urlscan.io logo urlscan.io
SecurityTrails logo

gijn.org Open in urlscan Pro
141.193.213.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3tpmrDj
Effective URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Submission: On September 09 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 18 domains to perform 143 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is gijn.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 13th 2023. Valid for: a year.
This is the only time gijn.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
31 141.193.213.10 209242 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
28 172.67.72.38 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
3 172.64.162.27 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
19 76.76.21.123 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
143 23
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
31    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
gijn.org
5    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
28    172.67.72.38 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.fundraiseup.com
static.fundraiseup.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-ad-auris-tts-app.cloudfunctions.net
16    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    172.64.162.27 (United States)

ASN13335 (CLOUDFLARENET, US)
fndrsp.net
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2001:4860:4802:32::35 (United States)

ASN15169 (GOOGLE, US)
dynamic-widget-service-l72twop3ra-uc.a.run.app
ad-auris-logging-db-l72twop3ra-uc.a.run.app
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
8    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
19    76.76.21.123 (Walnut, United States)

ASN16509 (AMAZON-02, US)
narrations.ad-auris.com
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:80e::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
Apex Domain
Subdomains		 Transfer
31 gijn.org
gijn.org
253 KB
28 fundraiseup.com
cdn.fundraiseup.com — Cisco Umbrella Rank: 39457
static.fundraiseup.com — Cisco Umbrella Rank: 37065
1 MB
19 ad-auris.com
narrations.ad-auris.com — Cisco Umbrella Rank: 293946
356 KB
16 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
2 MB
9 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 253
storage.googleapis.com — Cisco Umbrella Rank: 451
62 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
96 KB
8 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
static.doubleclick.net — Cisco Umbrella Rank: 307
2 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
405 KB
4 run.app
dynamic-widget-service-l72twop3ra-uc.a.run.app — Cisco Umbrella Rank: 236476
ad-auris-logging-db-l72twop3ra-uc.a.run.app — Cisco Umbrella Rank: 302780
533 B
3 fndrsp.net
fndrsp.net — Cisco Umbrella Rank: 35957
1 KB
3 cloudfunctions.net
us-central1-ad-auris-tts-app.cloudfunctions.net — Cisco Umbrella Rank: 195281
679 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2541
www.google.com — Cisco Umbrella Rank: 2
29 KB
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 232
7 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 105
107 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 497
17 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5643
408 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 351
6 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6598
335 B
143 18
Domain Requested by
31 gijn.org gijn.org
27 static.fundraiseup.com gijn.org
cdn.fundraiseup.com
static.fundraiseup.com
19 narrations.ad-auris.com cdn.jsdelivr.net
narrations.ad-auris.com
16 www.youtube.com gijn.org
www.youtube.com
8 jnn-pa.googleapis.com www.youtube.com
5 www.googletagmanager.com gijn.org
narrations.ad-auris.com
www.googletagmanager.com
4 www.gstatic.com www.youtube.com
www.gstatic.com
4 googleads.g.doubleclick.net 2 redirects www.youtube.com
4 fonts.gstatic.com www.youtube.com
3 fndrsp.net cdn.fundraiseup.com
3 us-central1-ad-auris-tts-app.cloudfunctions.net cdn.jsdelivr.net
narrations.ad-auris.com
2 ad-auris-logging-db-l72twop3ra-uc.a.run.app narrations.ad-auris.com
2 yt3.ggpht.com www.youtube.com
2 i.ytimg.com www.youtube.com
2 www.google.com www.youtube.com
2 static.doubleclick.net www.youtube.com
2 dynamic-widget-service-l72twop3ra-uc.a.run.app cdn.jsdelivr.net
2 stats.g.doubleclick.net www.googletagmanager.com
gijn.org
2 ssl.google-analytics.com 1 redirects gijn.org
1 storage.googleapis.com narrations.ad-auris.com
1 www.google.de gijn.org
1 region1.analytics.google.com www.googletagmanager.com
1 cdn.jsdelivr.net gijn.org
1 cdn.fundraiseup.com gijn.org
1 bit.ly 1 redirects
143 25
Subject Issuer Validity Valid
gijn.org
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
fundraiseup.com
Cloudflare Inc ECC CA-3		 2023-05-22 -
2024-05-20		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.a.run.app
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
narrations.ad-auris.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Frame ID: E17476D9239580B98BF9B41E7A143B89
Requests: 67 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Frame ID: 86235B7F1E0A9F7C06B250D42F2FB538
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Frame ID: F8561C6EEE85A582C3399D7253A481CA
Requests: 20 HTTP requests in this frame

Frame: https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
Frame ID: BF860289973F9A56A3A0A012E41AE393
Requests: 5 HTTP requests in this frame

Frame: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Frame ID: E791DCDE71130B5EFA4EF5192B863A5B
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

10 Tips for Using Geolocation and Open Source Data to Fuel Investigations - GIJN

Page URL History Show full URLs

  1. https://bit.ly/3tpmrDj HTTP 301
    https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-invest... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

143
Requests

97 %
HTTPS

78 %
IPv6

18
Domains

25
Subdomains

23
IPs

3
Countries

4475 kB
Transfer

13634 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3tpmrDj HTTP 301
    https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1756518622&utmhn=gijn.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=10%20Tips%20for%20Using%20Geolocation%20and%20Open%20Source%20Data%20to%20Fuel%20Investigations%20-%20GIJN&utmhid=702401202&utmr=-&utmp=%2F2022%2F06%2F06%2F10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations%2F&utmht=1694296309681&utmac=UA-25037912-1&utmcc=__utma%3D168268471.882429802.1694296309.1694296310.1694296310.1%3B%2B__utmz%3D168268471.1694296310.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=702028746&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25037912-1&cid=882429802.1694296309&jid=702028746&_v=5.7.2&z=1756518622
Request Chain 83
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 95
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

143 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Redirect Chain
  • https://bit.ly/3tpmrDj
  • https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
116 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
d1dcf8b585bb80f72250e359e0cd545c9218c7452ca2555ef6817b1ac97e3daf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8042a794fb729b45-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 09 Sep 2023 21:51:48 GMT
link
<https://gijn.org/wp-json/>; rel="https://api.w.org/" <https://gijn.org/wp-json/wp/v2/posts/527845>; rel="alternate"; type="application/json" <https://gijn.org/?p=527845>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ur9CuefXSBC4tSE2eXf0CZdWmj2rZoOeQSFxu8PsFZBPYv3H1Bf2xo25zDQth%2BaDGlp42biV8Fy6Rmb4l11w6O5ecdMCbPCkQo2dWzne4b6%2FUJXYoTHz6VB0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
MISS
x-cache-group
normal
x-cacheable
SHORT
x-dlm-no-waypoints
true
x-powered-by
WP Engine

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
189
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 21:51:47 GMT
location
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
referrer-policy
unsafe-url
server
nginx
via
1.1 google
style.min.css
gijn.org/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-includes/css/dist/block-library/style.min.css?ver=6.3
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1517298
x-wpe-request-id
fd3fe90f23e95764817e86cd8c45fb91
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 19 Jul 2023 11:13:55 GMT
server
cloudflare
etag
W/"64b7c573-19824"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gO9uc1UDdSbcXQiQPF6gQ4iTJkC7LZ2FniYWWjb4V6V2rx0O%2FuB19d37UfHge6IYg8hT1IihHUIvNH6tm57oAIGw0yDfhzwkcasFeY1KOVzmVbqsH3hjKqg%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ac8919b45-FRA
social_widget.css
gijn.org/wp-content/plugins/social-media-widget/ 		2 KB
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/plugins/social-media-widget/social_widget.css?ver=6.3
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e59dd93adb670656d3323a3b3bf614209cdd9916dd9ac1acea5fed28a866f0a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1517298
x-wpe-request-id
ce0802a27d3b6b9c99d7d9429fa71d36
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 28 Mar 2022 18:37:29 GMT
server
cloudflare
etag
W/"62420069-82b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9u4IhrUq2MWPK25%2B2gdegWx9w3oWPG%2BllnedK2Ms61Lt2vGXTbA%2FKYtRq38jJtEt1IxUgNcIAwBY4fztp0S6Ff8w5oMzcQ7FNtMoFdLuev2IBLamRzxiJ7ET"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ac8929b45-FRA
simple-staff-list-public.css
gijn.org/wp-content/plugins/simple-staff-list/public/css/ 		457 B
551 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/plugins/simple-staff-list/public/css/simple-staff-list-public.css?ver=2.2.3
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd927536a19a1583559667290bad2f79ee2994a0bab4a8a2abf1a002e14c2565

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 29 Jan 2023 04:52:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6068267
etag
W/"63d5fb7f-1c9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YixXwcru%2BePHM3gJw%2B4DJxrw8A%2ByzuS6%2BmjAp%2FT13NYvDMF%2FQcoaAafyp%2Fnmt8ZHqKw7EWhdhv8mGfsfVqtpRons39NNqnvevbcQmn56rUu0CvjPNY3pleVQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ac8949b45-FRA
alt-svc
h3=":443"; ma=86400
/
gijn.org/ 		93 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gijn.org/?ver=0.6.1&largo_custom_less_variable=1&css_file=style.min.css&timestamp=2018-12-11%2021:55:08
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
bec4d70b4458b6965f67c6cef110d1a46ebc982308611f4eeb8bb4a626cb1453

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
x-cache-group
normal
content-encoding
br
cf-cache-status
DYNAMIC
x-cacheable
YES:31536000.000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
WP Engine
x-cache
HIT: 18567
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzekuI1Ctxg6ZNRiOfaaTKfClWqMVcvV8S39mim5O%2FWG2SB06HF1x7JP2ycUwOLriYPgN2YwkLlZsIBjnsiGff6lmkWdmm%2FK%2FBzq3WuYgby08qCwWUnFy8au"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
x-dlm-no-waypoints
true
cache-control
max-age=31536000, must-revalidate
cf-ray
8042a79ac8979b45-FRA
expires
Sun, 01 Sep 2024 17:29:07 GMT
slick.css
gijn.org/wp-content/themes/largo/lib/navis-slideshows/vendor/slick/ 		2 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/themes/largo/lib/navis-slideshows/vendor/slick/slick.css?ver=1.0
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f173fbde897c4b5e403c91d99bfc6d671efea799450ca3b11c0d1bcce2ddfc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 18:37:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6068267
etag
W/"62420067-6b6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olIbNjiwnrO1ZWbQVhfwSAmqHVRBxAGELH1e4NBpErqzuenDIehD%2BzfJxxEnveMkzZFzMKrnlObCsAd10ltnGNDBV%2FSjdFQ3WTBrPv5U%2BOzzc7%2BNohsHiD6Y"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ac8989b45-FRA
alt-svc
h3=":443"; ma=86400
slides.css
gijn.org/wp-content/themes/largo/lib/navis-slideshows/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/themes/largo/lib/navis-slideshows/css/slides.css?ver=1.0
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c65ff67fb00c0a3606f626010f9f51a042a8da36f20fa07dd98ba406cf37d851

