET
H2 200 currency-conversions Show response
give.itgetsbetter.org/frs-api/i18n/ Frame 5FD5 75 B
199 B 411ms
410ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191fa9ea3f4c7d34cc2896ee6b7bd75db47a9f0e13e4e4929280f40a747aa09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: bgY4guKI-peqgkpZL7WKpLcReEp4HABwzgH0
tracestate: 423787@nr=0-1-423787-363751183-e10f3d17342597e0----1702776715979
traceparent: 00-9b0a942e98e60ce60e0bd26918f2f470-e10f3d17342597e0-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlMTBmM2QxNzM0MjU5N2UwIiwidHIiOiI5YjBhOTQyZTk4ZTYwY2U2MGUwYmQyNjkxOGYyZjQ3MCIsInRpIjoxNzAyNzc2NzE1OTc5fX0=
Accept: application/json, text/plain, */*
csrf-token: bgY4guKI-peqgkpZL7WKpLcReEp4HABwzgH0
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-qqa94v6PfkCvzfBtUZIQ4H0nHcQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 836b68caeba318f9-FRA

GET
H2 200 plaid Show response
pay.classy.org/token/ Frame 5FD5 88 B
691 B 426ms
383ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=12247&currency=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: f563b8b4-c1c9-4c63-9b5c-c1d5210a8e6f
cf-ray: 836b68cb3ec19b8c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 user-icon.png
give.itgetsbetter.org/static/global/images/ Frame 5FD5 2 KB
2 KB 36ms
34ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.itgetsbetter.org/static/global/images/user-icon.png

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/give/533919/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 1475479
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Thu, 23 Nov 2023 00:06:14 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "655e9776-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 836b68cafbb418f9-FRA
expires: Thu, 28 Nov 2024 23:40:37 GMT

GET
H2 200 embedded-giving-logo-visa.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 5FD5 1 KB
893 B 433ms
431ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-visa.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 9F7EF6BP4ZHXWF13
etag: W/"b327a8825ae28019462c8c3f5b4770c0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 836b68caff8d9188-FRA
x-amz-id-2: z9M/nRmor9+yYcbEvvsBM0n/0mal2H046a38mkGlMbnCpL+TpWilVkgr2yIb7VcrydaAzNm76v8=

GET
H2 200 embedded-giving-logo-amex.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 5FD5 1 KB
852 B 28ms
27ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-amex.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 9F7DMS873CY29KX6
age: 86319
etag: W/"0b1b4bc87aebc780d3ad6095fd447a24"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 836b68caff909188-FRA
x-amz-id-2: CXP5gjMmt5nJupYG9kq3XY7iKDPf5fB2e6T+6ZWn+P7w0GPvbJF1a9j4kTLMPwXm8MO4C5DuyoY=

GET
H2 200 embedded-giving-logo-discover.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 5FD5 3 KB
1 KB 405ms
404ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-discover.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 9F74QWK7QTF70VRC
etag: W/"d51cee8f590a54e755ac3501c1bd7342"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 836b68caff919188-FRA
x-amz-id-2: Ht2Lj9sj25r8trlwY5XXeCayHjgyCrQnyU+wvdNMyCZL6+NWvANXF0UDQqxEBPWmWsMxw/DWD7k=

GET
H2 200 embedded-giving-logo-mastercard.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 5FD5 1 KB
723 B 45ms
44ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-mastercard.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 9F76GZEP0FNVN419
age: 86319
etag: W/"26fb3de4519ed38ceec90bc98250ba1f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 836b68caff929188-FRA
x-amz-id-2: cgxwM74RaM++7+rcY5EoJ8qRCI2U2gBO9m1ktwa+FNEVgVKwemhkdNE2slO/now6UPd0XGexT2Y=

GET
H2 200 embedded-giving-shield-icon.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 5FD5 6 KB
2 KB 34ms
33ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-shield-icon.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 12GYJ843NBNN6N69
age: 86319
etag: W/"46fd834e95514def799fa0626c78233c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 836b68caff939188-FRA
x-amz-id-2: LTO9pmohi7TlboKpZuITf52qrYFtyyOI1Z3A2NIm4AAXDVFijl9f/K0FEzOibeFlTraNKzuwL986M0p333TbFf3mRUYLEkgVI9vuM2o6uyM=

GET
H2 200 embedded-giving-logo-ach.svg
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/ Frame 5FD5 1 KB
939 B 425ms
424ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/embedded-giving/embedded-giving-logo-ach.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
x-amz-request-id: 9F7E7BG5E3M8N8SR
etag: W/"d71add3c9962a21340ec557ac0628bf7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 836b68caff959188-FRA
x-amz-id-2: dElDKVhShzUb8XRXAZwMGueMBHTZyr43Pf533hvEbVgJETSlnepi4McpZbwUQbRiW4r2AYc/TCk=

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/ Frame 5FD5 394 B
679 B 37ms
37ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: 82PAK47WR7FCRAJ6
age: 31446
cf-polished: origFmt=png, origSize=547
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: hninh40VGRnx07Zpl68qtQXh6ea8sGx6HPw4J61jFS2UAmEHUhmw200wK02eOfDwzVK9hNavfyg=
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 836b68cb0f969188-FRA

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/fonts/ Frame 5FD5 42 KB
43 KB 50ms
31ms Font
application/x-font-woff 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11241468ecf36202cff1d14a70ac7a56ee69e77c7ee8d1835288eead918de205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: ZY2HYXBK9A7ZY20K
age: 6456
x-amz-server-side-encryption: AES256
content-length: 43184
x-amz-id-2: BTgArhMj9bPCUIISV4sr2Wa43aOzcRMPK0SS/emKwwVTw73fLljk8O+O/77WjcorooA0Sasx1aY=
last-modified: Mon, 11 Dec 2023 22:05:12 GMT
server: cloudflare
etag: "e938ef9e10839a9514e49917314e13c0"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 836b68cb1f2b1d9e-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/fonts/ Frame 5FD5 65 KB
66 KB 56ms
38ms Font
binary/octet-stream 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/f2a95ee11576697e811240aa3a2eac275007037c/static/frs/main.css
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: ZY2QY96BXBS68DBP
age: 81185
x-amz-server-side-encryption: AES256
content-length: 66624
x-amz-id-2: V3FnPru+GxUPVjNn+yBcqyyvzDrCDuSGwEEyQEr4suh+pSO2abue7V/JMsseOWCHMswGym3bYijwmn2QjYcCxoH/1G4+xV/rSGdwTrhbwZo=
last-modified: Mon, 11 Dec 2023 22:05:11 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 836b68cb1f2c1d9e-FRA

POST
H2 204 rum Show response
give.itgetsbetter.org/cdn-cgi/ Frame 5FD5 0
60 B 10ms
9ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-cc4ad97f6f4069a0----1702776716003
traceparent: 00-ff99d80b11ebc05c0ef2bb0b55835630-cc4ad97f6f4069a0-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjYzRhZDk3ZjZmNDA2OWEwIiwidHIiOiJmZjk5ZDgwYjExZWJjMDVjMGVmMmJiMGI1NTgzNTYzMCIsInRpIjoxNzAyNzc2NzE2MDAzfX0=
content-type: application/json
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give.itgetsbetter.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 836b68cb0bb718f9-FRA

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2220 631 B
556 B 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 4043612
x-cache: HIT
content-length: 399
x-request-id: 7774894f-d4c9-493a-8996-1dc214d653aa
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 554357

GET
H2 200 css
fonts.googleapis.com/ Frame 5FD5 11 KB
841 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Dec 2023 01:31:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 01:24:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Dec 2023 01:31:56 GMT

GET
H2 200 transaction-estimates Show response
give.itgetsbetter.org/frs-api/campaign/533919/ Frame 5FD5 365 B
244 B 516ms
516ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/frs-api/campaign/533919/transaction-estimates?amex=false&amount=25&currency=EUR&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc3ce70fb26bcc1efac28db69e5a2961c1d173724922b01053140e34d9138f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: bgY4guKI-peqgkpZL7WKpLcReEp4HABwzgH0
tracestate: 423787@nr=0-1-423787-363751183-15907f8ce39e0760----1702776716008
traceparent: 00-5080e75e9c06fb379c919e898c034830-15907f8ce39e0760-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxNTkwN2Y4Y2UzOWUwNzYwIiwidHIiOiI1MDgwZTc1ZTljMDZmYjM3OWM5MTllODk4YzAzNDgzMCIsInRpIjoxNzAyNzc2NzE2MDA4fX0=
Accept: application/json, text/plain, */*
csrf-token: bgY4guKI-peqgkpZL7WKpLcReEp4HABwzgH0
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16d-vF+bN05t/GkxHaC5Bn0gOYPb3jQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 836b68cb0bbc18f9-FRA

GET
H2 200 transaction-estimates Show response
give.itgetsbetter.org/frs-api/campaign/533919/ Frame 5FD5 365 B
275 B 505ms
505ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/frs-api/campaign/533919/transaction-estimates?amex=false&amount=25&currency=EUR&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc3ce70fb26bcc1efac28db69e5a2961c1d173724922b01053140e34d9138f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: bgY4guKI-peqgkpZL7WKpLcReEp4HABwzgH0
tracestate: 423787@nr=0-1-423787-363751183-d416feca744f2d30----1702776716009
traceparent: 00-e9040f8803232159b9417601d07bc830-d416feca744f2d30-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJkNDE2ZmVjYTc0NGYyZDMwIiwidHIiOiJlOTA0MGY4ODAzMjMyMTU5Yjk0MTc2MDFkMDdiYzgzMCIsInRpIjoxNzAyNzc2NzE2MDA5fX0=
Accept: application/json, text/plain, */*
csrf-token: bgY4guKI-peqgkpZL7WKpLcReEp4HABwzgH0
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16d-vF+bN05t/GkxHaC5Bn0gOYPb3jQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 836b68cb0bbd18f9-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame 2220 0
717 B 550ms
184ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716474272
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716473563
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2220 0
718 B 546ms
180ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716473749
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716473392
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/ Frame 5FD5 216 KB
67 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 00:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 16 Dec 2024 00:32:21 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame A3DF 930 B
1 KB 24ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 184
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 01:31:56 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 34
x-content-type-options: nosniff
x-request-id: 3cd1ee69-c3c8-4926-ae57-7ab5dce33052
x-served-by: cache-fra-eddf8230080-FRA
x-timer: S1702776716.067618,VS0,VE0

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame 5FD5 88 KB
31 KB 28ms
7ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://give.itgetsbetter.org/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3393202
x-cache: HIT, HIT
content-length: 30957
x-served-by: cache-lga13629-LGA, cache-fra-eddf8230127-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1702776716.070978,VS0,VE0
etag: W/"28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 1, 19467

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 5FD5 29 KB
29 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:27:25 GMT
x-content-type-options: nosniff
age: 180271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Dec 2024 23:27:25 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 5FD5 29 KB
29 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:27:25 GMT
x-content-type-options: nosniff
age: 180271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Dec 2024 23:27:25 GMT

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 5FD5 32 KB
32 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:57:13 GMT
x-content-type-options: nosniff
age: 405283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:57:13 GMT

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 5FD5 32 KB
32 KB 34ms
32ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:57:13 GMT
x-content-type-options: nosniff
age: 405283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:57:13 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 5FD5 29 KB
29 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:27:25 GMT
x-content-type-options: nosniff
age: 180271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Dec 2024 23:27:25 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 5FD5 29 KB
29 KB 41ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:27:25 GMT
x-content-type-options: nosniff
age: 180271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Dec 2024 23:27:25 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 5FD5 29 KB
29 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:27:25 GMT
x-content-type-options: nosniff
age: 180271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Dec 2024 23:27:25 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6026 28 B
54 B 26ms
26ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time: 1702776716071
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
X-YouTube-Client-Version: 1.20231212.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgs4TlBqVmpkQjhJYyiJn_mrBjIKCgJERRIEEgAgaQ%3D%3D
X-YouTube-Ad-Signals: dt=1702776713695&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 17 Dec 2023 01:31:56 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame A3DF 0
491 B 490ms
184ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716474041
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1702776716473598
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame A3DF 87 KB
15 KB 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sun, 17 Dec 2023 01:31:56 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 108
x-cache: HIT
content-length: 15509
x-request-id: f54d1587-e97f-4214-8697-6d5d4eb98c8e
x-served-by: cache-fra-eddf8230080-FRA
server: Fastly
x-timer: S1702776716.078519,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 23

GET
H2 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
give.itgetsbetter.org/sso/ssobuild/js/ Frame 5FD5 12 KB
5 KB 43ms
42ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-fb4f5f6a656944c0----1702776716088
traceparent: 00-eba29dbb1a97a2f3157b896f0bf0fcb0-fb4f5f6a656944c0-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmYjRmNWY2YTY1Njk0NGMwIiwidHIiOiJlYmEyOWRiYjFhOTdhMmYzMTU3Yjg5NmYwYmYwZmNiMCIsInRpIjoxNzAyNzc2NzE2MDg4fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.itgetsbetter.org/give/533919/
X-Requested-With: XMLHttpRequest