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 18:37:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
141813
etag
W/"62420068-2a73"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3PQqO6Anf831ZjlNEIcNpWpaRxQHjCqMw%2ByjSXOjUhcaue76I%2By9afz76gQ%2FUOeok30JtDt8fUIUdIzMUozaqoj5a7%2FcapomTKMH0ndjFpLuadYzNXBW16Z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ac8999b45-FRA
alt-svc
h3=":443"; ma=86400
style.css
gijn.org/wp-content/themes/gijn/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/themes/gijn/style.css?ver=1676894658
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7c8214e86e92be7f9539596aab6c72faf5a129711ee5fa6722ad249eafac29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Feb 2023 12:04:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6068267
etag
W/"63f361c2-1451"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aip%2Ff4Rq7Ztd82oj1xMibUMQUzcSQGSKFtRkh6hIMHB6DCEU87VVMlB5vPkQk27G4Q%2BKCC2Cdl6Mo4yofYtUs4QGcBbb36vlLzuyVS5MdSEysBBeTfFVGW0G"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ac89a9b45-FRA
alt-svc
h3=":443"; ma=86400
gutenberg.min.css
gijn.org/wp-content/themes/largo/css/ 		311 B
452 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/themes/largo/css/gutenberg.min.css?ver=0.6.1
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0428e18a04a4b3f666ed7def51b7ad8b0eeed37d79e0037073a084ff203c6c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 18:37:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6068267
etag
W/"62420067-137"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FEuYUekyuUfhCGHJUFtjjUMOUWCA6eljCm1kt5WPKO2xDJONg2wWWsmTbip4k4g%2BFElWBrepPfSCeOWq5%2FaDu3GSzKREykzSOzmzRGQskIH8nuUPTO7ZiZg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ac89b9b45-FRA
alt-svc
h3=":443"; ma=86400
default.css
gijn.org/wp-content/plugins/tablepress/css/build/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/plugins/tablepress/css/build/default.css?ver=2.1.2
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c10bfd761676feda6e280e0d31794b1a8d21279f437ddb817a708d6fe0b72db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 May 2023 06:40:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6068267
etag
W/"6458996a-17cb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2ruaeoSpeh4ERGzUZQXYCOeHX1zmPiqg9Bb2rz9%2BuXpfaHV4I2Oe9r3vUfl5AFrvi7SOxUhIi84hYjfRSQ4lGg1MRgiKnqIvvxLBDVeQk9EhDr6jdwKygTw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ac89c9b45-FRA
alt-svc
h3=":443"; ma=86400
style.css
gijn.org/wp-content/themes/gijn/css/ 		64 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/themes/gijn/css/style.css?ver=6.3
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb824e1aa563232406380294e54413a39eb66c0a72d4c56bb20d7fa864f09d45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1517297
x-wpe-request-id
9c13327ab42c0a6c61cd58a3378a1959
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 28 Mar 2022 18:37:28 GMT
server
cloudflare
etag
W/"62420068-10147"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FUggUQmbz7ACGDz4Su2qpMGO29FkQN2XbTO6Jqe5BwhG3sZME8nJVAhVesuXdG8Jqg%2FvEFrQY8rcobd9Y1SGbUx78EnI4xVW2utTo%2FH76UfaXnJMYcpmOkN"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ac89d9b45-FRA
rggcl.css
gijn.org/wp-content/plugins/responsive-grid-gallery-with-custom-links/css/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/plugins/responsive-grid-gallery-with-custom-links/css/rggcl.css?ver=0.2.2
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
269ecf4b08606b54dc8c218bdf964be9b4647e8eec22c2ae718bdd3103e243b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 18:37:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6068267
etag
W/"62420069-2ecc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5SguqrwlztJH6qvUgfmhmtslhcrDFly602DsFQRvmN7McsMVPxhmQqQGBen07blTcVR0YOwcBdqb5c7kR5oa3j77HFu80pgzbOMvzj7WDWE07A0oyzDsam%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ad8a29b45-FRA
alt-svc
h3=":443"; ma=86400
lroundups.min.css
gijn.org/wp-content/plugins/link-roundups/css/ 		1 KB
657 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/plugins/link-roundups/css/lroundups.min.css?ver=1
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
77da17edd53c05959ebac8ade75b92e9e4c921177ab5d2e833fc03c355217768