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Nov 2023 20:41:48 GMT
cf-bgj: minify
server: cloudflare
age: 1620863
etag: W/"6553db8c-316e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 836b68cb8bee18f9-FRA
expires: Wed, 27 Nov 2024 07:17:33 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame A3DF 156 B
668 B 541ms
181ms XHR
application/json 44.237.23.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.23.177 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-23-177.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0124917c59a93618b06ef9e92b9337df24e196fca3ce4b3f011f0ad700c39c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716578101
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1702776716577662
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 status Show response
give.itgetsbetter.org/sso/ Frame 5FD5 89 B
1 KB 400ms
400ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery36100655834378402933_1702776716087&_=1702776716088

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f84e49b2ad5dc9b81f3c381d2c732208a841e340cddb194f1b9cc761123ffb4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-5d397d3e7aadfda0----1702776716136
traceparent: 00-440d825964d6e1cac1152fa9d0602350-5d397d3e7aadfda0-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1ZDM5N2QzZTdhYWRmZGEwIiwidHIiOiI0NDBkODI1OTY0ZDZlMWNhYzExNTJmYTlkMDYwMjM1MCIsInRpIjoxNzAyNzc2NzE2MTM2fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.itgetsbetter.org/give/533919/
X-Requested-With: XMLHttpRequest

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self' https://*.classy.org;
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache, private
cf-ray: 836b68cbdc1b18f9-FRA
x-xss-protection: 1; mode=block

GET
H2 200 transaction-estimates Show response
give.itgetsbetter.org/frs-api/campaign/533919/ Frame 5FD5 365 B
295 B 236ms
236ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/frs-api/campaign/533919/transaction-estimates?amex=false&amount=23&currency=EUR&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b73504b5f33d944a6820f253e4e9d930c553f5f3231b9e5feaf1f4ef41692df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: TqnR8Cfi-6A0to7ApA5l3mBxSPTZ3osmfKWc
tracestate: 423787@nr=0-1-423787-363751183-f18be00eb408c6f0----1702776716402
traceparent: 00-9cfd8d7e789d07958c90999c48e81900-f18be00eb408c6f0-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmMThiZTAwZWI0MDhjNmYwIiwidHIiOiI5Y2ZkOGQ3ZTc4OWQwNzk1OGM5MDk5OWM0OGU4MTkwMCIsInRpIjoxNzAyNzc2NzE2NDAyfX0=
Accept: application/json, text/plain, */*
csrf-token: bgY4guKI-peqgkpZL7WKpLcReEp4HABwzgH0
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16d-SCuvZBK454yKRwdM5V8cM/RMMXA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 836b68cd8d0018f9-FRA

GET
H2 200 controller-178897d5385a3bf887dfe4e49781abb9.html Show response
js.stripe.com/v3/ Frame 49C9 325 B
752 B 8ms
8ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

26b2472688f89977e2fb712267021234390bdfe5ec6fa9f533ff23b853b73798

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1
cache-control: max-age=60
content-encoding: br
content-length: 190
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 01:31:56 GMT
etag: "178897d5385a3bf887dfe4e49781abb9"
last-modified: Sat, 16 Dec 2023 02:01:22 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: a762b3d6-9ccb-48ea-9b0d-f41cf244a5c7
x-served-by: cache-fra-eddf8230080-FRA

GET
H2 200 payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html Show response
js.stripe.com/v3/ Frame 7C0B 408 B
972 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9ada11b91b8834fa00c5367126493ed9bc3272be510db81d0928ef733318c4c7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 84463
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 01:31:56 GMT
etag: "502e16d059834a27f378d989d15a77c3"
last-modified: Sat, 16 Dec 2023 02:01:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 706
x-content-type-options: nosniff
x-request-id: bb740eca-a5e7-4b60-aa7c-12fd040e92ee
x-served-by: cache-fra-eddf8230080-FRA

GET
H2 200 payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html Show response
js.stripe.com/v3/ Frame FC8B 344 B
1 KB 8ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d5b49d58a385787d0fb60f7191a7907f9806aa2e0fa7b75e45478653c5fe5636

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 44
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 01:31:56 GMT
etag: "3d1338653ea273b98255fef897f60659"
last-modified: Sat, 16 Dec 2023 02:01:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 579213d2-1813-490b-91d9-476fae47066c
x-served-by: cache-fra-eddf8230080-FRA

GET
H2 200 payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html Show response
js.stripe.com/v3/ Frame DBAD 408 B
302 B 9ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9ada11b91b8834fa00c5367126493ed9bc3272be510db81d0928ef733318c4c7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 84463
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 01:31:56 GMT
etag: "502e16d059834a27f378d989d15a77c3"
last-modified: Sat, 16 Dec 2023 02:01:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 707
x-content-type-options: nosniff
x-request-id: ba765715-09a3-4668-9785-87d26ed76726
x-served-by: cache-fra-eddf8230080-FRA

GET
H2 200 payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html Show response
js.stripe.com/v3/ Frame 9C61 344 B
307 B 9ms
8ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d5b49d58a385787d0fb60f7191a7907f9806aa2e0fa7b75e45478653c5fe5636

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 44
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 01:31:56 GMT
etag: "3d1338653ea273b98255fef897f60659"
last-modified: Sat, 16 Dec 2023 02:01:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 04ad7c19-5d95-48f4-8656-bc994261bef3
x-served-by: cache-fra-eddf8230080-FRA

GET
H2 200 shared-09d478928cbcbe4632e76e0761d54ca7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 49C9 546 KB
133 KB 8ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 84489
x-cache: HIT
content-length: 135963
x-request-id: e6efe1f1-d6e2-41af-aabb-ddb1a948a27b
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Fastly
etag: "231d7e676025140a03edcd1dae1e6ac8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 439

GET
H2 200 controller-3009ed4386b7c4f898d75653511cf980.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 49C9 675 KB
175 KB 11ms
11ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-3009ed4386b7c4f898d75653511cf980.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8961b2078b1f45fffed48094dc24a1a1cc6a5ecf795923f7ad0f05eda5a1e67b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 84490
x-cache: HIT
content-length: 179206
x-request-id: 6fd7de1a-965d-4d40-8d08-59650d8608a3
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Sat, 16 Dec 2023 02:01:33 GMT
server: Fastly
etag: "5c9167a30550e77121defa78ef27d91b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 401

POST
H2 200 csp-report
q.stripe.com/ Frame 49C9 0
717 B 180ms
180ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716626455
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716626094
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 7C0B 120 KB
36 KB 133ms
74ms Script
application/javascript 2a00:1450:4013:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c05::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wYRBZUoohhjgbdiPAchT1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wYRBZUoohhjgbdiPAchT1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 17 Dec 2023 01:31:56 GMT

GET
H2 200 shared-09d478928cbcbe4632e76e0761d54ca7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7C0B 546 KB
133 KB 22ms
22ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 84489
x-cache: HIT
content-length: 135963
x-request-id: 4d53513f-43ad-4b51-bc5c-a3cd6a5b9829
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Fastly
etag: "231d7e676025140a03edcd1dae1e6ac8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 440

GET
H2 200 payment-request-inner-google-pay-d42a7edb28c9f589b6f998074e9b20f1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7C0B 12 KB
5 KB 8ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-d42a7edb28c9f589b6f998074e9b20f1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a7049b5d9f001fec947060ee2cb8fe10a868af28ac081bfd494949f1d71c5716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 345996
x-cache: HIT
content-length: 5144
x-request-id: 52db14c1-4f4e-4142-b46a-cc04ad60857b
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Wed, 13 Dec 2023 01:22:15 GMT
server: Fastly
etag: "d3b84c0be8c175de74dcee09b28293ff"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3609

GET
H2 200 shared-09d478928cbcbe4632e76e0761d54ca7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FC8B 546 KB
133 KB 29ms
29ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 84489
x-cache: HIT
content-length: 135963
x-request-id: ff70ff51-f0a4-48d8-bc95-6fd700bad40c
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Fastly
etag: "231d7e676025140a03edcd1dae1e6ac8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 441

GET
H2 200 payment-request-inner-browser-20a59f0e8abb73e1cc5ff587921df7b1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FC8B 13 KB
6 KB 35ms
35ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-20a59f0e8abb73e1cc5ff587921df7b1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3d72ceb6ab36c5f948e7a13ed3c55d48a65df90bbc7a89d6f698182e331bb868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 718014
x-cache: HIT
content-length: 5728
x-request-id: ca8c9cfd-d0c7-4b0f-adfa-47729e0286ab
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Fri, 08 Dec 2023 18:02:40 GMT
server: Fastly
etag: "aa012dc18d7e9e8c5e3f4b0344214f55"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6325

POST
H2 200 csp-report
q.stripe.com/ Frame 7C0B 0
717 B 207ms
207ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716652747
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716652401
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7C0B 0
717 B 217ms
217ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716652891
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716652473
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame FC8B 0
717 B 217ms
217ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716653040
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716652473
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame FC8B 0
717 B 203ms
203ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716653092
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716652696
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame DBAD 120 KB
37 KB 109ms
58ms Script
application/javascript 2a00:1450:4013:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c05::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-5Shok7onk5d9TAbGvbEm3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-5Shok7onk5d9TAbGvbEm3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 17 Dec 2023 01:31:56 GMT

GET
H2 200 shared-09d478928cbcbe4632e76e0761d54ca7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DBAD 546 KB
133 KB 30ms
30ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 84489
x-cache: HIT
content-length: 135963
x-request-id: c4116d68-be70-4ed6-ac6e-27dfcd3fb81d
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Fastly
etag: "231d7e676025140a03edcd1dae1e6ac8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 442

GET
H2 200 payment-request-inner-google-pay-d42a7edb28c9f589b6f998074e9b20f1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DBAD 12 KB
5 KB 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-d42a7edb28c9f589b6f998074e9b20f1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a7049b5d9f001fec947060ee2cb8fe10a868af28ac081bfd494949f1d71c5716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 345996
x-cache: HIT
content-length: 5144
x-request-id: 27426cad-13e3-4674-b9fd-87a252f6d130
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Wed, 13 Dec 2023 01:22:15 GMT
server: Fastly
etag: "d3b84c0be8c175de74dcee09b28293ff"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3610

GET
H2 200 shared-09d478928cbcbe4632e76e0761d54ca7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9C61 546 KB
133 KB 42ms
41ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 84489
x-cache: HIT
content-length: 135963
x-request-id: 33930b2b-5fc8-464f-b9ac-3621810c182d
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Fastly
etag: "231d7e676025140a03edcd1dae1e6ac8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 443

GET
H2 200 payment-request-inner-browser-20a59f0e8abb73e1cc5ff587921df7b1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9C61 13 KB
6 KB 40ms
40ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-20a59f0e8abb73e1cc5ff587921df7b1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3d72ceb6ab36c5f948e7a13ed3c55d48a65df90bbc7a89d6f698182e331bb868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 718014
x-cache: HIT
content-length: 5728
x-request-id: c0907424-1c2c-4d87-9f3c-1473b84d1acb
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Fri, 08 Dec 2023 18:02:40 GMT
server: Fastly
etag: "aa012dc18d7e9e8c5e3f4b0344214f55"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6326

POST
H2 200 csp-report
q.stripe.com/ Frame DBAD 0
717 B 210ms
209ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716653638
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716652712
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DBAD 0
717 B 201ms
201ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716653088
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716652719
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9C61 0
717 B 201ms
200ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716653581
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716652760
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9C61 0
717 B 220ms
219ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716653269
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716652779
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 49C9 474 B
367 B 24ms
8ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f7b8e0ff2ce575f80ab74fbefe460a2de27bf402f929646f38bccad6a87e5410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 58
x-cache: HIT
content-length: 296
x-request-id: ac842508-1eff-4454-81c4-27a8e008a74e
x-served-by: cache-fra-eddf8230021-FRA
last-modified: Sat, 16 Dec 2023 02:37:23 GMT
server: Fastly
etag: "6cd354e128f7fce67604c63e067ce620"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 49C9 474 B
609 B 15ms
7ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f7b8e0ff2ce575f80ab74fbefe460a2de27bf402f929646f38bccad6a87e5410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 58
x-cache: HIT
content-length: 296
x-request-id: 729b03cd-2533-425b-a2c8-ede2e2aade18
x-served-by: cache-fra-eddf8230021-FRA
last-modified: Sat, 16 Dec 2023 02:37:23 GMT
server: Fastly
etag: "6cd354e128f7fce67604c63e067ce620"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 264ms
257ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716804137
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776716803490
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 288ms
281ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716805939
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776716805208
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 309ms
303ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716831662
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776716831117
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 305ms
299ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716831717
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776716831132
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 288ms
281ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716805896
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776716805348
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 286ms
280ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716805390
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776716805278
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 286ms
280ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716805529
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776716805307
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 303ms
297ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716831673
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776716831217
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 316ms
311ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716831463
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776716830997
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 307ms
302ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716831570
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776716831046
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 264ms
259ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716804126
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776716803435
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 261ms
256ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716803648
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776716803470
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 303ms
298ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716831627
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776716831160
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 306ms
302ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716831471
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776716830974
access-control-allow-credentials: true
content-length: 0