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 18:37:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6068267
etag
W/"6242006b-47b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUjPU9db4YogXVIbjHQX%2B5fUwhY7BfToW5Iu7Q4Z7X8lwBls8j%2B5Fg%2FiPTTRg08trSPSTcWU4aXLXSdot0ujYpsJxszcNmiWVJjajj09JNaGaKcSy84HY5Z1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ad8a39b45-FRA
alt-svc
h3=":443"; ma=86400
jquery.min.js
gijn.org/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1517297
x-wpe-request-id
2c6c2fc462fea941bce9fea8a82be0a5
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 26 May 2023 11:33:35 GMT
server
cloudflare
etag
W/"6470990f-155ba"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rn920qVuvXDNRRO2nUkxCk8gBKeH9qzUJS5iLDL50%2Bm2%2B4I4GFqW0V1DlYLIXja7NSlE7bVxi%2B3A5LhyB4p57h3d4acMbNPgtq3KP6zJmqWrpZbGkLudcg83"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ad8a49b45-FRA
jquery-migrate.min.js
gijn.org/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1517297
x-wpe-request-id
a6202e5242787578ec8627828ea054f4
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2Bzxlrb%2BBAs2kB1tKo04lZm6dOk1O18zwVkvEF5RFZ7Toi7R0Amn%2BbVGED1ABHgtzRt6PWowHwJQIQTdcPvo1n3Qq9OqsDpfepYvSH%2F3%2BR0TDmUvSjWW6Sz0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ad8a59b45-FRA
load-more-posts.min.js
gijn.org/wp-content/themes/largo/js/ 		1 KB
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/themes/largo/js/load-more-posts.min.js?ver=1648492647
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fb540111e201fc18122b6f49ce413362cf4add3584c4fcc8bc8708f1dbf322b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 18:37:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6068267
etag
W/"62420067-423"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4qhhvocbv3RWMcaIg7hzJCVCwg0CeRoiG3S5rlxdez50A3v4a%2FLBFAZncKlJboeRe6KW2e6RnUt2qicn%2BTjOplTG7m4r5NIlIisnCtNp07ecOF%2FXCgOB3Jd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ad8a79b45-FRA
alt-svc
h3=":443"; ma=86400
modernizr.custom.js
gijn.org/wp-content/themes/largo/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/themes/largo/js/modernizr.custom.js?ver=0.6.1
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b678670df4d4427305f8f7b564affa7d36d51aaf85987117555e4dc09e731d83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 18:37:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
141813
etag
W/"62420067-2d1c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mIAWG3nWMzKL5vhFo9Dpeg6NNK1gib%2FXsmq7lr8FscdWiIUWF74mUMJogNblJXU8BJwhpAJLmhlzmZxRfAMwr816HzQFrouCTfr%2FrXJLy5UWhwIUjEYMU8Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79ad8a89b45-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		254 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RLEQHEYQ7G
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
497a51c828bd26b0a7bad47d449dfc7118a57a30e828147bd8f4d92f3ad95baa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88616
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Sep 2023 21:51:49 GMT
AZZKZELR
cdn.fundraiseup.com/widget/ 		126 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fundraiseup.com/widget/AZZKZELR
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4231d5357bb8476431ba65f14ed7c39e6597be210f35498c8b0bba5354af4b0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3733878125"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Tf%2FsZKtQ5j7PrHWh3siW1fSiSPt%2BzFAkaWiGIY%2FaILYv%2FssHqGU2rUJo506xHu2oj1HJ53IoFNFog1eBwM%2FiH8cbPP4QD7H1I7omtQo5XEi3x5d2hDu3m%2Fdaau4jjDQIjFw%2BqI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
8042a79db907bc04-FRA
link
<https://static.fundraiseup.com/150b075cc04e.elementsApi.js>; rel=preload; as=script, <https://static.fundraiseup.com/embed-data/elements-global/AZZKZELR.js>; rel=preload; as=script, <https://static.fundraiseup.com/3.1604bcf36e81.async-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/2.7e0fc85c0c76.elements-langs-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/0.76aeeb6569d7.elements-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout.d5dc435ced5a06a819a3.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-vendors.97f02a67fe4e0be197bc.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-styles.12b699ff446d34a41875.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js>; rel=preload; as=script, <https://static.fundraiseup.com/sentry.d5bb4900eafe4c17884e.js>; rel=preload; as=script
alt-svc
h3=":443"; ma=86400
c98820e4-90ef-4dd4-a7b3-1f459bb09627
https://gijn.org/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://gijn.org/c98820e4-90ef-4dd4-a7b3-1f459bb09627
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
script.js
cdn.jsdelivr.net/npm/ad-auris-iframe-distribution@latest/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/ad-auris-iframe-distribution@latest/script.js
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
632f5d2ec53c954857585917f56a7550b164dee985f12f8a3a9de598cf82e9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10811
x-jsd-version
2.0.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA, cache-jnb7021-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"3e15-dyjqUrbQ1kmUdzvZotipUzAjFSc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWBaHQSJBnLu%2FhfaibSqdnPUiQvB7UBO90%2FanVmVrIwPhdEcLVZQJZkVlYyuGwcDe78XBRbYxu%2BjxI6DcJwKIEYougF83lccKb0QPnTnI8Ll5OHy%2Bh1QecGIYOKob%2FxsKgh6WLIMN45YdiRdMtk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8042a79bbdaa9280-FRA
Centre-for-Information-Resilience-logo.png
gijn.org/wp-content/uploads/2022/06/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gijn.org/wp-content/uploads/2022/06/Centre-for-Information-Resilience-logo.png
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
28d07f4357439b5e43f7c406e7d33d9034b1b5d0a49832c810a77d651f606c88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Jun 2022 15:35:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"629a2a2c-442c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEjXSgFbT6Bkyl6pGqTHMOE24MFrFiU%2Fy7mpmRajoa63q3L5K2jnEaeqDJhxKq6UUxqgXjW3wL%2FPSc1PkIIXae8qCGp8nSbb6IG4eu%2FdbfkJ214CHrHOiAdr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8042a79dbdccbb80-FRA
alt-svc
h3=":443"; ma=86400
content-length
17452
gijn-footer.png
gijn.org/wp-content/uploads/2013/02/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gijn.org/wp-content/uploads/2013/02/gijn-footer.png
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c60e6d3bf82428d186dad6edace0123261968759c6462417f5d5c42464e6f8cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1081357
cf-polished
origFmt=png, origSize=10827
x-wpe-request-id
cda2a51ebec06b50890341acd991acb4
content-disposition
inline; filename="gijn-footer.webp"
alt-svc
h3=":443"; ma=86400
content-length
8614
cf-bgj
imgq:100,h2pri
last-modified
Mon, 28 Mar 2022 18:37:26 GMT
server
cloudflare
etag
"62420066-2a4b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGEruOZjorZ5Ms%2BLR8cEp1N1NyzevnyyuifAIj15%2FHpa7jm9hYKglSmtdeY%2F95fAPzudH%2BUqvtGIB5TikENbiTDqV8f0Yy8NSGTVrhl2bVae4UXEeuorbXBU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8042a79dddedbb80-FRA
by-nc.png
gijn.org/wp-content/themes/gijn/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gijn.org/wp-content/themes/gijn/img/by-nc.png
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
15989710987ebffff3465a6f20000af3fb6691e1647ac9c9a80e3162bb8e0ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6070597
cf-polished
origFmt=png, origSize=17637
content-disposition
inline; filename="by-nc.webp"
alt-svc
h3=":443"; ma=86400
content-length
6836
cf-bgj
imgq:100,h2pri
last-modified
Mon, 28 Mar 2022 18:37:28 GMT
server
cloudflare
etag
"62420068-44e5"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMU6ZWkHblHSCob%2BrOPbqsUoVg5%2BxkisxA3rAlYTEGx%2Bwglcfncd2Yz0R3U7VCNXU1TZBjo%2BwFM7QOOFLSq0wULZMdNUO9%2FKkyQuC6MVSFEYR2qDUL6IOLFh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8042a79dddefbb80-FRA
inn_logo_gray.png
gijn.org/wp-content/themes/largo/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gijn.org/wp-content/themes/largo/img/inn_logo_gray.png
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
36b36452c44c4c355671f0ea4ae3b20cf0fb1fe2813d3ec2678570362591acb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
545414
cf-polished
origFmt=png, origSize=4434
x-wpe-request-id
5827965278191dd5dc0b06bc845fe401
content-disposition
inline; filename="inn_logo_gray.webp"
alt-svc
h3=":443"; ma=86400
content-length
1906
cf-bgj
imgq:100,h2pri
last-modified
Mon, 28 Mar 2022 18:37:27 GMT
server
cloudflare
etag
"62420067-1152"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXqwgsUcoU4AGFBrzY3QNvFlgM6QTWtfeSKcL0zZbIQKu2A9567d5Dzs0lCTgTWggA%2F%2FlcCUtbqJlSr28dil4VAA2S%2FGEt1RwvqMNSLed%2BbH2Jpu%2B5cVTSPq"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8042a79dddf1bb80-FRA
comment-reply.min.js
gijn.org/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-includes/js/comment-reply.min.js?ver=6.3
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1512422
x-wpe-request-id
2eab0878891c0fea20e39a497ac77ac5
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 08 Apr 2022 20:07:18 GMT
server
cloudflare
etag
W/"625095f6-ba5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJPTBisvaNDuVqyavhRPxdoiBFaFI0YtUxLrLgUz5e2VwDOiJuUFNNQBp7uzx%2Fh5PmT5vwWT9JD%2BZUdwOgpDU5x8U3uSICF6TUL8lWuKtbe5v8WbAl1VIpRT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79c5c2fbb80-FRA
dlm-xhr.min.js
gijn.org/wp-content/plugins/download-monitor/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/plugins/download-monitor/assets/js/dlm-xhr.min.js?ver=4.7.78
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e48977302b56fd91f13fd5f891c75061dddb72c653db8885b4ede75e2a8e86d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 06:18:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6070601
etag
W/"642d129a-24f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vudkaV33k1hgebJwUfEWZOQA7T0%2FB%2BbeJZ5%2FTM6JN6q4ICtDQ648ntwUcIjrwFoFcKaaU1Ex%2Btr9zutufRBFqZbqivTMTlc1JCT%2FL%2B59tKxDlzslcpJYMGTD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79c8c6cbb80-FRA
alt-svc
h3=":443"; ma=86400
largoCore.min.js
gijn.org/wp-content/themes/largo/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/themes/largo/js/largoCore.min.js?ver=0.6.1
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
492d1d55fbd62102770e1904106eb06bbeadf8e4240570e4494d279970f016d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 18:37:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6070601
etag
W/"62420067-b1b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7s0oRmPLOxA6KSYtG3%2FVN7ZcJ54vQeVTAnUsWYsQP3qHzC%2FQtbA3JetrdH92n%2BLFVBCCHJhhC%2Bqq8o%2FK7z5R%2BrpJsJwFwSUa3YdIxZ1Tl6OpyLqnREAn6Oc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79cac9fbb80-FRA
alt-svc
h3=":443"; ma=86400
navigation.min.js
gijn.org/wp-content/themes/largo/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/themes/largo/js/navigation.min.js?ver=0.6.1
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d6ad1316c43e95ebb9aab6987969149ff0980880bd0a16c301220371fcace0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 18:37:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6070601
etag
W/"62420067-1812"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXX0aNWokYHFVrI0wtPJBdiOvkF1h9rWSEXjHIe5pqZ9eR1qgZ9Jclv45kwVTckfCEczX7jcIOOwf9NGXP4EXPoVJK9db2YksEnJ3tAwZuBzT7S8ZQD2sDNb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79cdcc3bb80-FRA
alt-svc
h3=":443"; ma=86400
largoPlugins.js
gijn.org/wp-content/themes/largo/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/themes/largo/js/largoPlugins.js?ver=0.6.1
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d47e1aa9459fbfab27e58f6aee6752f5df385cd5e43429006d4243fbd0a5334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 18:37:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6070600
etag
W/"62420067-4bc2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbHtwr8MG4DKNZnMkWbRb9l7FVOns6ZKSrf9miA%2Fx9ijpTrC4v9ekGoA2j5UW%2FglzpwN9fTCuHM2rECb4Q%2FrefYxMrEAy5afYI%2BzOzDqQaGOL3PZO338I80S"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79cfce8bb80-FRA
alt-svc
h3=":443"; ma=86400
slick.min.js
gijn.org/wp-content/themes/largo/lib/navis-slideshows/vendor/slick/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/themes/largo/lib/navis-slideshows/vendor/slick/slick.min.js?ver=3.0
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
05449d51753966df0f73d3943416f3b5689939fcb54dbde16afaa7a35009cdab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 18:37:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6070600
etag
W/"62420068-8f21"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDGzT6YFhCBbhN3NBn%2FWICxTjuSr9cZsYVtnKhx7GaQ3yO0Jg5KeThE0ATpLeY6ZHpBxJmqHz0zNwztQb%2FfKFA0Wvu0NyniSUG76yt0nAgY2Oficx%2B1T3CMY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79d2d2cbb80-FRA
alt-svc
h3=":443"; ma=86400
navis-slideshows.js
gijn.org/wp-content/themes/largo/lib/navis-slideshows/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/themes/largo/lib/navis-slideshows/js/navis-slideshows.js?ver=0.11
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
78d3fa1c57fbf252c5e3caa2e62cae3e49d67c45ddf5cab7a5338f6064606e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 18:37:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3767099
etag
W/"62420067-2166"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTYX82Yf1dApmoKAcmUTd09ZmcN48%2BYOVbSIN3JNQ5Uk2ikSuXqeYOEaszaneP3s%2Be9QuvE0%2BMcnRwmWewAJcfgubm0nkaHw4yvhuybvbyZ5pf9yz%2FGRcvTy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79d4d4fbb80-FRA
alt-svc
h3=":443"; ma=86400
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Sep 2023 21:51:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
11
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Sat, 09 Sep 2023 23:51:38 GMT
fontello.woff
gijn.org/wp-content/themes/largo/fonts/fontello/font/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-content/themes/largo/fonts/fontello/font/fontello.woff
Requested by
Host: gijn.org
URL: https://gijn.org/?ver=0.6.1&largo_custom_less_variable=1&css_file=style.min.css&timestamp=2018-12-11%2021:55:08
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
868da4185c250265c9ec42e5dfbe1791c82c0c1941e9c0139062a5dc6a59f9ad

Request headers

Referer
https://gijn.org/?ver=0.6.1&largo_custom_less_variable=1&css_file=style.min.css&timestamp=2018-12-11%2021:55:08
Origin
https://gijn.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6070595
alt-svc
h3=":443"; ma=86400
content-length
11336
last-modified
Mon, 28 Mar 2022 18:37:27 GMT
server
cloudflare
etag
"62420067-2c48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJE8F1g%2BZByxXvt8mE6J87iR8VZ5s8OS0l%2Bf9JW0gi3ZW%2FD8g4KbhrGIBfLbdO121kHBgBHxr2sTOJL4tXOlOZa8qOagRNsNG3mydA29jBUd5nUXbHVAvkLe"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8042a79dee1cbb80-FRA
collect
region1.analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RLEQHEYQ7G&gtm=45je3960&_p=702401202&_gaz=1&gdid=dZTNiMT&cid=882429802.1694296309&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694296309&sct=1&seg=0&dl=https%3A%2F%2Fgijn.org%2F2022%2F06%2F06%2F10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations%2F&dt=10%20Tips%20for%20Using%20Geolocation%20and%20Open%20Source%20Data%20to%20Fuel%20Investigations%20-%20GIJN&en=page_view&_fv=2&_nsi=1&_ss=1&_c=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RLEQHEYQ7G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 21:51:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gijn.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RLEQHEYQ7G&cid=882429802.1694296309&gtm=45je3960&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RLEQHEYQ7G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 21:51:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gijn.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RLEQHEYQ7G&cid=882429802.1694296309&gtm=45je3960&aip=1&z=612570227
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Sep 2023 21:51:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
normalizeUrlService
us-central1-ad-auris-tts-app.cloudfunctions.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us-central1-ad-auris-tts-app.cloudfunctions.net/normalizeUrlService
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gijn.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 09 Sep 2023 21:51:49 GMT
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
function-execution-id
7dd8mt2z3n3r
server
Google Frontend
x-cloud-trace-context
a0750e9f21810ff64cbdccbaac1a1f32
x-powered-by
Express
normalizeUrlService
us-central1-ad-auris-tts-app.cloudfunctions.net/ 		121 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-central1-ad-auris-tts-app.cloudfunctions.net/normalizeUrlService
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/ad-auris-iframe-distribution@latest/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
bf359a3cb0d6b3d4716f5c6d38e82bef32c84313d7210ee5999f2ba36dbe39a8