GET
H2 200 payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html Show response
js.stripe.com/v3/ Frame 8B76 408 B
912 B 8ms
8ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9ada11b91b8834fa00c5367126493ed9bc3272be510db81d0928ef733318c4c7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 84463
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 01:31:56 GMT
etag: "502e16d059834a27f378d989d15a77c3"
last-modified: Sat, 16 Dec 2023 02:01:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 708
x-content-type-options: nosniff
x-request-id: 72815a49-f4bd-49eb-ae39-5e0e5d4fb0ae
x-served-by: cache-fra-eddf8230080-FRA

GET
H2 200 payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html Show response
js.stripe.com/v3/ Frame F496 344 B
1 KB 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d5b49d58a385787d0fb60f7191a7907f9806aa2e0fa7b75e45478653c5fe5636

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 44
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 01:31:56 GMT
etag: "3d1338653ea273b98255fef897f60659"
last-modified: Sat, 16 Dec 2023 02:01:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: f76d27be-8546-48c9-9815-82b6678ae567
x-served-by: cache-fra-eddf8230080-FRA

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 299ms
299ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716831804
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776716831263
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 297ms
297ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716831628
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776716831313
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 297ms
297ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716831811
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776716831456
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 258ms
257ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716831975
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776716831431
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 266ms
265ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716831669
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1702776716831469
access-control-allow-credentials: true
content-length: 0

GET
H2 200 shared-09d478928cbcbe4632e76e0761d54ca7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F496 546 KB
133 KB 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 84489
x-cache: HIT
content-length: 135963
x-request-id: 3e4bf6ad-a8f0-45eb-bae0-05c1de453896
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Fastly
etag: "231d7e676025140a03edcd1dae1e6ac8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 444

GET
H2 200 payment-request-inner-browser-20a59f0e8abb73e1cc5ff587921df7b1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F496 13 KB
6 KB 8ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-20a59f0e8abb73e1cc5ff587921df7b1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3d72ceb6ab36c5f948e7a13ed3c55d48a65df90bbc7a89d6f698182e331bb868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 718014
x-cache: HIT
content-length: 5728
x-request-id: 4462f6b8-eaf1-4359-8ef8-f1203300ba6d
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Fri, 08 Dec 2023 18:02:40 GMT
server: Fastly
etag: "aa012dc18d7e9e8c5e3f4b0344214f55"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6327

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 8B76 120 KB
36 KB 62ms
61ms Script
application/javascript 2a00:1450:4013:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c05::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-b_6zk8_Mk5mgRYRnXgQMDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-b_6zk8_Mk5mgRYRnXgQMDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 17 Dec 2023 01:31:56 GMT

GET
H2 200 shared-09d478928cbcbe4632e76e0761d54ca7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8B76 546 KB
133 KB 11ms
11ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 84489
x-cache: HIT
content-length: 135963
x-request-id: dab57a23-b12a-4924-9f22-8dab5bf871cf
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Fastly
etag: "231d7e676025140a03edcd1dae1e6ac8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 445

GET
H2 200 payment-request-inner-google-pay-d42a7edb28c9f589b6f998074e9b20f1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8B76 12 KB
5 KB 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-d42a7edb28c9f589b6f998074e9b20f1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a7049b5d9f001fec947060ee2cb8fe10a868af28ac081bfd494949f1d71c5716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:31:56 GMT
via: 1.1 varnish
age: 345996
x-cache: HIT
content-length: 5144
x-request-id: 70c87318-2524-4315-b88a-414c69572a81
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Wed, 13 Dec 2023 01:22:15 GMT
server: Fastly
etag: "d3b84c0be8c175de74dcee09b28293ff"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3611

POST
H2 200 csp-report
q.stripe.com/ Frame F496 0
717 B 240ms
239ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716832405
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716831650
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F496 0
717 B 239ms
239ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716832004
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716831649
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8B76 0
717 B 231ms
231ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716832081
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716831672
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8B76 0
717 B 232ms
231ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716832114
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702776716831678
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 2358 19 KB
8 KB 71ms
71ms Document
text/html 2a00:1450:4013:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c05::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0eda3bbcc77386f76ecb2c9f4a78c7bdb1059892f64e912c6aac3b4e7f81a62c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KlvFXjOFX45NVNq4f_1YeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KlvFXjOFX45NVNq4f_1YeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 0C33 19 KB
8 KB 66ms
66ms Document
text/html 2a00:1450:4013:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c05::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0855f79cbf2d0acd4534da92cf91c831e2a987b98dbe264282a69e142fb6b81a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-1kGPczWNNmIqh8Z66NuFYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-1kGPczWNNmIqh8Z66NuFYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 225ms
225ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716832384
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776716831593
access-control-allow-credentials: true
content-length: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 49C9 2 KB
3 KB 342ms
268ms Fetch
application/json 198.137.150.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.137.150.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2424168cadb83032d5693cd188279942641745391f4bca473d1c83585f3c7e4f

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2465
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 215ms
215ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716832178
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776716831637
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame A3DF 156 B
667 B 180ms
180ms XHR
application/json 44.237.23.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.23.177 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-23-177.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0124917c59a93618b06ef9e92b9337df24e196fca3ce4b3f011f0ad700c39c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716820918
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1702776716820640
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame A3DF 156 B
667 B 230ms
230ms XHR
application/json 44.237.23.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.23.177 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-23-177.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0124917c59a93618b06ef9e92b9337df24e196fca3ce4b3f011f0ad700c39c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776716870546
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1702776716870279
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 6298 19 KB
8 KB 66ms
66ms Document
text/html 2a00:1450:4013:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c05::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e51715b433bb4c6241e6f0bd1feac72b89668a7f323a9bf576a1ec97ea26c4e1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-WruOa-q_0sfKKX1U5bbsqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-WruOa-q_0sfKKX1U5bbsqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 184ms
184ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:56 GMT
x-stripe-server-envoy-start-time-us: 1702776716860371
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776716860051
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 2358 159 KB
56 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 374674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57423
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 13:07:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 17:27:22 GMT

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 0C33 159 KB
56 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 374674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57423
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 13:07:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 17:27:22 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 2358 2 KB
2 KB 117ms
117ms Other
text/html 2a00:1450:4013:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 0C33 2 KB
2 KB 116ms
116ms Other
text/html 2a00:1450:4013:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 2358 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 18:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27264
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 18:01:08 GMT

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 0C33 73 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 18:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27264
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 18:01:08 GMT

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 6298 159 KB
56 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:27:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 374674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57423
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 13:07:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 17:27:22 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 6298 2 KB
2 KB 126ms
126ms Other
text/html 2a00:1450:4013:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 2358 1 MB
376 KB 70ms
70ms XHR
text/html 2a00:1450:4013:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c05::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1000a3c9ed8e7727afdf20b9d8dad7f3a1f885a0d21f6ebba2af9e674c1c1580

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zQH61QkAOjkAPaTLBMinMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zQH61QkAOjkAPaTLBMinMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 17 Dec 2023 01:31:56 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 0C33 1 MB
376 KB 67ms
67ms XHR
text/html 2a00:1450:4013:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c05::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f6f0330ff8ca70fb334728244bc5e4ff78a6b30fdd032e8b6108f6422891bec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e2mjW4e3MDSdYtoC4TwlKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-e2mjW4e3MDSdYtoC4TwlKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 17 Dec 2023 01:31:56 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 2358 9 KB
4 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 18:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3732
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 18:01:08 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 2358 37 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 18:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 18:01:08 GMT

POST
H3 200 log Show response
play.google.com/ Frame 2358 131 B
155 B 90ms
58ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 75ms
20ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2358 131 B
155 B 85ms
54ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 75ms
20ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2358 131 B
155 B 87ms
56ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 75ms
21ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2358 131 B
155 B 88ms
58ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 74ms
21ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2358 131 B
155 B 82ms
55ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 81ms
28ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 0C33 9 KB
4 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 18:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3732
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 18:01:08 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 0C33 37 KB
14 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 18:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 18:01:08 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0C33 131 B
155 B 93ms
62ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 59ms
19ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0C33 131 B
155 B 94ms
63ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 60ms
22ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 59ms
22ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0C33 131 B
155 B 79ms
49ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

POST
H3 200 log Show response
play.google.com/ Frame 0C33 131 B
155 B 86ms
58ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 63ms
28ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0C33 131 B
155 B 89ms
59ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 57ms
22ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 6298 73 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 18:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27264
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 18:01:08 GMT

POST
H3 200 log Show response
play.google.com/ Frame 2358 131 B
155 B 84ms
62ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 65ms
33ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
272 B 183ms
181ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717000905
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776717000711
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
273 B 183ms
182ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717001367
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776717000750
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame 0C33 131 B
155 B 83ms
56ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 54ms
29ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 182ms
182ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717005540
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776717004994
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 182ms
182ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717005358
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776717005146
access-control-allow-credentials: true
content-length: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 6298 1 MB
376 KB 65ms
65ms XHR
text/html 2a00:1450:4013:c05::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c05::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45a590a3b2153cf673ee93ab3832d2159fb1b65caf755ff33aeadaeac3c620c1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-o7IcOLCVqo3LFG3ElpbkJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-o7IcOLCVqo3LFG3ElpbkJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 17 Dec 2023 01:31:56 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 6298 9 KB
4 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 18:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3732
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 18:01:08 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 6298 37 KB
14 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 18:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 18:01:08 GMT

POST
H3 200 log Show response
play.google.com/ Frame 6298 131 B
155 B 78ms
57ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 34ms
34ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6298 131 B
155 B 74ms
53ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 34ms
34ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6298 131 B
155 B 83ms
62ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 33ms
33ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 28ms
27ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6298 131 B
155 B 82ms
61ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

POST
H3 200 log Show response
play.google.com/ Frame 6298 131 B
155 B 80ms
60ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 27ms
27ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6298 131 B
155 B 80ms
60ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:31:57 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 185ms
182ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717047044
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776717046383
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 186ms
183ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717047117
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776717046511
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 23ms
20ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:31:56 GMT
expires: Sun, 17 Dec 2023 01:31:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
272 B 182ms
182ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717250520
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776717250114
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
273 B 181ms
181ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717250671
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776717250220
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 182ms
181ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717254999
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776717254633
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 182ms
182ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717255316
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776717254828
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 182ms
182ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717256041
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776717255664
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 181ms
181ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717256254
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776717255805
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 182ms
182ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717256858
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776717256704
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 181ms
181ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717257325
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776717256867
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 181ms
181ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717257970
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702776717257788
access-control-allow-credentials: true
content-length: 0

GET
H2 200 GooglePay-logo.svg
give.itgetsbetter.org/static/global/images/digitalWallets/ Frame 5FD5 3 KB
1 KB 413ms
412ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.itgetsbetter.org/static/global/images/digitalWallets/GooglePay-logo.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/give/533919/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 Dec 2023 22:01:28 GMT
server: cloudflare
etag: W/"657786b8-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 836b68d25ff618f9-FRA
expires: Mon, 16 Dec 2024 01:31:57 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 182ms
182ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717264576
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776717264117
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 49C9 0
274 B 181ms
181ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 17 Dec 2023 01:31:57 GMT
x-stripe-server-envoy-start-time-us: 1702776717264467
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702776717264288
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 itgetsbetter
www.juicer.io/api/feeds/ Frame 0
0 4174ms
4129ms Preflight 2606:4700:20::ac43:4743
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.juicer.io/api/feeds/itgetsbetter?per=8&page=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4743 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-juicer-referrer
Access-Control-Request-Method: GET
Origin: https://itgetsbetter.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: x-juicer-referrer
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 836b68dcca8f39d4-FRA
content-length: 0
date: Sun, 17 Dec 2023 01:31:59 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702776719&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Kt7ZDXGcMfPtzDVhpSXNRpo71fYUiqtTs5kgJ%2FRZi44%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702776719&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Kt7ZDXGcMfPtzDVhpSXNRpo71fYUiqtTs5kgJ%2FRZi44%3D
server: cloudflare
via: 1.1 vegur

GET
H2 200 wp-emoji-release.min.js Show response
itgetsbetter.org/wp-includes/js/ 18 KB
5 KB 111ms
111ms Script
application/javascript 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"63db0985-4904"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 caret-left.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 507 B
468 B 17ms
17ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/caret-left.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cece2ee9c97d9ef7bce2fb6aff036dee86bcdbd437b8869a278136ed87f4c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:36 GMT
server: cloudflare
age: 34776
etag: W/"6568c5cc-1fb"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b47699f-FRA

GET
H2 200 salad.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 980 B
674 B 20ms
19ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/salad.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3570bfba53e8d72faa85cc930f04176d45ea79d7b36d8130623d5afd30c27075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:37 GMT
server: cloudflare
age: 37068
etag: W/"6568c609-3d4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b48699f-FRA

GET
H2 200 atom-simple.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
843 B 17ms
17ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/atom-simple.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2f94f7fbc53e6454a3781287a15449eaa44e64a98a238a9be67410bc2c3afc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:26 GMT
server: cloudflare
age: 34776
etag: W/"6568c5c2-5c6"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b49699f-FRA

GET
H2 200 graduation-cap.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
791 B 18ms
18ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/graduation-cap.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd285e85a0833012cd1a4904d7736227f2f26884e84c653718678178c8f7a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:01 GMT
server: cloudflare
age: 34776
etag: W/"6568c5e5-4c1"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b4b699f-FRA

GET
H2 200 books.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
688 B 20ms
20ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/books.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708518c451d33d2ce773ac15b38bd20f1c14a426311d8e3b2aec07df38697c43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:30 GMT
server: cloudflare
age: 34776
etag: W/"6568c5c6-446"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b4c699f-FRA

GET
H2 200 person-sign.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
696 B 21ms
20ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/person-sign.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8646d8ecf9f4c7fe7cd30e29db092aa9cf2781a5c4eea7a4f10f41024176a62c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:26 GMT
server: cloudflare
age: 37068
etag: W/"6568c5fe-44f"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b4d699f-FRA

GET
H2 200 whistle.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
716 B 21ms
17ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/whistle.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22808b48a5290f2910aaa66a123440621dc67427728ab22518c8e136c3d7be85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:29:35 GMT
server: cloudflare
age: 34776
etag: W/"6568c67f-432"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b50699f-FRA

GET
H2 200 typewriter.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
711 B 23ms
19ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/typewriter.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18be65efe73612e4b002392884e349dbc3e859171a631163a9d8edb4bbaf8940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:56 GMT
server: cloudflare
age: 34776
etag: W/"6568c61c-5eb"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b51699f-FRA

GET
H2 200 screencast.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 794 B
549 B 21ms
18ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/screencast.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81cecb4a4686b35edc2526e508c1093fa70f1deaafba8c4cef80183759382c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:38 GMT
server: cloudflare
age: 34776
etag: W/"6568c60a-31a"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b52699f-FRA

GET
H2 200 tiktok.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/ 467 B
411 B 29ms
26ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/tiktok.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e84d0a90357d43c325884bb41a24006bcaa24cc59f2c353986f2655eb57a90a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:07 GMT
server: cloudflare
age: 34776
etag: W/"6568c5af-1d3"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b53699f-FRA

GET
H2 200 twitch.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/ 448 B
422 B 23ms
21ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/twitch.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d65bf866f07b819753c80bca98f75898097a4b3c73074d35f45d440facd01bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:08 GMT
server: cloudflare
age: 34776
etag: W/"6568c5b0-1c0"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b57699f-FRA

GET
H2 200 school.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
584 B 22ms
20ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/school.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8037fcd91179ff85b140b52acbde121679d944561b7a252ab8e1d6978d826ea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:38 GMT
server: cloudflare
age: 34776
etag: W/"6568c60a-5dc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b58699f-FRA

GET
H2 200 rainbow.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 884 B
540 B 24ms
22ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/rainbow.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 502f615b389454e5ff7fb988c5214bd0aee8f2668d4cd5dc18721f9d9824df11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:34 GMT
server: cloudflare
age: 34776
etag: W/"6568c606-374"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b59699f-FRA

GET
H2 200 head-side-brain.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 2 KB
874 B 25ms
23ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/head-side-brain.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6192fd402ade2719852ec40ba5c5f6665f74d30af826d898df44c617bc0a294e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:05 GMT
server: cloudflare
age: 34776
etag: W/"6568c5e9-624"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b5a699f-FRA

GET
H2 200 hand-heart.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
622 B 30ms
28ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/hand-heart.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2482c85f93f2c17c36be2b6feffe460436bfa18ec62fe4efcfabeaad5cdf471d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:04 GMT
server: cloudflare
age: 34776
etag: W/"6568c5e8-4d0"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b5b699f-FRA

GET
H2 200 megaphone.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 742 B
545 B 35ms
33ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/megaphone.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f00e02f500d94f76252907440c93fd2ac4d413477081e985c3e42ff8e730ed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:16 GMT
server: cloudflare
age: 34776
etag: W/"6568c5f4-2e6"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b5c699f-FRA

GET
H2 200 globe.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 2 KB
1000 B 26ms
24ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/globe.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647f0eb8e046a6dfc7f3aaf8b4c5e37de3c3eacb63288cd1e2454bde4b805322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:01 GMT
server: cloudflare
age: 34776
etag: W/"6568c5e5-932"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b5d699f-FRA

GET
H2 200 map.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 560 B
472 B 29ms
27ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/map.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b54f318ed5b86ee239a5b26539e7587d672975595e19de46b23384087e4b086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:15 GMT
server: cloudflare
age: 34776
etag: W/"6568c5f3-230"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b5e699f-FRA

GET
H2 200 book-atlas.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
772 B 26ms
25ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/book-atlas.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bf7cc58e7432bb37298ef81b2e57f478c523575fce8d938652f92aa767254b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:29 GMT
server: cloudflare
age: 34775
etag: W/"6568c5c5-4f2"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b5f699f-FRA

GET
H2 200 people-group.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
705 B 32ms
31ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/people-group.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d70003b221c72dd2af79fbfd27ad44b934900286b204e62f25b069eda84571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:24 GMT
server: cloudflare
age: 34776
etag: W/"6568c5fc-506"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b60699f-FRA

GET
H2 200 coins.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
852 B 33ms
32ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/coins.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da07fd308f8d7753e8c5218ab4757e53258b5721db310acc1c4ebd15f4711b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:44 GMT
server: cloudflare
age: 34776
etag: W/"6568c5d4-5a7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b61699f-FRA

GET
H2 200 language.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
883 B 31ms
29ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/language.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54e4e9cd3900a289833fc9ba3079698ba58e18de3ddc819d367fe9618cb13900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:12 GMT
server: cloudflare
age: 34776
etag: W/"6568c5f0-588"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 836b68dc7b62699f-FRA

GET
H2 200 itgetsbetter Show response
www.juicer.io/api/feeds/ 19 KB
5 KB 159ms
159ms XHR
application/json 2606:4700:20::ac43:4743
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.juicer.io/api/feeds/itgetsbetter?per=8&page=1

Requested by

Host: assets.juicer.io
URL: https://assets.juicer.io/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4743 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d687a0d232c224f4d57c7ef38afd2671c4583344481eae34e639875a0a443b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Juicer-Referrer: https://itgetsbetter.org/

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702327969&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Z%2FQ1RcYNJMvRSA2Vu%2FGvFfpjZ9AccKLtOX6I2QE7pnM%3D
x-request-id: de1bfb11-2b17-4c03-8bcc-0138d0fd10db
x-runtime: 0.030395
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Dec 2023 20:04:26 GMT
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702327969&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Z%2FQ1RcYNJMvRSA2Vu%2FGvFfpjZ9AccKLtOX6I2QE7pnM%3D"}]}
access-control-expose-headers
x-frame-options: SAMEORIGIN
cache-control: max-age=300, public, stale-while-revalidate=30, stale-if-error=86400
vary: Accept-Encoding, Origin
cf-ray: 836b68f6a80e39d4-FRA

GET
H3 200 player_api Show response
www.youtube.com/ 993 B
518 B 57ms
54ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/mediaelement-and-player.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98b7d90beeaf2d2944f47d2c001be5d943d1b6306bbf7dc27c240e092ed8544d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 17 Dec 2023 01:31:58 GMT

GET
H2 200 jp-search.defaultVendors.js Show response
itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 74 KB
24 KB 4124ms
4124ms Script
application/javascript 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=bacda5cac07fa74fbb11

Requested by

Host: 149352635.v2.pressablecdn.com
URL: https://149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=156632ec530008abc8ff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d715d803774712817e0843a429bdee439b10a425f9426b02743691fd225da8ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 14 Nov 2023 17:55:08 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"6553b47c-1268a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jp-search.chunk-main-payload.css
itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 36 KB
5 KB 4122ms
4122ms Stylesheet
text/css 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=41670287183d4ae26824

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b400236e532466354be554a16cddd1ab9231066ac4730382df1dbbd08a395e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 04 Dec 2023 06:52:30 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"656d772e-8fb9"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jp-search.chunk-main-payload.js Show response
itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 74 KB
20 KB 4124ms
4123ms Script
application/javascript 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=3cd7808e83e2f837f713

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e7cc3ea52e6a5e1ea3e0938fb9df73529604f82147154f3f4d69e6b580bbac02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 14 Nov 2023 17:55:08 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"6553b47c-127ac"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 89 KB
31 KB 4163ms
37ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: 149352635.v2.pressablecdn.com
URL: https://149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/assets/dist/js/index.js?ver=2.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7f60edc6dd5df77558960aee08f6e4b3b63d28a4e313c1781d1d2f85f97da6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 01:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

watch
www.youtube.com/
Redirect Chain

https://youtu.be/FkYumU0Z3bk?_=1
https://www.youtube.com/watch?_=1&v=FkYumU0Z3bk&feature=youtu.be

0
0

48ms
48ms

Media
text/html

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youtube.com/watch?_=1&v=FkYumU0Z3bk&feature=youtu.be
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H3
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date: Sun, 17 Dec 2023 01:32:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin-allow-popups; report-to="SHORT_URL"
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
location: https://www.youtube.com/watch?_=1&v=FkYumU0Z3bk&feature=youtu.be
report-to: {"group":"SHORT_URL","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SHORT_URL"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.min.css
c0.wp.com/c/6.4.2/wp-includes/css/dist/block-library/ 6 KB
0 31ms
30ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:31:58 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Sun, 05 Nov 2023 19:40:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Mon, 16 Dec 2024 01:31:58 GMT

GET
H2 206 IGB_Video_Faces_compressed.mp4
itgetsbetter.org/wp-content/uploads/2021/05/ 640 KB
0 4098ms
4096ms Media
video/mp4 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/uploads/2021/05/IGB_Video_Faces_compressed.mp4

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itgetsbetter.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 17 Dec 2023 01:31:58 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
last-modified: Fri, 21 May 2021 15:57:57 GMT
server: nginx
etag: "60a7d885-66a3a1"
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-6726560/6726561
Content-Length: 6726561

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/ 216 KB
67 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 00:32:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 16 Dec 2024 00:32:21 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame A3DF 156 B
667 B 2722ms
2722ms XHR
application/json 44.237.23.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.23.177 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-23-177.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0124917c59a93618b06ef9e92b9337df24e196fca3ce4b3f011f0ad700c39c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 17 Dec 2023 01:32:03 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702776723040189
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1702776723039984
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5FD5 295 B
367 B 1392ms
1392ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 01:32:02 GMT
via: 1.1 varnish
age: 3437455
x-cache: HIT
content-length: 209
x-request-id: d76e594f-1e5c-4ddf-a1e2-7948968abe25
x-served-by: cache-fra-eddf8230080-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 96455

GET
H3 200 FkYumU0Z3bk Show response
www.youtube.com/embed/ Frame 608A 94 KB
40 KB 92ms
92ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab0f8883e48816a077e99d6a5ffc6cd2b3dda53b700e8a67438aee68e7af6732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 01:32:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/d23221b6/ Frame 608A 366 KB
47 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee11928e9a31b92c22b88f0c49dae1f791043fe071dacf46b848efe85254c003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 21:43:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48218
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 15 Dec 2024 21:43:53 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 608A 15 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 180307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Dec 2024 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 608A 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 275436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 21:01:27 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/ Frame 608A 53 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c9f933d72a7bd02697d7107a9f1ab3d66cba302fc93adb24b1d826f44a99e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:33:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 320322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16708
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 12 Dec 2024 08:33:21 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/d23221b6/www-embed-player.vflset/ Frame 608A 322 KB
96 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c71106628b235959659a80caca8df6f9e8dfc9eac825605e79d2738726f287d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 23:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6244
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98540
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 15 Dec 2024 23:47:59 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/ Frame 608A 2 MB
769 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c31daae8b67df28286a285cba84cafe86ff3d2a9043bb26deb93d41156de489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 787370
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 12 Dec 2024 08:33:21 GMT

OPTIONS
H2 200 page_views
www.juicer.io/api/ Frame 0
0 102ms
102ms Preflight 2606:4700:20::ac43:4743
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.juicer.io/api/page_views
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4743 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://itgetsbetter.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 836b68f7b8cb39d4-FRA
content-length: 0
date: Sun, 17 Dec 2023 01:32:03 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702776723&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=0m%2Ft0nb3Ed63mVxvptW1YqLDICfY0BjuyjijKZWj0AE%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702776723&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=0m%2Ft0nb3Ed63mVxvptW1YqLDICfY0BjuyjijKZWj0AE%3D
server: cloudflare
via: 1.1 vegur

GET
H2 200 fontawesome-5-juicer.woff2
static.juicer.io/fonts/ 9 KB
9 KB 121ms
111ms Font
application/font-woff2 2606:4700:20::ac43:4743
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.juicer.io/fonts/fontawesome-5-juicer.woff2?83361522
Requested by: Host: assets.juicer.io
URL: https://assets.juicer.io/embed.css?ver=6.4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4743 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98f52c585d499ea7132a6b0c0feee576310ff9ca667cfb8b1b156811d5a89e8f

Request headers

Referer: https://assets.juicer.io/
Origin: https://itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-length: 9064
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702581958&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=xM8%2BKVjDPWbGwrMgxArqNdKwvZKImA64LcApuHa5YUQ%3D
last-modified: Thu, 14 Dec 2023 18:29:29 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702581958&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=xM8%2BKVjDPWbGwrMgxArqNdKwvZKImA64LcApuHa5YUQ%3D"}]}
access-control-allow-origin: *
content-type: application/font-woff2
access-control-expose-headers
cache-control: public, max-age=3600
vary: Origin, Accept-Encoding
accept-ranges: bytes
cf-ray: 836b68f7c8d839d4-FRA