Request headers

Accept
application/json, text/plain, */*
Referer
https://gijn.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
content-encoding
gzip
server
Google Frontend
x-powered-by
Express
etag
W/"79-BARfa9S43vBAFDwOWBbtNwVbrCQ"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
7eff0686c4d2a6e05ab3863364e54d8b
cache-control
private
function-execution-id
7dd80h8omv0e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
9Gp1KnTOkuM
www.youtube.com/embed/ Frame 8623 		87 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
739f7119f54f70d3f3e55a378094b834ad1a08d6dc36d2d401cb7acfcd743172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gijn.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 21:51:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
XbnLkc6r3yc
www.youtube.com/embed/ Frame F856 		90 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8ffb16062f3fd1e5115097972ebe81d043800fddb435623ed9ec8fd764e7c752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gijn.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Sep 2023 21:51:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
150b075cc04e.elementsApi.js
static.fundraiseup.com/ 		119 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/150b075cc04e.elementsApi.js
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b6a268eb42b3384c45c46b16614967e56e591025874a5f1d9fc0499f8bec6b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WDTQ3NJ7TN15568D
age
107349
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QefMJpwvP4zXrHdXx0Dlh3s/ArVDfUf9qPuKduwR3YDM6cHrcnLNQRsHrHkVWa5Xb5Cw4YSe8Aw=
last-modified
Fri, 08 Sep 2023 15:44:14 GMT
server
cloudflare
etag
W/"a357f5e5e280af78561c505081692436"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlO%2BfNQuKMtdaYJkEDxlDUE0I%2FKX1gI%2B64ZYGhwkb1pZhiXz4WuS1ybIcEpAUOliHsSIxvFi2Wy0hPGnP0vWXf9o22qsW9nv78MyOLW1%2B0%2BLQsEI0Tw%2BwhLAexZAVh09HdcQHc0tzqI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a79eca3bbc04-FRA
AZZKZELR.js
static.fundraiseup.com/embed-data/elements-global/ 		26 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements-global/AZZKZELR.js
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2221e9372eb6a6bf90c0269412580aaa624181fe55845f967a543c9ac2f086bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z79J8HQAVJHBK5TY
age
55321
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
vzOsRKSoLGvvMrn5z/ZX9HeR7g0UOGy228fOdagQcHshidqx9TiGcbw975RIXe2JG9KIbZYo8+Q=
last-modified
Fri, 08 Sep 2023 23:55:15 GMT
server
cloudflare
etag
W/"fa72bf04706b2a8899001aab345039dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiqH8vAjczD%2FOFm%2Brewf2vRcPZRpLElQIageLWwZBgbrzt2lZxxm5kyQjIwgEA6IqwGWKXZyRdXvax%2BTC1gUvGOq9rgjeRxfi4O9H2PnizvQXzaQD35aappKP7Yn0IbzQo%2FGrXdOD7c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
8042a79eba31bc04-FRA
3.1604bcf36e81.async-vendors.js
static.fundraiseup.com/ 		102 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3.1604bcf36e81.async-vendors.js
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc5bcb88c13edac556886c704f23fd208a59f14c4a219fa16409ac97cf85026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F68VC1JATEH1JC1F
age
985723
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Iad5jwx7LA4uIzdb3TNberbEzDQ1g7MpoSnNO6lXCQMbwJWRWPHAIfyoXRKLrAf8SFZC179u8gA=
last-modified
Tue, 29 Aug 2023 11:45:42 GMT
server
cloudflare
etag
W/"8da9a25d4580de74a2f542ec4dbb017e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cvTMXvdyE8Z%2B22koQ1GXyEu590UxEjFJbKhvwMhVFWZjrCrLLlOpyBO1UlQV%2B3BOeROyDhb3NVUGpiGmoKYy8fpmpkaRDS1%2BdtrsHvcp8P6ngLARwZhJzAiJO0EoOPnyYEknsGJtzo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a79eba2fbc04-FRA
2.7e0fc85c0c76.elements-langs-vendors.js
static.fundraiseup.com/ 		307 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2.7e0fc85c0c76.elements-langs-vendors.js
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55166251d302b469fd82cc777fc62d10d1599b6c27c72c57f930eae05fbab1d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WDTRJH85TNTMXYDS
age
107349
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
YgSBepd3CQPmSwPPDZhoeQMW0JBaTpEJD4pCkIFIdchgSLmaDQUC8zq7iaICWgGMUZoavzXIEvk=
last-modified
Fri, 08 Sep 2023 15:44:16 GMT
server
cloudflare
etag
W/"43d965fb949eb8a3bab4c90b36b5bfb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uAjlEpSAAXKT%2B9gqPyNI%2FrQlx7f0H8xyzFyq6KpBIRDEtdjlj03nEYaHRmvDxm2A0uoLVkQ%2FjpAH8QnRIgiLtbqiikBC8sSds1wlKDsN6EFftvAqTiQy%2FJEOQOktHmE6ko79XrEZjM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a79eba2abc04-FRA
0.76aeeb6569d7.elements-vendors.js
static.fundraiseup.com/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/0.76aeeb6569d7.elements-vendors.js
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0b7e34a0c461754e737c28261e71affc345d019841efe465d58037bb3006e7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WDTWBWY5YWYMXTK3
age
107349
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
KCELUm4E6F0iKqFtmBfCx6+6MEGbPQiHD4OKad0WtNYG6AKON7Z60ddBEf1RBTJRE0zfEmvl8W4=
last-modified
Fri, 08 Sep 2023 15:44:12 GMT
server
cloudflare
etag
W/"0992fbc7f95f5c1022747e0d9d11fe85"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPK%2BuvByECsENmBs%2FOGWc%2Bd8Lr4JzdVXhWwkuXAU0%2FsD%2FCmYnWkM3xuGH54jv%2Bkg3yY9rnTbtBS1w4EsWziI7yHlJ5rE0cXD38ypHNQFno2KasuoJ6ma%2BzhQiQlTZJjf8kVq%2Flw3qN8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a79eba30bc04-FRA
checkout.d5dc435ced5a06a819a3.js
static.fundraiseup.com/ 		755 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout.d5dc435ced5a06a819a3.js
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1163d8731ed6f681c27113b5b8af6d76b1afa9662123b4603330fe2ee45464c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WDTNCWET0ZADM5G5
age
107349
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
G5wUMkXIrqo0p/4EgQwMDh0VGAyD/wN9n+pSMK6PTOsm2fGUKBQ5Paq+obKedzLIsm2lSlcJU/E=
last-modified
Fri, 08 Sep 2023 15:44:33 GMT
server
cloudflare
etag
W/"0f08e9b9c7ab84ed14fabb3f67a5aed7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1qD9yfys0gpY8mK5g29GSjUHfnHZFMRdxYvucYyJM5yt8k1EYuQqfbVrwY8O3Xrdxad0nRzunZDcjY4LavgZbvEFr7SRKFSofo7llhyfC9KGpChOTkr%2BHnMtQqovdsfVvTB%2BKpQNJY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a79eba38bc04-FRA
checkout-vendors.97f02a67fe4e0be197bc.js
static.fundraiseup.com/ 		456 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-vendors.97f02a67fe4e0be197bc.js
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
088e9532a4cd6710b155e81715a09e16700c07a1552d70a0888f2619a54d4f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4H7CA8F52FQ9HCJB
age
1678265
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
vLkuKM8BGnGYTzkq8rPAe/wkdHkT8Vdj3dboa3W9GsZnKau4gtadL1YuWLUe+QfNHIPRWapZ47w=
last-modified
Mon, 21 Aug 2023 11:23:56 GMT
server
cloudflare
etag
W/"8a3fcd0fafffd036a518fbccf9203b5a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtkRq3KDbX%2FDJdIcKDfvXmqviKSfN%2BpYE2vw7EBIovOgK4GuxTfQuSLcKvkH8sCFAUSKRRRmIY1o6OHWoGJETazk6vr7NENvuoFY3aUr1Unnxb8EiyMJdm66Yc26%2FfxkXxU08nsA82c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a79eba32bc04-FRA
checkout-styles.12b699ff446d34a41875.js
static.fundraiseup.com/ 		108 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-styles.12b699ff446d34a41875.js
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0afcc7c13187b2baab1958d0a6962baefd8beca52a6354a4fc76e6ed2b78b10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
WDTWG6B2JJCJRE3A
age
107349
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
DvG/OWTaz+Hxuci18yIuOwkluhomdAx+olOUhyWHPLMlnEau7jG3ZaDHtvP94iF9qU+Wz0eov+E=
last-modified
Fri, 08 Sep 2023 15:44:33 GMT
server
cloudflare
etag
W/"50ac3644bb0bb08ac93073205b24fe63"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sF%2FlnFZPRjUy3Qvnoe6uAWf43hn%2B50L1wEE12u1ecD8qy7gxUBJLwcDmQTA9AZzdWfW34OM1s2Ml%2BXdosf%2FAo54n8JSqHnue8mafabBnX9GGogrOygiCRkwEZebDlJJPuofTxO7634w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a79eba35bc04-FRA
checkout-sentry-vendor.bbaab79af6ac4ae5c523.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
C2ZDS3JGJB3CBJKX
age
2000294
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CJ9qdBHsBN0hLQtJk9Rf8/MNTbMyeT9VMti74idWAHr+GBHaFdIHajk1vCehui2QSsjzdP7hC5w=
last-modified
Thu, 17 Aug 2023 17:57:32 GMT
server
cloudflare
etag
W/"e8cb215ba1bf6e188dcd93c7faa7d814"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEmqceQfpODFgQXY3DIZ08zFdRTTCLzU6R%2BA4tJGWNB3lfs%2BDt1O5rdtFjVvSEL1IN1UkCeu7UepFJ9kiCIxmEe9wsJXTfpn6oD%2FvOQPw5qP%2B0USL2ba1m5Tll3JAGHmRrvp9ucW9DI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a79eba36bc04-FRA
sentry.d5bb4900eafe4c17884e.js
static.fundraiseup.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/sentry.d5bb4900eafe4c17884e.js
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
168b73d7539992b9354fe32aec5c4e9d377cdc8c4a296001673c777214bbcd59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
XDW3ZDJ29WN6Z807
age
1939186
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6Imdb7UUOMrKeqTIxJQ69hpwj1Q3gBVTkl8U4ITOTVfQSa3b9q5TCIKgIqQmEzLgGEONVdZw/yw=
last-modified
Fri, 18 Aug 2023 10:50:00 GMT
server
cloudflare
etag
W/"1e2558f60530a3c3517a653100766377"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlD0HMOyvpQjB1i%2B8o%2FntQY4e5iTEZCaeA%2FNeD5dJwyzJFrXtxes8N6biYH9NeBKfvKzfT9Ld8nUUDfsPsm5516mUCqOW%2Bmf1jWqLI%2FcxyoyCISsYrmu3m%2BPY1k%2B%2BMbbwRREBsKRVfM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a79eba2bbc04-FRA
wp-emoji-release.min.js
gijn.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gijn.org/wp-includes/js/wp-emoji-release.min.js?ver=6.3
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1501857
x-wpe-request-id
99849fa5edb47d91a01b28891ccafa32
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNtv1m4GgURw%2Fg9r2s0BvWPSxgFpLZwBw09g%2BuoF9%2B3L11ngXhB3%2FSHAOOrE20iZEKsEj5jN4V5lzZAWYh0nl4fDjJSrvOIpjPC7G8%2BDouYjciRjGjWPTLtg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8042a79eaf13bb80-FRA
tb
fndrsp.net/ 		2 B
482 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AZZKZELR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.162.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gijn.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRU9ZcuuDFnw78r45%2Beiov0RDjrq9xVMtFeQUEEVDBH2nQFj78yyKA7iZ1LErO%2FgKb4oCjk9kHZoRxkJjZL4XT9%2FtMskenExcSPrS%2BhQtfRH4noik4bmHscmhqFr"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gijn.org
access-control-allow-credentials
true
cf-ray
8042a79f89aa4d3a-FRA
alt-svc
h3=":443"; ma=86400
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c493df9d423fa3cc5d89.woff
static.fundraiseup.com/src/fonts/ibm-plex-sans/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c493df9d423fa3cc5d89.woff
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AZZKZELR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa4ffe02411e1ffaaa2bda2fece4c0fb2c85456db525b6f31254e1fa0529d3cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gijn.org/
Origin
https://gijn.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZN7XTX817T815MSS
age
1996242
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
69300
x-amz-id-2
eU0nZcerYJPCTiziZWzKMKtFIvqzD4vhpPuCBhIF0+B1tJx7/bJfYqw92TeeQy67RajgSj8k9+0=
last-modified
Thu, 17 Aug 2023 17:57:30 GMT
server
cloudflare
etag
"5dd14ffc94f58becbeb197a5ee31423a"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCZbebR%2BEw7VPvr95djFRGCubK4%2FFRYQyIfgVpTx5JyFJ39%2F63NIi69ceoeLsm6H4JlvzAs5K2gZ2LSstL9bQ1NJ%2Bbs%2FwLjAuWWj2yybq5zx4dHSbd5sih2m4UAEAmWlCrPJ%2F7HHgnA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8042a79f58bc373c-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AZZKZELR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gijn.org/
Origin
https://gijn.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VCCESEFFNY45JJS0
age
1988004
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
53064
x-amz-id-2
2yZfZGcgQji020TOATOC7/jfQozaRDrYosNW5cjlGsErbiSVk5HMeYSku6tmUu6e4Vu0p798WR4=
last-modified
Thu, 17 Aug 2023 17:57:30 GMT
server
cloudflare
etag
"c9e466876957e9d2128f63b225a81ae3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XE3jNfZ9L1MPzJghESwnkZUdMMCvjhV4GXLEgHezdSkKgZr0LOApQxfTx%2B1Kw8XwnlHMX70VtIuY8%2BZUFk93eEViTFKUCC%2FmeIuJEVm2rUn9yyakUeO733tMMtRm8wy0XOHQCqUOYE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8042a79f58b4373c-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.d94eaadc1070343e6d33.woff
static.fundraiseup.com/src/fonts/ibm-plex-sans/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.d94eaadc1070343e6d33.woff
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AZZKZELR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8b8e77df304134446ca875214b28cdbb9a36511daedbc4b8ba8ef77fc86964c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gijn.org/
Origin
https://gijn.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VCC9NVWK46YEPYFX
age
1988004
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
73336
x-amz-id-2
Lmz5Nezh4vLAAz5pWbt2TAvzPW2PPUb/WxvhzXU3PWU2wrqlSdvzPYWyVM2U44RwgBVQPEf7eRQ=
last-modified
Thu, 17 Aug 2023 17:57:30 GMT
server
cloudflare
etag
"fd11415bd868e0815d59f78628a0220f"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek6n%2FtEgGab%2FfjtPNP0tvBh%2FHGm2dviuXMZ90vSRZodDGVD1PuehagqLrYBfcne0LDOEaz7RIKpaT%2FH6nv9K8ZFlA7fcILND6r%2Fmjk8Q2LisivU6mhlDLBbl%2FaS0YxknsBiWWPvIHFo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8042a79f58b5373c-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AZZKZELR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gijn.org/
Origin
https://gijn.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZN7H4JA8VCSEJMRW
age
1996241
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56460
x-amz-id-2
pS9Hfa/Eu/zvefBbWMWuskd9UJvF6mF2K/x2Nl4syQ+H0R+CFNvbYAeVlIoUP1aAq+e7fNwTAWc=
last-modified
Thu, 17 Aug 2023 17:57:30 GMT
server
cloudflare
etag
"cc65a7d46bec1bcadfd3a27d571765f5"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLQOQWg8fJ5yaXZlMifRSKp9hQuLmUcBhOENSl5WFFftkIzi8LD6NWpW6WKjsJznpZM%2B5V4BldJgSkvNqxOvbeULaFBP3YjX5mvL2aMo5YiDKKlkf5HOvIFvCBZWoHlx6FPrgv8XeP0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8042a79f58b6373c-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.6a83ec5143b3476f0a22.woff
static.fundraiseup.com/src/fonts/ibm-plex-sans/ 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.6a83ec5143b3476f0a22.woff
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AZZKZELR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d625ffeb66507b5bb261bed24c35f5f5ff9f156f5ebd3fce5b95f29f054f5469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gijn.org/
Origin
https://gijn.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VCC9FCVSPFBR3VQD
age
1988004
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
73644
x-amz-id-2
bS202J58O7V5+Nwa4vLQkOq8metDxHuW9IMEjOSNr26tspDp9j2XSaxMrfiCp052H3Ikp7Noz+s=
last-modified
Thu, 17 Aug 2023 17:57:30 GMT
server
cloudflare
etag
"b9a28c1ed8cdedf6d84d7d29ab9b58ac"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6YaEWCEQvzicoiFsa71Vs4gFWlLtecDQkxD4YIuNqYgJxvmJXDrTwywLaxXB3Qy5eiF3MNBlPwdUixQvUSShOMRab0hS4gh40%2BLmguyT7D%2Fi0G4%2Fb%2BPgSNIJiQZRyJzS%2BRZOGHlehQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8042a79f58b9373c-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AZZKZELR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gijn.org/
Origin
https://gijn.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VCC0JCHEFHX6BQ47
age
1988004
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56996
x-amz-id-2
yJMhJzXoSLJDymx7lJQIXnbmikTQJVAQ0lp59ZFfYO0nGLhxKZeoiubAZRBOCDMS3LdOrPUBVHM=
last-modified
Thu, 17 Aug 2023 17:57:30 GMT
server
cloudflare
etag
"643ad5d92cd7c31076790077c3003abc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqxGl2LdokVAqo309SO5WHXla7JsMhY%2BPZanAXTYbaTBsiilKkMcvCkWNbkP5PFHsJXh5xePDuSA3XgPbJW1t3%2BwCywa4o0l4%2BihICebOvzM8tCxV2M5%2FUkL18KCPZtJ9knOGY4wuc0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8042a79f58ba373c-FRA
gijn-11701.png
gijn.org/wp-content/uploads/2012/12/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gijn.org/wp-content/uploads/2012/12/gijn-11701.png
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bc825168f83a9a45e3db51e2a06d56b947d18ca3acdbc06ba7acff5c428f047