POST
H2 200 page_views Show response
www.juicer.io/api/ 0
128 B 116ms
116ms XHR
application/json 2606:4700:20::ac43:4743
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.juicer.io/api/page_views

Requested by

Host: assets.juicer.io
URL: https://assets.juicer.io/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4743 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702776723&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=0m%2Ft0nb3Ed63mVxvptW1YqLDICfY0BjuyjijKZWj0AE%3D
x-request-id: 363d52fe-62b7-49af-870f-ee1468d4a3a6
x-runtime: 0.008724
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702776723&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=0m%2Ft0nb3Ed63mVxvptW1YqLDICfY0BjuyjijKZWj0AE%3D"}]}
access-control-expose-headers
x-frame-options: SAMEORIGIN
cache-control: no-cache
vary: Accept-Encoding, Origin
cf-ray: 836b68f8693539d4-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/477328342/ 30 KB
30 KB 36ms
31ms Image
image/jpeg 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/477328342/images.jpg?external_id=C0bCWj7A3VV&s=a90d38ebf80c3aade7d65db4d9ae108d8a208ce3

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03e3d973f01e89523591a9bdde4b8353e6c3d095e7c7734056dc046c9b00a0ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
age: 115599
content-transfer-encoding: binary
content-disposition: inline
content-length: 30664
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702087791&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WChbfizXsLysZ5VjBUWIPeid%2BZs4zvxsL3ewa9%2FfXTo%3D
x-request-id: 5000063e-aef0-441d-84cb-4592b8be7ec7
x-runtime: 0.492626
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"03e3d973f01e89523591a9bdde4b8353"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702087791&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=WChbfizXsLysZ5VjBUWIPeid%2BZs4zvxsL3ewa9%2FfXTo%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 836b68f7db168fe2-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/477314321/ 73 KB
74 KB 18ms
13ms Image
image/jpeg 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/477314321/images.jpg?external_id=C0ZSdWet-ME&s=b6db1ce67e54efd8f9fc16b717c800a8db4afda5

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f99958cafb6f0fbe5988b2a251ed09ef5cb95ae98142d128afaf8703b59fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
age: 115599
content-transfer-encoding: binary
content-disposition: inline
content-length: 75236
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701702020&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=CR3tmWxRgj%2FZamddelbGRdOYbXe840xsKGGjMcchJsg%3D
x-request-id: f3a2e35b-06bc-481b-bfed-f27e6eb01d5a
x-runtime: 0.237561
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"82f99958cafb6f0fbe5988b2a251ed09"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701702020&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=CR3tmWxRgj%2FZamddelbGRdOYbXe840xsKGGjMcchJsg%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 836b68f7db0f8fe2-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/477119004/ 91 KB
92 KB 21ms
17ms Image
image/jpeg 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/477119004/images.jpg?external_id=C0JfLCTtQCG&s=b7d422424c7016ddbaf29966077d7be507fc99af

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89ac585ad71113a3ce01e3e2361a0c7e9192e72fa5cc67662eaced45d2c1a521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
age: 335553
content-transfer-encoding: binary
content-disposition: inline
content-length: 93217
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702378452&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=hSnQ%2BNAru2XUtMqTm5AF%2FYnZpfyA8K5qOHAdJtcW9gs%3D
x-request-id: 1485b00a-0ff5-4ff4-8f51-4497de44fe6d
x-runtime: 0.110857
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"89ac585ad71113a3ce01e3e2361a0c7e"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702378452&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=hSnQ%2BNAru2XUtMqTm5AF%2FYnZpfyA8K5qOHAdJtcW9gs%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 836b68f7db108fe2-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/477112217/ 31 KB
32 KB 38ms
34ms Image
image/jpeg 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/477112217/images.jpg?external_id=C0IdHQ6oMHS&s=e9d2cc7961fc32593a24507de88bf88210b7feb3

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef393ca2e313100ec52a34d7ea436224dbd7b7064b2cc47374e86d045cb36ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
age: 115599
content-transfer-encoding: binary
content-disposition: inline
content-length: 32108
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702505564&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=vcw7iQdpt2DecYY5pCHTnpcMYHV3KFdGZgu8InlLu54%3D
x-request-id: 5360f04f-d144-4b9c-bce9-ef4f373047be
x-runtime: 0.026277
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"4ef393ca2e313100ec52a34d7ea43622"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702505564&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=vcw7iQdpt2DecYY5pCHTnpcMYHV3KFdGZgu8InlLu54%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 836b68f7db118fe2-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/477096240/ 232 KB
233 KB 38ms
34ms Image
image/jpeg 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/477096240/images.jpg?external_id=C0F7-zJrXO5&s=fd0de31cf5049b8dec5621e01d64e14f7ecd64e4

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41a99854a7cd595b7a0a302f4ac8a9a0301e27f979d1efea5c35937b1a4e05fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
age: 492891
content-transfer-encoding: binary
content-disposition: inline
content-length: 237622
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701250761&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=fMmy80ZYKp3I2lqjzArzCvYOTijZ3OmV2TMF8Y94lN8%3D
x-request-id: b598e434-1d6f-488b-b49d-c737a39f4e86
x-runtime: 0.069483
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"41a99854a7cd595b7a0a302f4ac8a9a0"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701250761&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=fMmy80ZYKp3I2lqjzArzCvYOTijZ3OmV2TMF8Y94lN8%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 836b68f7db128fe2-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/476710195/ 88 KB
88 KB 52ms
49ms Image
image/jpeg 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/476710195/images.jpg?external_id=CzjWaNqR68O&s=da6a567655ba8cabd4f64f88979f83aaff7cf86b

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

735b2971360c0d29962532aab8d08fad3bbc3b3726d6d97919399cc097c800f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
age: 115599
content-transfer-encoding: binary
content-disposition: inline
content-length: 89860
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701246209&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=E4K753qFS3l4S6i3lfybw58DEkVI%2FKM6dVOBwz1w2CU%3D
x-request-id: d0080c9b-b0da-4de2-b896-8bf6cd35a474
x-runtime: 0.139254
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"735b2971360c0d29962532aab8d08fad"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701246209&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=E4K753qFS3l4S6i3lfybw58DEkVI%2FKM6dVOBwz1w2CU%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 836b68f7db138fe2-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/476685627/ 63 KB
64 KB 36ms
33ms Image
image/jpeg 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/476685627/images.jpg?external_id=CzgnOQouwUw&s=b2fe1e927182b97b4f2906b66e14310455a83457

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a881cb6eae7ce1135a298d64c865ed30fb32d5acc31b19b8ca2a401d306a7146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
age: 492891
content-transfer-encoding: binary
content-disposition: inline
content-length: 64510
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701345928&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=9xfXEjlTHSC8DvkLhcAb5tnu%2BQf%2F%2FvNCM%2FOHLQVpzzw%3D
x-request-id: 691c9dd1-35dc-4e7c-a342-dcb73f81e79f
x-runtime: 0.946092
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"a881cb6eae7ce1135a298d64c865ed30"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701345928&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=9xfXEjlTHSC8DvkLhcAb5tnu%2BQf%2F%2FvNCM%2FOHLQVpzzw%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 836b68f7db148fe2-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/476501424/ 71 KB
72 KB 32ms
29ms Image
image/jpeg 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/476501424/images.jpg?external_id=CzSX-WIuAwi&s=2cf9fd867c1b71b4b25634fa56ae55a6e34487f7

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07e09c1b140e3c66ab99a7afbf2462ec8aada23e2dbc97dd76a4430d8f9d62b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
age: 115599
content-transfer-encoding: binary
content-disposition: inline
content-length: 73174
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1702087875&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=jSGSh7noRbtazqVkHes5094Hcs%2FjaLb95%2FtWrHRcAIs%3D
x-request-id: 260d2ea3-a610-40d2-9fee-cb437284025c
x-runtime: 1.091905
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"07e09c1b140e3c66ab99a7afbf2462ec"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1702087875&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=jSGSh7noRbtazqVkHes5094Hcs%2FjaLb95%2FtWrHRcAIs%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 836b68f7db158fe2-FRA

GET
H2 200 1f308.svg
s.w.org/images/core/emoji/14.0.0/svg/ 733 B
663 B 44ms
20ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f308.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

555858f907bda45e059201a8a3d8910876ef8d830b9b82cfc0ca9aa55c7b029a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f41f.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
975 B 45ms
21ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f41f.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

caa8008ee6dbae76478943d4d233519d362e75858f9c9928090b5928cda3b2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f420.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
957 B 45ms
22ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f420.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

353483a66fe92a11ebbe734da83f47f6d0526a75175a05e5fc6ec7b2d4890c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f991.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
868 B 45ms
22ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f991.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

bd44e1d4db19744c519d1d6490873ca76f8894680b6bfd529d89585196cb9cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f980.svg
s.w.org/images/core/emoji/14.0.0/svg/ 5 KB
2 KB 46ms
23ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f980.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

7c95cad49ca19cee604037d049a7f154fb02b785a95b9d32f99d7efe33cb2218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f419.svg
s.w.org/images/core/emoji/14.0.0/svg/ 843 B
705 B 42ms
19ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f419.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

92d125d9c4c2d7e7d8ff450d0fb1cd80c089804fa06663cf1e12ac29ed173c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f42c.svg
s.w.org/images/core/emoji/14.0.0/svg/ 969 B
866 B 16ms
15ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f42c.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

94eba04777cdb147a9359132effa6bf8b0ebccd8c08ba1a6eec4e17e5acd2ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f433.svg
s.w.org/images/core/emoji/14.0.0/svg/ 789 B
721 B 20ms
19ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f433.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

28d63fec48ab0c89355c23de6727b6fe04de522a4760f9cfa8361f7de40a745d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1fab8.svg
s.w.org/images/core/emoji/14.0.0/svg/ 3 KB
2 KB 21ms
20ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1fab8.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

311e6feda5c880a874a7ee52b7665f5d712fb4b3116825ea2e2444592cee4b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f4a6.svg
s.w.org/images/core/emoji/14.0.0/svg/ 517 B
635 B 21ms
20ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f4a6.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

17ab064814a33763fc58aca9e62a5d93078e45e0f4a10e6baf402d5396833397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f942.svg
s.w.org/images/core/emoji/14.0.0/svg/ 3 KB
1 KB 21ms
17ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f942.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

7b4eac0591ab31e4231a9783803f7800870ed2f46acd9f0cbdef9ec36568f542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2728.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
788 B 21ms
18ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2728.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

9271962e9fc8257ce9e008bde83ac1408a2f196db6142548769f290873b70b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f451.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
787 B 21ms
18ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f451.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

3916390d4395ed16641c0e23d5e5a1bef9de6ce71b02c3941c0ee6f2d899c806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f339.svg
s.w.org/images/core/emoji/14.0.0/svg/ 905 B
801 B 21ms
18ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f339.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

e4811c2a5e7af97359c718a20571660a462910f79d2da7e57cec571b24262048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f319.svg
s.w.org/images/core/emoji/14.0.0/svg/ 622 B
641 B 22ms
18ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f319.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

aafb5b77ba9325aa6139eb5229ed862fd93b44bfc91e34801998c1dd9fde72d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f64c-1f3fb.svg
s.w.org/images/core/emoji/14.0.0/svg/ 2 KB
1 KB 22ms
18ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f64c-1f3fb.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

eff362917fc89734f3ae8e72dfd33454f4b07bf50d368b35310e369d140547d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f970.svg
s.w.org/images/core/emoji/14.0.0/svg/ 2 KB
1 KB 22ms
19ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f970.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

303d516f1985e3bc62aa92d1a55c2140a14435b255a32b4c3bc776a2395f056d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 608A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

20ms
20ms

XHR
application/json

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c70389817a7aca9316b5e9f5b73aef93b631de7bf14c3829fdbf552c5f9f07a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 17 Dec 2023 01:32:03 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 608A 29 B
93 B 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:21:11 GMT
x-content-type-options: nosniff
age: 652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Dec 2023 01:36:11 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 20ms
20ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 17 Dec 2023 01:32:03 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 608A 86 KB
40 KB 28ms
28ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc837edef30da6a54c76a41fc893b3ce9759d5abcdce84b2467bb868ad13aaab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40555
x-xss-protection: 0

GET
H3 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame 608A 50 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 13:56:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Dec 2024 13:56:43 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/FkYumU0Z3bk/ Frame 608A 3 KB
3 KB 22ms
21ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/FkYumU0Z3bk/default.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1eb7f221eefd75d8b00fe87558e5724bb7acbafdc19fee0eab33a0b3a7446fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
x-content-type-options: nosniff
server: sffe
etag: "1679349236"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3434
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 17 Dec 2023 03:32:03 GMT