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
151275
cf-polished
origFmt=png, origSize=63291
content-disposition
inline; filename="gijn-11701.webp"
alt-svc
h3=":443"; ma=86400
content-length
38378
cf-bgj
imgq:100,h2pri
last-modified
Mon, 28 Mar 2022 18:37:27 GMT
server
cloudflare
etag
"62420067-f73b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fr7ZYHMJLJ7YR2cKTu0%2BvQaoyYZ4PxsZR6BgzRizayQVr8DRFKHWroP6Xvb3WIaigQPvkLsPmLG1Y9z3Kx1zWYviQ65SYk%2F%2FBa3L6T1WO3XI8Bg333PrhWmz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8042a79f5feabb80-FRA
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1756518622&utmhn=gijn.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=10%20Tips%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25037912-1&cid=882429802.1694296309&jid=702028746&_v=5.7.2&z=1756518622
35 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25037912-1&cid=882429802.1694296309&jid=702028746&_v=5.7.2&z=1756518622
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H2
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 09 Sep 2023 21:51:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Sep 2023 21:51:49 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25037912-1&cid=882429802.1694296309&jid=702028746&_v=5.7.2&z=1756518622
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
369
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/7ee36b0e/ Frame F856 		383 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebd9916f73aea2ae814451af5fa1ce5fad205d534409877fd10bd6ffb43dd3c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:28:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
1411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49339
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 08 Sep 2024 21:28:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F856 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 02:58:03 GMT
x-content-type-options
nosniff
age
68026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F856 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 05:51:22 GMT
x-content-type-options
nosniff
age
57627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 05:51:22 GMT
299.22da47370d28.checkout-crypto-currencies.js
static.fundraiseup.com/ 		17 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/299.22da47370d28.checkout-crypto-currencies.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/150b075cc04e.elementsApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3dbf7f9bc1bf4aac1ee09444608266f6a355a4ddb67184d4a73cf6f3920ec9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DFW27VE4B4FCBPD3
age
1148167
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
JIIy9C2MMdh7g+4Xso6Cku9vzrcLbzcn+8UoLb8g1IL2UkOqg4HokYtiz5SpVuPv7RiJ+TNFbKs=
last-modified
Wed, 16 Aug 2023 07:06:49 GMT
server
cloudflare
etag
W/"0b1b54a40bfba3830096c16d8fb32ae7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLNgeoLV8FmmZcFRuv6vaMoYf6q9tu37%2B14iKCl0ItAKsudfL%2BHEGzQEHEMESn%2ByCMQj3pjmIP4PYlL1bzBuLeXOe0jqkaRnjxavgWJetjiOB5qAdiG9h26IYV4XHBXqABwi6rO2htY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a79fdb72bc04-FRA
embed.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame F856 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4dcfd138ab21b6f3679e81114be6f752b478552c6e8c39af2c1436e49865841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
396794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15596
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 04 Sep 2024 07:38:35 GMT
www-embed-player.js
www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/ Frame F856 		314 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
785272c9b1033897a81797962645fa74e7da0c63dd7208bae2ef171ecba275ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96199
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 08 Sep 2024 21:39:24 GMT
base.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame F856 		2 MB
778 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c9a8bf4daf539463f609b2d8c45c1f138658dfdb9f6b776f2a20da40c92e152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
796229
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 06 Sep 2024 12:02:55 GMT
www-player.css
www.youtube.com/s/player/7ee36b0e/ Frame 8623 		383 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebd9916f73aea2ae814451af5fa1ce5fad205d534409877fd10bd6ffb43dd3c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:28:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
1411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49339
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 08 Sep 2024 21:28:18 GMT
embed.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame 8623 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4dcfd138ab21b6f3679e81114be6f752b478552c6e8c39af2c1436e49865841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 07:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
396794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15596
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 04 Sep 2024 07:38:35 GMT
www-embed-player.js
www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/ Frame 8623 		314 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
785272c9b1033897a81797962645fa74e7da0c63dd7208bae2ef171ecba275ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96199
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 08 Sep 2024 21:39:24 GMT
base.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame 8623 		2 MB
778 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c9a8bf4daf539463f609b2d8c45c1f138658dfdb9f6b776f2a20da40c92e152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
796229
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 06 Sep 2024 12:02:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8623 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 02:58:03 GMT
x-content-type-options
nosniff
age
68026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8623 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 05:51:22 GMT
x-content-type-options
nosniff
age
57627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 05:51:22 GMT
/
dynamic-widget-service-l72twop3ra-uc.a.run.app/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dynamic-widget-service-l72twop3ra-uc.a.run.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gijn.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 09 Sep 2023 21:51:49 GMT
server
Google Frontend
vary
Access-Control-Request-Headers
x-cloud-trace-context
62d6736cea97b90c850241a9c1724f16
x-powered-by
Express
/
dynamic-widget-service-l72twop3ra-uc.a.run.app/ 		336 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dynamic-widget-service-l72twop3ra-uc.a.run.app/
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/ad-auris-iframe-distribution@latest/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
7562de8e00f0f0721fd342c7b3f32ab8e19d3338934b328c944df1cf91e2738c