GET
H3 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/ 22 KB
4 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.GuXS6-6P8w8.O/am=AAM/d=1/rs=AN8SPfrY35p5UgdPn4TtdEjc1Lh8oviZKQ/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 09:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 09:08:41 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.GuXS6-6P8w8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfq9WyBW4LEKGxY5XpehD7d6OpHyHg/ 255 KB
88 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.GuXS6-6P8w8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfq9WyBW4LEKGxY5XpehD7d6OpHyHg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.GuXS6-6P8w8.O/am=AAM/d=1/rs=AN8SPfrY35p5UgdPn4TtdEjc1Lh8oviZKQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e826524250716c7e17af91c57cdf9931686c4531fbe187e37cd5375886eab07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 04:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89479
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:12:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 04:29:12 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 20ms
20ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 17 Dec 2023 01:32:03 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 608A 90 B
134 B 23ms
23ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

370888d40ec733169035ed4acc32f64462c38aef9a40884ed0e5492f7f0369ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 608A 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?MJyHAA
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:32:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 js_tracking Show response
tags.srv.stackadapt.com/ 0
151 B 99ms
99ms XHR
text/plain 35.156.217.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/js_tracking?url=https%3A%2F%2Fitgetsbetter.org%2F&uid=vbAHM54TrwEXEvlzEW2ZCA&v=1&host=https%3A%2F%2Fitgetsbetter.org
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.156.217.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-217-216.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://itgetsbetter.org
date: Sun, 17 Dec 2023 01:32:04 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 608A 28 B
56 B 26ms
25ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Goog-Request-Time: 1702776725333
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
X-YouTube-Client-Version: 1.20231212.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgs4TlBqVmpkQjhJYyiTn_mrBjIKCgJERRIEEgAgaQ%3D%3D
X-YouTube-Ad-Signals: dt=1702776723173&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 17 Dec 2023 01:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sun, 17 Dec 2023 01:32:05 GMT

GET
H2 206 IGB_Video_Faces_compressed.mp4
itgetsbetter.org/wp-content/uploads/2021/05/ 3 MB
3 MB 751ms
750ms Media
video/mp4 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/uploads/2021/05/IGB_Video_Faces_compressed.mp4

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7c75430d7092ac5e5ad8a367eff73968598626ae0d26a730174e01bb645909c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itgetsbetter.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=3670016-

Response headers

date: Sun, 17 Dec 2023 01:32:09 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
last-modified: Fri, 21 May 2021 15:57:57 GMT
server: nginx
etag: "60a7d885-66a3a1"
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 3670016-6726560/6726561
Content-Length: 3056545

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 20ms
19ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:32:23 GMT
expires: Sun, 17 Dec 2023 01:32:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6026 131 B
155 B 50ms
50ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:32:23 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:32:23 GMT

POST
H3 200 log Show response
play.google.com/ Frame 6026 131 B
155 B 38ms
38ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:32:23 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:32:23 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 22ms
21ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:32:23 GMT
expires: Sun, 17 Dec 2023 01:32:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 20ms
20ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 17 Dec 2023 01:32:23 GMT
expires: Sun, 17 Dec 2023 01:32:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 6026 131 B
155 B 46ms
46ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d23221b6/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 17 Dec 2023 01:32:24 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 01:32:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c0.wp.com
URL: https://c0.wp.com/p/woocommerce/8.4.0/assets/css/woocommerce-layout.css

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 17:01:03	Name: X-AB Value: undefined
itgetsbetter.org/	1970-01-21 01:45:12	Name: mailing_modal_displayed Value: yes
.itgetsbetter.org/	1970-01-20 19:09:12	Name: _gcl_au Value: 1.1.1341389555.1702776713
.tiktok.com/	1970-01-21 02:21:12	Name: _ttp Value: 2ZeJfMBvxkIt6iKjCxp00En47ZW
.itgetsbetter.org/	1970-01-21 02:29:23	Name: _scid Value: cf209d6c-3e77-438e-99e0-3c2f2c04d215
.doubleclick.net/	1970-01-20 16:59:37	Name: test_cookie Value: CheckForPermission
.itgetsbetter.org/	1970-01-21 02:21:12	Name: _tt_enable_cookie Value: 1
.itgetsbetter.org/	1970-01-21 02:21:12	Name: _ttp Value: wfrymistaJUUcF9LPue54TSK4PP
.t.co/	1970-01-21 02:35:36	Name: muc_ads Value: 6df21276-34c6-45e2-a588-f130d931213b
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: fm-PDOBqY2A
.itgetsbetter.org/	1970-01-21 02:35:36	Name: _ga_Y69L8SW4D9 Value: GS1.1.1702776713.1.0.1702776713.0.0.0
.itgetsbetter.org/	1970-01-21 02:35:36	Name: _ga Value: GA1.1.1957050522.1702776714
.twitter.com/	1970-01-21 02:35:36	Name: personalization_id Value: "v1_78KHpILqbM11N/Q6ZmMNsQ=="
.itgetsbetter.org/	1970-01-21 02:29:23	Name: _scid_r Value: cf209d6c-3e77-438e-99e0-3c2f2c04d215
.itgetsbetter.org/	1970-01-20 19:09:12	Name: _fbp Value: fb.1.1702776713737.1607597365
.snapchat.com/	1970-01-21 02:21:12	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIhhCH74B4BcfbvkRVB6SpLp7PJEqvHHoYnWj0jBKL3FQbfIVfuNwyAAAA
.twitter.com/	1970-01-21 02:35:36	Name: guest_id_marketing Value: v1%3A170277671372424409
.twitter.com/	1970-01-21 02:35:36	Name: guest_id_ads Value: v1%3A170277671372424409
.twitter.com/	1970-01-21 02:35:36	Name: guest_id Value: v1%3A170277671372424409
tags.srv.stackadapt.com/	1970-01-21 01:45:12	Name: sa-user-id Value: s%3A0-1d95751e-d66f-534a-459e-51d7fa771e41.cMFzBedj5f4fr35X60oylJxbv1eDnfIQU8%2BaBclgNsI
.srv.stackadapt.com/	1970-01-21 01:45:12	Name: sa-user-id Value: s%3A0-1d95751e-d66f-534a-459e-51d7fa771e41.cMFzBedj5f4fr35X60oylJxbv1eDnfIQU8%2BaBclgNsI
tags.srv.stackadapt.com/	1970-01-21 01:45:12	Name: sa-user-id-v2 Value: s%3AHZV1HtZvU0pFnlHX-nceQSU6OQU.H6KH5ddnc0Nv0uJbunNPWOzX8d2E2uQVrRsi3z3Cde4
.srv.stackadapt.com/	1970-01-21 01:45:12	Name: sa-user-id-v2 Value: s%3AHZV1HtZvU0pFnlHX-nceQSU6OQU.H6KH5ddnc0Nv0uJbunNPWOzX8d2E2uQVrRsi3z3Cde4
tags.srv.stackadapt.com/	1970-01-21 01:45:12	Name: sa-user-id-v3 Value: s%3AAQAKINpRRmY3aqtA8uDzcbZJU5LOpnkBzGbXgGi365e3PO-0EHwYBCCJn_mrBjABOgQ8w7t9QgRm6V8s.3kYL8MgJMcey9aRKBJj47IngFRC03KSDPRY329jYYwg
.srv.stackadapt.com/	1970-01-21 01:45:12	Name: sa-user-id-v3 Value: s%3AAQAKINpRRmY3aqtA8uDzcbZJU5LOpnkBzGbXgGi365e3PO-0EHwYBCCJn_mrBjABOgQ8w7t9QgRm6V8s.3kYL8MgJMcey9aRKBJj47IngFRC03KSDPRY329jYYwg
itgetsbetter.org/	1970-01-21 01:45:12	Name: sa-user-id Value: s%253A0-1d95751e-d66f-534a-459e-51d7fa771e41.cMFzBedj5f4fr35X60oylJxbv1eDnfIQU8%252BaBclgNsI
itgetsbetter.org/	1970-01-21 01:45:12	Name: sa-user-id-v2 Value: s%253AHZV1HtZvU0pFnlHX-nceQSU6OQU.H6KH5ddnc0Nv0uJbunNPWOzX8d2E2uQVrRsi3z3Cde4
itgetsbetter.org/	1970-01-21 01:45:12	Name: sa-user-id-v3 Value: s%253AAQAKINpRRmY3aqtA8uDzcbZJU5LOpnkBzGbXgGi365e3PO-0EHwYBCCJn_mrBjABOgQ8w7t9QgRm6V8s.3kYL8MgJMcey9aRKBJj47IngFRC03KSDPRY329jYYwg
.classy.org/	1970-01-20 16:59:38	Name: __cf_bm Value: aaVq5w5kNZgM6R7NEhbhSDygBmwLJIX6FyWlw.WDxSY-1702776713-1-AZaCSYzkgtuuUIgxMKzw9lQbxKnUe2wIBDDJpJ9Asv1hKOPIHEX5aTriVHzTa0tnsPKONMbxY2Y8O1I5Z3dxbsc=
.classy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: louKT2xQJaaYHgE7nJvv0fKfISBKCjs62wJyBYCrvME-1702776713987-0-604800000
.itgetsbetter.org/	1970-01-20 16:59:38	Name: _hjFirstSeen Value: 1
.itgetsbetter.org/	1970-01-20 16:59:38	Name: _hjIncludedInSessionSample_2965374 Value: 1
.itgetsbetter.org/	1970-01-21 01:45:12	Name: _hjSessionUser_2965374 Value: eyJpZCI6IjE2NDQ1NTQyLTRiYWItNWMwYi04NTFmLTE3YmE1MTQ1ZGU5MyIsImNyZWF0ZWQiOjE3MDI3NzY3MTM5OTgsImV4aXN0aW5nIjp0cnVlfQ==
.itgetsbetter.org/	1970-01-20 16:59:38	Name: _hjAbsoluteSessionInProgress Value: 1
.itgetsbetter.org/	1970-01-20 16:59:38	Name: _hjSession_2965374 Value: eyJpZCI6ImYzYTI1NTBiLWNiNjQtNGFlYi05ZTVlLTc5ODc0NTM2ZjRiOCIsImMiOjE3MDI3NzY3MTM5OTgsInMiOjEsInIiOjEsInNiIjoxfQ==
itgetsbetter.org/	1970-01-20 16:59:40	Name: _gauges_unique_hour Value: 1
itgetsbetter.org/	1970-01-20 17:01:03	Name: _gauges_unique_day Value: 1
itgetsbetter.org/	1970-01-20 17:44:15	Name: _gauges_unique_month Value: 1
itgetsbetter.org/	1970-01-21 01:45:12	Name: _gauges_unique_year Value: 1
itgetsbetter.org/	1970-01-21 01:45:12	Name: _gauges_unique Value: 1
give.itgetsbetter.org/	1970-01-21 02:35:36	Name: connect.sid Value: s%3AZLSwwzl2Fh6XP90PsYVw0SrtWpLAj46f.YM48kruhOYqFnjtNZ67npVl8YTmvlrGBPOH9QssxYe8
.give.itgetsbetter.org/	1970-01-20 16:59:38	Name: __cf_bm Value: FJFQ8GRg1PKB0oKpCk.8cRmaupbxlapgRXlU7ghLeko-1702776714-1-AbYderditY2Vf+zK83EPhL9Ey6X3N6238NN4CxO9M6wlKhHzBYYMRUBTBk/3QuZBbzlcO0UgnHMXwIfybrUCLCc=
.give.itgetsbetter.org/	1969-12-31 23:59:59	Name: __cfruid Value: 1e1c0f126f1fd2667408c6a138f9745505eab81d-1702776714
.give.itgetsbetter.org/	1969-12-31 23:59:59	Name: _cfuvid Value: WsIg7HaI6WtzjuJEoT_r0pK5WrwD_8WgA3LZ_uQ6eo8-1702776714956-0-604800000
give.itgetsbetter.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: TqnR8Cfi-6A0to7ApA5l3mBxSPTZ3osmfKWc
give.itgetsbetter.org/	1970-01-20 16:59:37	Name: XSRF-TOKEN Value: eyJpdiI6IjMrSFlhMXZHeTd1Sld1NDlIRURmWGc9PSIsInZhbHVlIjoiUnFWNHdVT3dnVk5PTUJXVUxHQ1FzMjRzVUYzaFpWeTh4RWJKam0xSkZwMVFKaXZxTU5NWDNhMWtHTFFNdlB2SGFwaUJiSWZ1Y2Nxam0raHM2bkJhRjdGdzhnWVpjWXNyRnZYYlVSU083d1FKN0d5cXhOMkhlQVhpN3k1R3dGZE0iLCJtYWMiOiI2NmM1ODBlMjc1NjE2NGYzOGVmN2M5MmIzYmFhMzgwNTdmZGYyNzdjYTRmNWI4M2U4Mjc5ZmQyYTJmN2U0ODc4IiwidGFnIjoiIn0%3D
give.itgetsbetter.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IkdodGljUFAwRUphK2JZTkpRbmthMUE9PSIsInZhbHVlIjoiR1Z4OW5sVEtrb2pQYVdXMm9GMkxmNERKc3lKQURLWE1haFFkYzBhcm1Qa2JXRER5Y3RwUjNBNWxMN0pxdzdNdU5ad2ZuT0cxV3BCcXNtMmp4NEdpZHczV0pQYThadU1STWpHRkEyaWZoaEpnOGZZdUR1MVI5NjNWRVY2WVlvdHIiLCJtYWMiOiJiMWE0NjY0ODg1ZjQwNzIzMWE3ZTQ1OTY5ZDc5NDQ5YmIwNzhhMGJkNmY3OWNiZjYwYTJlMTMyYWVkNjEyNzg1IiwidGFnIjoiIn0%3D
.google.com/	1970-01-20 21:23:07	Name: NID Value: 511=Rtqg4LW6w7NCpkeDNfxAjbqUzVELOFp2exeMVQdPo3qpwJtT3OLhPQWUypPJRuDPPQGrFjmL6eRZ8EX_S3WqM_wznK_zrp6_7cFRfeY0r9vDb2Q1WcsiiGcojBFxu66QOB8v6S0vqUQ8bDOrkwtmoGrt9eFS-FS3hrvJLQvosiQ
m.stripe.com/	1970-01-21 02:35:36	Name: m Value: d905ad18-081f-4d7b-8e03-18a889c8c1187f514a
.give.itgetsbetter.org/	1970-01-21 01:45:12	Name: __stripe_mid Value: abec21aa-75cf-4545-b72f-705245eac9836e7c71
.give.itgetsbetter.org/	1970-01-20 16:59:38	Name: __stripe_sid Value: 2a9cbbf3-8158-4e0d-957d-1591aaf1e373c3c100
.itgetsbetter.org/	1970-01-21 02:35:36	Name: tk_or Value: %22%22
.itgetsbetter.org/	1970-01-20 17:03:55	Name: tk_r3d Value: %22%22
.itgetsbetter.org/	1970-01-21 01:45:12	Name: tk_lr Value: %22%22
.itgetsbetter.org/	1970-01-21 02:35:36	Name: tk_ai Value: 9C3UvXEKeFUtPVm4Asi71crX