Request headers

Accept
application/json, text/plain, */*
Referer
https://gijn.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"150-qEKJXUYF3bVut6USz4krK29lqSE"
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
29ddcdd408e1d00092c50369914a4713;o=1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
336
381.6627ffc0e90c.social-proof-v2-styles.js
static.fundraiseup.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/381.6627ffc0e90c.social-proof-v2-styles.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/150b075cc04e.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
791b444b9e8bd9c559866b58eb0305ec016efba9fbaccb8e4fb29449ea068de9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BB0B4CHXBZB6YT91
age
384120
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ySho1431C43a1GnmLGdF7xu0b5t8jGFSPSEyJps5vTQwSXMZ+RFAiRf5czID5PX6mIj0J++BPtg=
last-modified
Tue, 05 Sep 2023 10:46:17 GMT
server
cloudflare
etag
W/"8021f11604a5f0468621d0d82ef34631"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Be%2Fme9xRJKwOzvNTfze4b4rkZ7g43pGmoGRbFEtlKpXJ92%2F2ySE9pqnuuHt48yrjXm5MydvwRCVMBKCs5Az3o0hyroFK9%2BcoZCs%2FZ8hwq4K5qgO1%2BS6PFk2XEBTz53iLjoKxX9LalkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a7a07e8c696a-FRA
1.571429b3f512.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js
static.fundraiseup.com/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1.571429b3f512.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/150b075cc04e.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f1a27523fac115bbbfe84f4fe2b29a6eb77997c02eb7a18f438bcea73927a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F68NG6TYF0Q04GCS
age
985707
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
cKuuBSf93LxH6JHIyU+HLsL2LJv5U2l8v83GbsQYHXACqfJpkRNl+AIg7IENpFthyj42LKIAgWo=
last-modified
Tue, 29 Aug 2023 11:45:33 GMT
server
cloudflare
etag
W/"e00eb53d8e6cd8180f73c860b9e336a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMps4kQauOkzCAbfa3jnU7vqCX8vFD0%2BrJd1eQ1y7oP%2BhnZtSNLfkMESktdy8M%2Bqx2Mnfz098wscgn3TEVuP%2FbXgSU9UdR1K%2FbcPMCDYGHhu2Ez%2FXGABI8SPi7Z0oq%2FxhPXbHqRolgU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a7a07e8d696a-FRA
379.1cd4d578de57.social-proof-v2.js
static.fundraiseup.com/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/379.1cd4d578de57.social-proof-v2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/150b075cc04e.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94f6774cf11b0ae2c438126649c4fbe4e3314a8cfaed638a65f66840ad3c1be9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1QJ56P3084ZDZ6MX
age
107108
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
MMGp7oytHG4Txs+DrkItovOmQ9bOK3VrTIByElTjaVp0TnmAd6z80QIj2HCa6+nQL/HIXpRLrBE=
last-modified
Fri, 08 Sep 2023 15:44:23 GMT
server
cloudflare
etag
W/"1d0630a0950b75e141172cbe8163a124"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OftwD5QtTn6XYzaoU4tKxxA5yqFAWa%2FZQ4DJKGalA8UV4euzSHfNlwwvcJhEqqrHd22Y19vI6tmzFUaWGk%2BFEMKpkyGWuzcPHYJ5iTcPHt0h%2BTZbW3imwkgARiEnFx1Pp2FJB2mhI8U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a7a07e90696a-FRA
373.183990eb4dfb.social-proof-emoji-confetti-ball.js
static.fundraiseup.com/ 		521 B
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/373.183990eb4dfb.social-proof-emoji-confetti-ball.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/150b075cc04e.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4f6436ec3f96d2900f3c277650e9a6972f42170a883790d862a624df532fe33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5Y6EV9F55NT872YS
age
985342
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
BrpyzzU26W+x+Y1zOidue5qNOkRuoPEO7NrppEalHwBi6ClfZsghvpS+nPHO32nn5umLqKIsiqw=
last-modified
Tue, 29 Aug 2023 11:45:45 GMT
server
cloudflare
etag
W/"ef5712022ea4522b59317aac528319ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMYza0Wno5nmayh%2BDGq%2B5CZduyGKXmmgInczVc7ZS%2FWc4dRYAXKhh6%2BfyR3KHHcEKLVDnGCuHKZKSGiRlef5affruwT6FtijJwnuogVoWcos985%2BB6CfMoC%2FmJV1bMMZzfStGJxLknQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a7a0eef4696a-FRA
4.ea55cebc8257.c-f-e.js
static.fundraiseup.com/ 		166 B
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4.ea55cebc8257.c-f-e.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/150b075cc04e.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
233d0ee075f20b586e69d99507db3fc9c1b87a9f171a69227b36748b456a4188
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QVEVF0B4RQ0EF57Z
age
985280
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
vcwJ+2tgAiiOKbMiUnVy5YXXT7SmoW/sp78NaPUb9ACE3i3qq/OMgEGWevMeAPQU1Xg00VmOgUQ=
last-modified
Fri, 18 Aug 2023 10:49:50 GMT
server
cloudflare
etag
W/"19661299753e38125b2047f1979ff348"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0iGip4LhNa1BKt3o%2F5TLh0%2BO18GU4KRSy6K8ldph279GywgUbEQ94ileexTKc9yjMCVBJxxikOPzw2c3UfjydEaPi8HP%2BjcxRChZu9gu9%2F3%2Bx7gHPYSx2ojIF57PLNmSbSWN5D2T7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
8042a7a0eefc696a-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame BF86 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gijn.org/
Origin
https://gijn.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HVYAB3YABY3VT29S
age
179650
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56996
x-amz-id-2
/SkF5g7zTGiFU1klyKeY2Wq2p/GtwmgLppSTKIvcUVbaLhmcT0r0fG6t1HyScPLpfQj4jQCJUZ0=
last-modified
Fri, 18 Aug 2023 17:28:27 GMT
server
cloudflare
etag
"643ad5d92cd7c31076790077c3003abc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tljqhReRAnrSKaQDT5BqA8KlMrFUuFDG3eyXtd66KZXkIErsiPiP1gQNMR6iwS8%2BB4a%2FVD6QNoOzAae%2FpWdgTDkEXggJQUZUwobnfYml8mZIoEfcrXZeN3I5chOqIr9Y%2FxwjB%2Fmx0T8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8042a7a10a3b373c-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame BF86 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gijn.org/
Origin
https://gijn.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EJ3ATNC6NEMCW9H2
age
1996223
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
53064
x-amz-id-2
uFXSRauuRaIeBPOL5OiuA2/lqdF11JeX4mI1ynHLsZFjYxUtMU9L1tM5jbR9TNpPmPG7EO3kEVw=
last-modified
Thu, 17 Aug 2023 17:57:13 GMT
server
cloudflare
etag
"c9e466876957e9d2128f63b225a81ae3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZXCRW08tb8unPcsF5Ctz7La6GcNR5hUnWa%2BCUYSkYwU3ACZpArPO6DJBgdmhN8EIvRmRJEaglLuFZ3%2B%2F1U8RpX0GFyhf0gMuyZ0o7gH8%2FbBOLUJbwxXe82FiF7xQUIYAh7DxsqkKVY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8042a7a10a3e373c-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.cc65a7d46bec.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame BF86 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.cc65a7d46bec.woff2
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gijn.org/
Origin
https://gijn.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EJ3F6ZD7RP8WEPBB
age
1996223
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56460
x-amz-id-2
aloV1q7mhTXpHyltd5RYmKnnvPVYc7HCukMH8zociFlQCacIgWxuUbdMg5Coge3c8FWp3al1ZVg=
last-modified
Thu, 17 Aug 2023 17:57:13 GMT
server
cloudflare
etag
"cc65a7d46bec1bcadfd3a27d571765f5"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBMFNMmZfIx7AdxLlm9zMfrvAY8uMGrD%2BPGpJyhOOHbur0yAh8IPLWWs%2Fdz6pBBrmnJX1d9BdaRiHYS23eW%2B%2FosVm5xVD5ucVpnBcv%2Bn7ZZHAJH3wvxwT%2BG5kacg6tmpxKTkY4roOpY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8042a7a10a40373c-FRA
id
googleads.g.doubleclick.net/pagead/ Frame F856
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a85c3374bc9eef9454f5d41e40b8cc2d33490afce860f68e374fd18a37acef2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Sep 2023 21:51:50 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame F856 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:44:24 GMT
x-content-type-options
nosniff
age
446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 21:59:24 GMT
confetti-ball.13822150f80f.png
static.fundraiseup.com/images/common/emoji/ Frame BF86 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fundraiseup.com/images/common/emoji/confetti-ball.13822150f80f.png
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb5228927b9ab8babed664ebab3230878a10d91180006e7fe546df4f013c7e12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
J4J9ADNDJHWN4H0B
age
58034
cf-polished
origFmt=png, origSize=5449
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="confetti-ball.webp"
alt-svc
h3=":443"; ma=86400
content-length
4508
x-amz-id-2
S7UyhOa5PFK5ZpiEfOTa3GQ95MZPDRvd8f9chP9KeWKH+ycmQOiw+Gey4PIS/I9d8gmgvO1Y710=
cf-bgj
imgq:100,h2pri
last-modified
Thu, 17 Aug 2023 17:57:16 GMT
server
cloudflare
etag
"13822150f80f4250339a5e83cc712d64"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8H%2BGL5RLY5z7CHvvCiz6prl8p8%2BO0aPG8i3rIQvK%2Bk3tbXrJv5mb9IlvqNCUmi1bvPry%2BbZFRZt1ZxRjKPLh7UEIRJwZ5uoHRDdwDZKw1vp8cxEjoYK5iH8%2F3ENJCKhMYX3YH%2FwmJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8042a7a20fef696a-FRA
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 09 Sep 2023 21:51:50 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F856 		68 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b3bfd2018fda17cb7e1f3486c5a0e0bdcec78cb8123d0effcca478ce895d5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31671
x-xss-protection
0
remote.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame F856 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97a159e488477400a41c43897dc257375cf9bdabd184e67c79ca01a13c051647
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 22:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
258163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33687
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Sep 2024 22:09:07 GMT
HL4UaLuaS9zFJQ_fjRxs_M0uOCQBike_kzRLJVgn_b4.js
www.google.com/js/th/ Frame F856 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/HL4UaLuaS9zFJQ_fjRxs_M0uOCQBike_kzRLJVgn_b4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cbe1468bb9a4bdcc5250fdf8d1c6cfccd2e3824018a47bf93344b255827fdbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
139315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14674
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 07:09:55 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/XbnLkc6r3yc/ Frame F856 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/XbnLkc6r3yc/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22fca8c9633ea6ba077348ab5a18dc79a4e11ce9562a39a8b699e4e0abf0209a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54562
x-xss-protection
0
server
sffe
etag
"1614780769"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 09 Sep 2023 23:51:50 GMT
truncated
/ Frame F856 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
AOPolaQubBvzWpSHLRnYJYpLEDJU8A2SpxSVnvuo7ZauTns=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F856 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AOPolaQubBvzWpSHLRnYJYpLEDJU8A2SpxSVnvuo7ZauTns=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ab193b03189605d219d5f85c3830b9d8075a1b00900853d298d018303362b606
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 18:33:50 GMT
x-content-type-options
nosniff
age
11880
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2533
x-xss-protection
0
server
fife
etag
"v988f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 10 Sep 2023 18:33:50 GMT
10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
narrations.ad-auris.com/widget/gijn/ Frame E791 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/ad-auris-iframe-distribution@latest/script.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Next.js
Resource Hash
111cb621fb35d629a5a8451f7d0290e20d5b299f772070cc0bf387029e4f0674
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://gijn.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 09 Sep 2023 21:51:50 GMT
etag
W/"2044-QahVcnN2XThcanRpbhjzEtukf5c"
server
Vercel
strict-transport-security
max-age=63072000
x-matched-path
/widget/[organisation]/[narration]
x-powered-by
Next.js
x-vercel-cache
MISS
x-vercel-id
fra1::iad1::gc92p-1694296310310-ac4f4ed1f1e0
US.4c460809a154.png
static.fundraiseup.com/src/common/components/CountryFlagEmoji/flags/ Frame BF86 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fundraiseup.com/src/common/components/CountryFlagEmoji/flags/US.4c460809a154.png
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2745aa4401c27f592fb4ddacc499021177fe4438ff87821c3cc7281a908ed8fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gijn.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0MST1T498QNG8DXW
age
1443301
cf-polished
origFmt=png, origSize=5949
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="US.webp"
alt-svc
h3=":443"; ma=86400
content-length
5246
x-amz-id-2
H+ul+PcBpKJ3gQo8gFM8a1EQ3zq/b36hC7FHJ90UCLMxm1bP9exxptpOxFr+KNGXiCMd9xip+G0=
cf-bgj
imgq:100,h2pri
last-modified
Thu, 17 Aug 2023 17:57:29 GMT
server
cloudflare
etag
"4c460809a15449070037bff9e2c542fe"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaoIsTIW%2BqMDJJr%2BnFLc9rcsX%2F%2FPlkioC1V6F%2FZTNSBcLHzr%2FZ%2B1fex5nOC%2BEG4YrNftxXMXnFvOIsziMTVxV9tlYiahPgEZfQQe3hSixJgPPkpngo2qZP9KqIFLwzd491B%2FqVEmcTA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8042a7a318ee696a-FRA
id
googleads.g.doubleclick.net/pagead/ Frame 8623
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H3
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90186839bf5abcd681fa54e4b9223c39c1d2967a7436a9d4045de04b29427285
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Sep 2023 21:51:50 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 8623 		29 B
89 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:44:24 GMT
x-content-type-options
nosniff
age
446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 21:59:24 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 09 Sep 2023 21:51:50 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8623 		68 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc125602a1b168bf46fa7daaa9468cd937b0fd3dfddeedff556340ee1c0b0b2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31767
x-xss-protection
0
remote.js
www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame 8623 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97a159e488477400a41c43897dc257375cf9bdabd184e67c79ca01a13c051647
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 22:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
258163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33687
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 01:11:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 05 Sep 2024 22:09:07 GMT
HL4UaLuaS9zFJQ_fjRxs_M0uOCQBike_kzRLJVgn_b4.js