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/1725067124456859?v=2.9.138&r=stable&domain=itgetsbetter.org(Line 137) Message: Unrecognized feature: 'attribution-reporting'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/www-widgetapi.js(Line 1254) Message: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

149352635.v2.pressablecdn.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
assets.juicer.io
c0.wp.com
cdn.plaid.com
cdn.transcend.io
code.jquery.com
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
give.itgetsbetter.org
googleads.g.doubleclick.net
htp.tokenex.com
i.ytimg.com
i0.wp.com
itgetsbetter.org
jnn-pa.googleapis.com
js.stripe.com
ka-p.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.classy.org
pay.google.com
pixel.wp.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
s.w.org
sc-static.net
script.hotjar.com
sdk.classy.org
secure.gaug.es
static.ads-twitter.com
static.cloudflareinsights.com
static.doubleclick.net
static.hotjar.com
static.juicer.io
stats.wp.com
t.co
tags.srv.stackadapt.com
tr.snapchat.com
tr6.snapchat.com
translate.google.com
translate.googleapis.com
unpkg.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.ru
www.googletagmanager.com
www.gstatic.com
www.juicer.io
www.youtube.com
youtu.be
yt3.ggpht.com
c0.wp.com
104.244.42.131
104.244.42.133
13.32.121.38
143.204.207.250
146.75.116.157
151.101.128.176
18.66.97.53
192.0.76.3
192.0.77.2
192.0.77.37
192.0.77.39
192.0.77.48
198.137.150.81
199.16.173.70
2.16.62.104
23.38.98.10
2600:9000:2127:b400:2:8531:afc0:93a1
2606:4700:20::681a:c57
2606:4700:20::ac43:4743
2606:4700:4400::6812:2844
2606:4700::6810:3965
2606:4700::6810:7caf
2606:4700::6812:7c49
2606:4700::6812:c55f
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:4013:c05::5c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::649
35.156.217.216
35.190.43.134
44.237.23.177
52.143.247.24
54.147.159.60
54.187.119.242
54.75.201.254
65.9.95.68
65.9.95.80
006a2b313915b4c2dd538d1316e935ba593bdb7793a21a493b05de60473769c5
0124917c59a93618b06ef9e92b9337df24e196fca3ce4b3f011f0ad700c39c3a
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0200bc38d986631f9cc4680084d7d263ccf17fa4a3c627b26ff347e0cfcf1d47
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
03d27c71ce9e1f4da7c9948f62f6e43900a6377b66879400d0f9587218326124
03e3d973f01e89523591a9bdde4b8353e6c3d095e7c7734056dc046c9b00a0ac
06d9c9326c7fa24c99554f45c49585782e6f1207e942cd8afdb71422ff2d59ac
07e09c1b140e3c66ab99a7afbf2462ec8aada23e2dbc97dd76a4430d8f9d62b2
0855f79cbf2d0acd4534da92cf91c831e2a987b98dbe264282a69e142fb6b81a
08c4f8203773f0d8c0820bd606e09d4ab1407d995c015a329e8f2ca737e141ce
095da7dec9d6b776685a93d027a4054dfe345783a6c9d040f926cb1d4230fef8
09de594226b72397977af42907bcac46d6248ba806bd88d22bc93733325b1541
0a7b0a284797adccf96f301f77028fba8f187bba33267584582d77a50b2926d3
0bc3ce70fb26bcc1efac28db69e5a2961c1d173724922b01053140e34d9138f4
0c1e77e2386d57fba1e4ff9b819788731310871bc158a3588394fd5159745948
0c71106628b235959659a80caca8df6f9e8dfc9eac825605e79d2738726f287d
0e459102d172831a8eeb317d128fa35e0a749f9a6406a8a4f360f47ed6a82878
0e9eafa16a3ea77f0df3303e7ad366c5641df015f609c9c4be9fe338ddfced91
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0eda3bbcc77386f76ecb2c9f4a78c7bdb1059892f64e912c6aac3b4e7f81a62c
0faac6667b9444d10e4d1d4b3551491e48687f885f612b88379c1c2f8e4f3447
0fd285e85a0833012cd1a4904d7736227f2f26884e84c653718678178c8f7a07
1000a3c9ed8e7727afdf20b9d8dad7f3a1f885a0d21f6ebba2af9e674c1c1580
11241468ecf36202cff1d14a70ac7a56ee69e77c7ee8d1835288eead918de205
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
148f8b31db59c14b3a649f5c3d3ddbd85f061aa23e93418966149aea03afbcf9
1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8
15794828b4a570d8200f86adc3c07657f6939022d2120f31ba031de2af5421db
167ee4702e76b96cfe396221bef5630f2182e4148a3406c303992ab2f44c357a
16e5e97e660fac33acfb007f46f668c9ca947d89c73e100fe4a5f91f3d5133db
17a408bf3a3aeb1cf6fffe16bfda1126ff1a4d996ea28ea3b85bf5dcc3a6c1aa
17ab064814a33763fc58aca9e62a5d93078e45e0f4a10e6baf402d5396833397
17b408dfaca06b735d6b006ea17fefd0dd6c8aa8c4b11da4863d0317d5c16bd8
18be65efe73612e4b002392884e349dbc3e859171a631163a9d8edb4bbaf8940
1951eab5e4c010d98562c6425faf813ca2e0b44e1483e293c12499208574dd56
1a350b06a5af92f574257688acfb38dc3638f4b6753358aecd43cb8e74bac6ed
1ae9be0de86ea5204f07a8baa11bb5ba1aa1d6ed4e8cf7d10c8fbd7160661954
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a
1eb63ab6ef15987ab229241ca2fd8da090d9a7d1ee5406fe8118d0acaf9fa386
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
20ac027ad49317ebdf76a19e606ccdf892924bdce3996d90af1ed4cabcbe1de1
22808b48a5290f2910aaa66a123440621dc67427728ab22518c8e136c3d7be85
236fb88931feead5473c70f542473d5dc064578ffb45ea743414720e2aea3929
23dca5372d66da8f8d2f2df62e684a4675def324a17be322e592f477a783b754
2424168cadb83032d5693cd188279942641745391f4bca473d1c83585f3c7e4f
24461e8609af6616b65acb3145728531e2470e8f3fef3373f8764cee4ff3d500
2482c85f93f2c17c36be2b6feffe460436bfa18ec62fe4efcfabeaad5cdf471d
24c50da5304d6ce8ec81d988c926f3ebd7dc438489952772052a7c152dcf8756
26638825653a95442df1b6a3910341dafbfff1cd0b2aa3bace865edd4a8d1a08
26b2472688f89977e2fb712267021234390bdfe5ec6fa9f533ff23b853b73798
27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
27e896d440c77cd698ac77e0a62aae776c5ad104b3f8df59f5896b88b3b43a9e
28d63fec48ab0c89355c23de6727b6fe04de522a4760f9cfa8361f7de40a745d
28dbf1bfa9461838186542b43adf9dac9666b439de4cc026b2c2416784161bb7
29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b3f86a5519461bf7afb2a8587e94830b00edecb94fb1c1cb0ae0b4e897f0ead
2bcc6d8a3ce5d6635877ac053cb215645bfa74d86a1f3fea14d37864d4227347
2c31daae8b67df28286a285cba84cafe86ff3d2a9043bb26deb93d41156de489
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f167ae1780938fa19464993733924d0d078d5f5ce7955a596a55c210cb36cc8
303d516f1985e3bc62aa92d1a55c2140a14435b255a32b4c3bc776a2395f056d
3073bd17061938f0b03a1cda1ed31d8e0f4ac3c5003ad3b38d9c7e2e837eb81c
311e6feda5c880a874a7ee52b7665f5d712fb4b3116825ea2e2444592cee4b94
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
353483a66fe92a11ebbe734da83f47f6d0526a75175a05e5fc6ec7b2d4890c3a
3570bfba53e8d72faa85cc930f04176d45ea79d7b36d8130623d5afd30c27075
370888d40ec733169035ed4acc32f64462c38aef9a40884ed0e5492f7f0369ae
38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458
3916390d4395ed16641c0e23d5e5a1bef9de6ce71b02c3941c0ee6f2d899c806
3ba5387729ccfe1bd125870a2d0d64d7db0b71e7c16403c9700a88b7c5ab344c
3c9f933d72a7bd02697d7107a9f1ab3d66cba302fc93adb24b1d826f44a99e45
3ca4d6df311da0b41ee14e75717db5a290acc8c6f0e0f020b638dd080e728492
3cf22b9a3c15bf0e20e085ed0b039686cfae3b53e4ca7d1bee1ef843aa1e98fc
3d72ceb6ab36c5f948e7a13ed3c55d48a65df90bbc7a89d6f698182e331bb868
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f631e6316191fa33655184b7eb8fe3a9941ee26fbbec21b1930349e2a70b9d4
3f7af01f4d8414f9dfe9e2dc0f693ad62b3081e7a345aee612114e4c4aebcd2e
401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349
4191fa9ea3f4c7d34cc2896ee6b7bd75db47a9f0e13e4e4929280f40a747aa09
41a99854a7cd595b7a0a302f4ac8a9a0301e27f979d1efea5c35937b1a4e05fa
423e4d25aa44ebb87acf362a69dc084449650df8fd4f7d325d2f4a136075726c
42b35aef6cb136d6e11834fb43089610eb13bb7ce0323547d559679615db9c4d
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45a590a3b2153cf673ee93ab3832d2159fb1b65caf755ff33aeadaeac3c620c1
48a92fbd0fa61304b08a4455567b91cc7c3a000adac1df1235539a59ee14f4db
498a873a8912a66c10eddf5fb07274c747847eaa3e8e3fb1a14daba3425a980c
4abf322e82c1e642eb0ee166a8dca80581b098c4b6ce21b29610c272e0a20440
4b7b9c0ddaab33312029946c1a9d7a5fa088e1fcf114cf573721519470b7df47
4d65bf866f07b819753c80bca98f75898097a4b3c73074d35f45d440facd01bb
4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13
4e13d3bd6eb7dc170086f2a756b912a19b009df9d47aef62d0ed5b60a60a93f5
4ef393ca2e313100ec52a34d7ea436224dbd7b7064b2cc47374e86d045cb36ab
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5015b2e49faca5b3b14c98d2a3745aa664eca6b7d79822ffb3d21cbb92381538
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
502f615b389454e5ff7fb988c5214bd0aee8f2668d4cd5dc18721f9d9824df11
5202377fd493d6cb7364f4007edf6040e2ab8027f0d9ef0d71291fbe2868a433
52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52d44a082218e83c1ca1cd1eba9515f9b89a9f931deee158a29e3c9f9959e91a
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
54e4e9cd3900a289833fc9ba3079698ba58e18de3ddc819d367fe9618cb13900
555858f907bda45e059201a8a3d8910876ef8d830b9b82cfc0ca9aa55c7b029a
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5834b33dd181a3cf8d3fd6623b1316bb7a8674ce7327bd5700d2f2d46e01a3bb
585d4af3a08847a4604f8796b4841ebf7eaec7211606cc954f88dc9f27c72b28
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6192fd402ade2719852ec40ba5c5f6665f74d30af826d898df44c617bc0a294e
62663a137b91122c393c3039e9add966df8fa484bdbde7a7ae6687583447410e
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
647f0eb8e046a6dfc7f3aaf8b4c5e37de3c3eacb63288cd1e2454bde4b805322
65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf
65f976cffe2202ce71f130a2a4496ca28762a5323229d71ae014d1205c4ffdad
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f7b9d565e432a272c8a087cef5d5bd71a41c4979b2cba3b1e1b8dbe3566388
68947e9ddb590b11f6c1250e1080ff031fb91fddae5b9d41eb307a20ae306e64
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6aa517d72eeb79b4e27d82c8a44cfec0868dfbb4d310935a55201149c80184f0
6b73504b5f33d944a6820f253e4e9d930c553f5f3231b9e5feaf1f4ef41692df
6cee9f8dff2aab298eeeb2f8e731080bb832c14c9cf00de583b9e7e1dcce3ae2
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6d3401e57ca271a7ea8fbba27bc7580c9ac443178ee71976ecdd32db9b517b5d
6e6e45edbffa2dc7f2134e257a1fc88cb79790a78672e220695b6975c5f2b1c1
6f362df700f594c70c744881a38ffcaf3863ef11faa6a67db1645a45849b9a73
708518c451d33d2ce773ac15b38bd20f1c14a426311d8e3b2aec07df38697c43
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
735b2971360c0d29962532aab8d08fad3bbc3b3726d6d97919399cc097c800f4
74ff380b8c978796c3c92dc0d7fd4d439b4d6fa6f2cf0e4f94166e6a0e7d74cf
75685e2c359089398c9a0d617841487e10f64607d7fb1d26e7b1562da3406554
76164d9d399c8baca4656cd791982fdbd043413f39cf1a56c2d36c12ceb0b7b2
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
78d82b67110e48b2e2c570a0d3fa10db72edc69e1c42ab271a5b0c8d59f3edf5
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
79ea29e7ff6a116e3c2d983d73f94e30798465011dcf5a2bb2814303374a98ad
7a98cfd53fb371872ceef03beaed46b74a7e02d44caa34bab76913cccf0249bb
7b4eac0591ab31e4231a9783803f7800870ed2f46acd9f0cbdef9ec36568f542
7bf7cc58e7432bb37298ef81b2e57f478c523575fce8d938652f92aa767254b9
7c75430d7092ac5e5ad8a367eff73968598626ae0d26a730174e01bb645909c5
7c95cad49ca19cee604037d049a7f154fb02b785a95b9d32f99d7efe33cb2218
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
7f19936a920a8171fd23d2e11b15228bf208b542066e72f8689afd2e2f2ce934
7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b
8037fcd91179ff85b140b52acbde121679d944561b7a252ab8e1d6978d826ea6
81cecb4a4686b35edc2526e508c1093fa70f1deaafba8c4cef80183759382c6f
82f99958cafb6f0fbe5988b2a251ed09ef5cb95ae98142d128afaf8703b59fc7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8
8646d8ecf9f4c7fe7cd30e29db092aa9cf2781a5c4eea7a4f10f41024176a62c
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
8961b2078b1f45fffed48094dc24a1a1cc6a5ecf795923f7ad0f05eda5a1e67b
89ac585ad71113a3ce01e3e2361a0c7e9192e72fa5cc67662eaced45d2c1a521
8a7e706df924c35378447275d51e61208da84b4280763fed7da27cc70934ffed
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6
8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758
8cbb165442212630f1ef3fef9321e086db9d58150abeca635dbe767e1f367bed
8cc972b71226ec94578a47c204f06ca46f34494ef1f70acc44a27aa5b5e2d80f
8d1b040cdb0d8a3beb3dedf8127c8b3a10f77250044dc1d932f25bf0d5ce469f
8e84d0a90357d43c325884bb41a24006bcaa24cc59f2c353986f2655eb57a90a
8f00e02f500d94f76252907440c93fd2ac4d413477081e985c3e42ff8e730ed2
8f6f0330ff8ca70fb334728244bc5e4ff78a6b30fdd032e8b6108f6422891bec
9271962e9fc8257ce9e008bde83ac1408a2f196db6142548769f290873b70b93
92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42
92d125d9c4c2d7e7d8ff450d0fb1cd80c089804fa06663cf1e12ac29ed173c54
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
94eba04777cdb147a9359132effa6bf8b0ebccd8c08ba1a6eec4e17e5acd2ac6
95e877a86db1f072d5039946c2ff76ea5848d155a6d98df2b34ade6579572e04
9669a10126dc3af0dfb585a7d1f1359638262289968aa7c202ad70de3371f073
96d70003b221c72dd2af79fbfd27ad44b934900286b204e62f25b069eda84571
98b7d90beeaf2d2944f47d2c001be5d943d1b6306bbf7dc27c240e092ed8544d
98f52c585d499ea7132a6b0c0feee576310ff9ca667cfb8b1b156811d5a89e8f
9ada11b91b8834fa00c5367126493ed9bc3272be510db81d0928ef733318c4c7
9b54f318ed5b86ee239a5b26539e7587d672975595e19de46b23384087e4b086
9c197c685d1cfde9e68e198bd0c023f58202efd10e5991a58aeacb01db67f844
9cb482e4bbe7ddb2e5c64230d4bf9e90f5b0b41ad1c503a7c888ecff4b72fb87
9cece2ee9c97d9ef7bce2fb6aff036dee86bcdbd437b8869a278136ed87f4c2f
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9e1f1cd3369c758e19b92899eac17de20750b6888d0600673811208162dab08d
9e8189a6b9d88051b90735e02168330e7faecb461157e686314ab82c29a18cf5
9e9eace97f5f8cf4982c875c3cac72f504b1620e0b86d8bec2bf0cb511e05c8f
9ed9e6f1a0e7db46c951859be33131dee436a1e0405021ddf76a814f23b8a3eb
9f16cb5e1a914039eb9fb00068f5e612b1f5d4be87d04cee88fbe1c827ad33a0
9f84e49b2ad5dc9b81f3c381d2c732208a841e340cddb194f1b9cc761123ffb4
9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90
a0855f389039bbbbcd14bbde660900af5d214e851c2b58bb3f550a1e52932cbc
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a6914ac53aa3855febfe548abb43a66d1df9e1272656c8c378074e0680de2398
a7049b5d9f001fec947060ee2cb8fe10a868af28ac081bfd494949f1d71c5716
a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f
a82f47323ee6ab4f06c4ff619a0ef63855b6896c2fc3e79387b0ee9b3dd80a1b
a881cb6eae7ce1135a298d64c865ed30fb32d5acc31b19b8ca2a401d306a7146
aafb5b77ba9325aa6139eb5229ed862fd93b44bfc91e34801998c1dd9fde72d8
ab0f8883e48816a077e99d6a5ffc6cd2b3dda53b700e8a67438aee68e7af6732
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad1a9d38fb19479061ecffb38db571f803ccbb15e0d51d1523ab219ea568d550
ae8dc30169c584dba638269e03ab9abd26c248beaf4bdbb0b65e15a1d29ea775
af5147e593f6a8dc6f6329c4fcbe2f8f512662d1afaf26bc2a3422643bb3f71e
b0627e3c20e0eaac0d740514ee496d5cb00597819f9b70e211d93d7c398ec410
b0665a16f0f78a80f527b00fe5463d469e79d1288a7389b19a0452596c9c9749
b06bb41004d7fcd9051c499749c319244ffdacf890af122d1b9be2f413fb43ea
b09bbc10887550bcc13732c26f52ebf50bb347b310978bf08271e13a34c8b3cc
b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b34ec350f6dc9a300482363eb65082d9974412ff9db7ee4a53b49e1999045297
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
b400236e532466354be554a16cddd1ab9231066ac4730382df1dbbd08a395e7c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7bc3b9fb8a119aa279b4b7ad5c778393eaecef6a8786673601309fc71cb4e8b
b8c060b7c9da431891f0a1473f91f55718a85d7228063dec56a626507f7c9cf6
bc837edef30da6a54c76a41fc893b3ce9759d5abcdce84b2467bb868ad13aaab
bd44e1d4db19744c519d1d6490873ca76f8894680b6bfd529d89585196cb9cf7
bfd761a9c6e6c5c0f50a303e473b15669ed19851fb18b331008b281c9fd0caa4
c046f278de5092451d72870f6205ba519550a6b5911369b46d9edc2095e304d7
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c360d10c38b63a55255ad2264a2c8826587a36de09ce8ee4fb1b2861d56f5765
c401b382447a3cc9927a0a47d018c03c540df4d451d6967089a1bf97d95ed1a6
c4f3e54234d954492686d0c340031058d44f93a5dc2b75d565a40c08da36ce1a
c702a0e67c54d1c8eae87a2b5f04d79ffda92dc7581e849be96f67eb40bf1abe
c70389817a7aca9316b5e9f5b73aef93b631de7bf14c3829fdbf552c5f9f07a0
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
c95a52255502607fbc12722fb5e4e0b3ccdc44c4df9ffd5c17546bbbad547b63
c9a9b73b35b559533ae8c80db712ac4b69268fea5aece862b51969b65f316630
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
caa8008ee6dbae76478943d4d233519d362e75858f9c9928090b5928cda3b2d8
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d065099ccf0a0a61ade77c45457a9064ce7566f1bd58306608e3caad1ba15c9e
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620
d5b49d58a385787d0fb60f7191a7907f9806aa2e0fa7b75e45478653c5fe5636
d687a0d232c224f4d57c7ef38afd2671c4583344481eae34e639875a0a443b2a
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d715d803774712817e0843a429bdee439b10a425f9426b02743691fd225da8ea
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d92c0cb8715f872b995e9166602b68fd389905b7942fe245ce0eaf9ae9743686
da07fd308f8d7753e8c5218ab4757e53258b5721db310acc1c4ebd15f4711b86
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
db7fb0d2d815f32f28ec22cb27abc0ed6bda4f64f1f4f975d04f5157df92176f
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
df31f580306f20d0fbc3c931bace1463fd32478940fdb809693c4cdd2010e47b
df8e73db73fe59b1404a69ee2f3b41da9423e4185fdc6752b8db3f9e44689b62
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4811c2a5e7af97359c718a20571660a462910f79d2da7e57cec571b24262048
e51715b433bb4c6241e6f0bd1feac72b89668a7f323a9bf576a1ec97ea26c4e1
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e7cc3ea52e6a5e1ea3e0938fb9df73529604f82147154f3f4d69e6b580bbac02
e7f60edc6dd5df77558960aee08f6e4b3b63d28a4e313c1781d1d2f85f97da6f
e826524250716c7e17af91c57cdf9931686c4531fbe187e37cd5375886eab07c
e8d62871a4937a6fa0b3cd0ec07d890468cdb93c086b107c5f3b2d0ac7cdbe6a
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb3dc9d945c295c2591ca055f94a70be1de81642c9561800c24ca2d6cd2ae5d0
ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7
ed441934aaf91c6a3dede178627296ae9249e04b3a13fe8895bfd43dc2a27c1b
ee11928e9a31b92c22b88f0c49dae1f791043fe071dacf46b848efe85254c003
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff362917fc89734f3ae8e72dfd33454f4b07bf50d368b35310e369d140547d7
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f0fc7af60b98a57cccf7d5d7ea6e10f640db6f7553fb131e991b120dd6a62e6e
f1eb7f221eefd75d8b00fe87558e5724bb7acbafdc19fee0eab33a0b3a7446fd
f27902b2b9390fb8b4b9b4239b762bc52fb4e6e2098d3dfecc1fdb37c9431b8f
f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3
f2f94f7fbc53e6454a3781287a15449eaa44e64a98a238a9be67410bc2c3afc2
f3025cb2afeb54d4dcb1ca02606b0e2e48639ee78a9d55ef4e9a80767351e118
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4125873a800fd8df636016b1d34e0af85e54abb5a1a06e26360e8f2af1d2eba
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5d443de6f68d2fa95c8f5493cf7e248b5025615c40333a24c4eda1366626ca5
f70f8ae9e901910b342fc2ffeb47668d9f504e4e26a68279d02c72c84035bee9
f7b8e0ff2ce575f80ab74fbefe460a2de27bf402f929646f38bccad6a87e5410
f9307bfc8d9261402d1e44aa45a4ab1e133dabe80c84172fa4cc2d23acaa4487
fc1f36d89ddb377187edd50e7e1cbb9511baa256f6c57711f02601edab716361
fdd3d080b3efdafd916a7f950f339082a53a3832f3d9d13577b0664abeec587a
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

itgetsbetter.org Open in urlscan Pro 199.16.173.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

483 Requests

99 %HTTPS

53 %IPv6

39 Domains

62 Subdomains

53 IPs

4 Countries

19597 kBTransfer

45626 kBSize

55 Cookies

23 Outgoing links

Page URL History

Redirected requests

483 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

itgetsbetter.org Open in urlscan Pro
199.16.173.70 Public Scan

Screenshot
Live screenshot

Full Image

483
Requests

99 %
HTTPS

53 %
IPv6

39
Domains

62
Subdomains

53
IPs

4
Countries

19597 kB
Transfer

45626 kB
Size

55
Cookies

483 HTTP transactions
7 data transactions