www.google.com/js/th/ Frame 8623 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/HL4UaLuaS9zFJQ_fjRxs_M0uOCQBike_kzRLJVgn_b4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cbe1468bb9a4bdcc5250fdf8d1c6cfccd2e3824018a47bf93344b255827fdbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 08 Sep 2023 07:09:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
139315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14674
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Sep 2024 07:09:55 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/9Gp1KnTOkuM/ Frame 8623 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/9Gp1KnTOkuM/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd717b1f2517da99c7e51bfe7082ee01251c25f66be52d5a081dabb26805c89a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
x-content-type-options
nosniff
server
sffe
etag
"1654502958"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54872
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 09 Sep 2023 23:51:50 GMT
truncated
/ Frame 8623 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
hTxAq_LFnangZ9ow5xRYsgUqkNVnM3P5ju9jfofCZrV3bSOdRQ4BHMm0qD89nZcIz6FlJwHm=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 8623 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/hTxAq_LFnangZ9ow5xRYsgUqkNVnM3P5ju9jfofCZrV3bSOdRQ4BHMm0qD89nZcIz6FlJwHm=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a9f217c38dab9cc8ad8da8d9d383da0baaaea68ad3c6310cb18388fe7ae4a454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:39:42 GMT
x-content-type-options
nosniff
age
728
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3794
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 10 Sep 2023 21:39:42 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 09 Sep 2023 21:51:50 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F856 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
741aabb89e957dbb1cab29a69362a71d2ad65d885016925ac840f25b7254fc0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8623 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
73e68151ad8beb1a795c7d4b9a51313b5e5da51f6a400b5a42e09a6ef03c7b1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 09 Sep 2023 21:51:50 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame F856 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Sep 2023 21:51:50 GMT
6c690e0a4c0938e3.css
narrations.ad-auris.com/_next/static/css/ Frame E791 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/css/6c690e0a4c0938e3.css
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4a2f3af492588a668c1008f330fd1e9bfd5111eea4e315980e3476dcc4cde20b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::gc92p-1694296310753-86d0c56d7a06
age
30865
x-matched-path
/_next/static/css/6c690e0a4c0938e3.css
etag
W/"903a266b5875d91c87a7a4cf3c381468"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="6c690e0a4c0938e3.css"
ae14940e2012238d.css
narrations.ad-auris.com/_next/static/css/ Frame E791 		119 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/css/ae14940e2012238d.css
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e3ee86b4e0927c9e138247510884fc856ba7e713830d624f3cba9bda8b26de46
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::wh4hq-1694296310753-60cde76b626a
age
8628
x-matched-path
/_next/static/css/ae14940e2012238d.css
etag
W/"7fb399fbae717db22a77d637bde9bb60"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="ae14940e2012238d.css"
webpack-84444c2570de337f.js
narrations.ad-auris.com/_next/static/chunks/ Frame E791 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/chunks/webpack-84444c2570de337f.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
afcc75531c0a0ca9e2cac790f06176d118535553b9f4b20fc7428754fc02fc33
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::wh4hq-1694296310766-6c6c4b161358
age
3159
x-matched-path
/_next/static/chunks/webpack-84444c2570de337f.js
etag
W/"a95c45a1bd650f958e0983da40cb1001"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="webpack-84444c2570de337f.js"
framework-5f4595e5518b5600.js
narrations.ad-auris.com/_next/static/chunks/ Frame E791 		127 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/chunks/framework-5f4595e5518b5600.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::wh4hq-1694296310769-ff24a2e6e975
age
7104
x-matched-path
/_next/static/chunks/framework-5f4595e5518b5600.js
etag
W/"623da2092ab9e81400d81fad9017f0ba"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="framework-5f4595e5518b5600.js"
main-a0853fbc3d9f629b.js
narrations.ad-auris.com/_next/static/chunks/ Frame E791 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/chunks/main-a0853fbc3d9f629b.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
fba4f9d362163844edb5bf128ffa9d1a9a5cb6926965a42c5c62ea5233657c93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::gc92p-1694296310769-d8b624b96177
age
33411
x-matched-path
/_next/static/chunks/main-a0853fbc3d9f629b.js
etag
W/"1e8a2274f9bfc632055a980a3a92d4de"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="main-a0853fbc3d9f629b.js"
_app-fc6b2c92f52882b4.js
narrations.ad-auris.com/_next/static/chunks/pages/ Frame E791 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/chunks/pages/_app-fc6b2c92f52882b4.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
934b9131d619f05c76bf57e9dddee0b1e4770f7fab517c8d64167679400fb84d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::r8n45-1694296310769-e5a6d855f870
age
35019
x-matched-path
/_next/static/chunks/pages/_app-fc6b2c92f52882b4.js
etag
W/"2cc2d8a88f0183897230d849c16984df"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_app-fc6b2c92f52882b4.js"
1bfc9850-948c3f75e9515c72.js
narrations.ad-auris.com/_next/static/chunks/ Frame E791 		677 B
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/chunks/1bfc9850-948c3f75e9515c72.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
428e9bf47be6c7dcda4938fae05cdf0b0e9cbaf145bb5a4aeba297ccfb78b10e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::lqnzb-1694296310769-1d4d9946329e
age
5825
x-matched-path
/_next/static/chunks/1bfc9850-948c3f75e9515c72.js
etag
"11b42d88727b2f7b9711f1699c94dd42"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="1bfc9850-948c3f75e9515c72.js"
accept-ranges
bytes
content-length
677
d30c6e48-c1f69e5732d9e08f.js
narrations.ad-auris.com/_next/static/chunks/ Frame E791 		467 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/chunks/d30c6e48-c1f69e5732d9e08f.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
13679b65ad7ae5389651cdc9ffc8a785e0a66b277022e6834b57e1a8cfa8fb5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::qcjq5-1694296310769-a389a25a337b
age
32710
x-matched-path
/_next/static/chunks/d30c6e48-c1f69e5732d9e08f.js
etag
W/"3ba8bffa26d9d34c2d6ed257d4b7153d"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="d30c6e48-c1f69e5732d9e08f.js"
95b64a6e-2380e13ce95e1d6e.js
narrations.ad-auris.com/_next/static/chunks/ Frame E791 		308 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/chunks/95b64a6e-2380e13ce95e1d6e.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
7a5b61e5a9c23b78c3f73d8ded55ff260f58e36f67ebfe1b3330755104f78ad1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::zmfnp-1694296310770-58c1ac7f15d1
age
43544
x-matched-path
/_next/static/chunks/95b64a6e-2380e13ce95e1d6e.js
etag
"c087e8c29cb909c53c8fc1e2b230f90f"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="95b64a6e-2380e13ce95e1d6e.js"
accept-ranges
bytes
content-length
308
297-75ba8ae95dfb3ffb.js
narrations.ad-auris.com/_next/static/chunks/ Frame E791 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/chunks/297-75ba8ae95dfb3ffb.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
1a0684697ae67755933f2449bab6f396c2465430ab1b1bc23439107cde458892
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::f2bx6-1694296310769-2ded4cdd19cf
age
41945
x-matched-path
/_next/static/chunks/297-75ba8ae95dfb3ffb.js
etag
W/"b3cee8fc3df4a1a2bb5a75d54bf96ca9"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="297-75ba8ae95dfb3ffb.js"
118-5b140a8db5cfa2a9.js
narrations.ad-auris.com/_next/static/chunks/ Frame E791 		398 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/chunks/118-5b140a8db5cfa2a9.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ea5183bef3367e24520cdc650950acfbdc20e47a9b526d41eb93bb7feccddd28
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::jjlzb-1694296310769-0fd01df1ca1e
age
28319
x-matched-path
/_next/static/chunks/118-5b140a8db5cfa2a9.js
etag
W/"107aaba2b92b7dc1822338182762e49c"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="118-5b140a8db5cfa2a9.js"
185-02c35d8cdf5fe280.js
narrations.ad-auris.com/_next/static/chunks/ Frame E791 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/chunks/185-02c35d8cdf5fe280.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
98f15cd0cb1ffd1cac04bdc842346898ee3e097a61783be2a9bbf9095d02ffe8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::9rd6x-1694296310771-517ed631f3cb
age
3263
x-matched-path
/_next/static/chunks/185-02c35d8cdf5fe280.js
etag
W/"fd95b589b0858d490d2fc84179ce0d2c"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="185-02c35d8cdf5fe280.js"
%5Bnarration%5D-20b404ebe96bb6ad.js
narrations.ad-auris.com/_next/static/chunks/pages/widget/%5Borganisation%5D/ Frame E791 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/chunks/pages/widget/%5Borganisation%5D/%5Bnarration%5D-20b404ebe96bb6ad.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b50dd2bf096a0d4c875f872b396cb0aa2d9fbcd085c578d48bfe4f5109768d4b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::9rd6x-1694296310776-71bf452cc001
age
5755
x-matched-path
/_next/static/chunks/pages/widget/%5Borganisation%5D/%5Bnarration%5D-20b404ebe96bb6ad.js
etag
W/"9e4b2a716b00555b4c328e4fd9e4fe31"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="[narration]-20b404ebe96bb6ad.js"
_buildManifest.js
narrations.ad-auris.com/_next/static/frvmUnMg4S_44dHnMuuk4/ Frame E791 		983 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/frvmUnMg4S_44dHnMuuk4/_buildManifest.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
dd9ddad21c9e6f19fa4e50a1cdefa3a0e21107e7c0e8ef90d22e1c3372cc0394
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::f2bx6-1694296310778-4f7f69ad7486
age
39308
x-matched-path
/_next/static/frvmUnMg4S_44dHnMuuk4/_buildManifest.js
etag
"47ec2540dca4532c03d7cd021ff26057"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_buildManifest.js"
accept-ranges
bytes
content-length
983
_ssgManifest.js
narrations.ad-auris.com/_next/static/frvmUnMg4S_44dHnMuuk4/ Frame E791 		77 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/frvmUnMg4S_44dHnMuuk4/_ssgManifest.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::wh4hq-1694296310776-bf82f98fbb9f
age
4182
x-matched-path
/_next/static/frvmUnMg4S_44dHnMuuk4/_ssgManifest.js
etag
"b6652df95db52feb4daf4eca35380933"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_ssgManifest.js"
accept-ranges
bytes
content-length
77
_middlewareManifest.js
narrations.ad-auris.com/_next/static/frvmUnMg4S_44dHnMuuk4/ Frame E791 		92 B
281 B 		Script
General
Check archive.org
Download Go to
Full URL
https://narrations.ad-auris.com/_next/static/frvmUnMg4S_44dHnMuuk4/_middlewareManifest.js
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::gc92p-1694296310776-b66df9a492d8
age
32608
x-matched-path
/_next/static/frvmUnMg4S_44dHnMuuk4/_middlewareManifest.js
etag
"7c3f7e060745668041278118c0bb3d6d"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_middlewareManifest.js"
accept-ranges
bytes
content-length
92
play-icon.png
narrations.ad-auris.com/ Frame E791 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://narrations.ad-auris.com/play-icon.png
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e72a698d067306ab6bdd738403e0c32a63bb3d37ff5611a77fd6f8d75d2d0466
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::zmfnp-1694296310776-242b3be9c65c
age
60815
x-matched-path
/play-icon.png
etag
"9f5b74ae7d24a5ba164ae42b825626d6"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="play-icon.png"
accept-ranges
bytes
content-length
3306
adauris-lightmode.png
narrations.ad-auris.com/ Frame E791 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://narrations.ad-auris.com/adauris-lightmode.png
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a21b787c709f9bc7af1ce3f6177617a767dc65418cb0d48ec36afef999f0ab3d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::lqnzb-1694296310776-3fd87cbf7b6b
age
5095
x-matched-path
/adauris-lightmode.png
etag
"5902714d727fed3330aae96586271c4a"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="adauris-lightmode.png"
accept-ranges
bytes
content-length
10199
tb
fndrsp.net/ 		2 B
283 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AZZKZELR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.162.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gijn.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9RZYQkMBaaD5ZZi2jvg03LZ5RGJGStiaIfkkEU55ZB%2FKHIxzkphdDzZfwBHyDPyelnfOjNOj1qP9km9e882AO7vZiXK2kE4iCL%2B7Y8gIM1cwqw3s4aIpwfBPNsj"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gijn.org
access-control-allow-credentials
true
cf-ray
8042a7a63f3c4d3a-FRA
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ Frame E791 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N5D86R6
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
efb7136beedea0e3ce62bce0eb8bbce95107cfac5268889eef78bf5781e5ebde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70474
x-xss-protection
0
last-modified
Sat, 09 Sep 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Sep 2023 21:51:50 GMT
generate_204
www.youtube.com/ Frame F856 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?JBvzcA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
segment_narration_Z0FgpUym9oaS5TYRY4KEC.wav
storage.googleapis.com/ad-auris-narrations/GIJN/rss/10%20Tips%20for%20Using%20Geolocation%20and%20Open%20Source%20Data%20to%20Fuel%20Investigations/audio/ Frame E791 		287 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/ad-auris-narrations/GIJN/rss/10%20Tips%20for%20Using%20Geolocation%20and%20Open%20Source%20Data%20to%20Fuel%20Investigations/audio/segment_narration_Z0FgpUym9oaS5TYRY4KEC.wav
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/widget/gijn/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Referer
https://narrations.ad-auris.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 09 Sep 2023 21:51:51 GMT
x-guploader-uploadid
ADPycdsr_LWBB9qr5Hws-aWOmiBP2QLGg3KUrZ61RDKazY7WuIJ_mS2eaz055X5rCNNrvJb_1HYyTkNgH8h77AQvT9ac1nzqCV-4
x-goog-storage-class
STANDARD
Content-Range
bytes 0-40758043/40758044
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
40758044
last-modified
Mon, 13 Jun 2022 08:54:11 GMT
server
UploadServer
etag
"84131e2d0a8b914a0a6037b40ef0df93"
x-goog-generation
1655110451416928
content-type
audio/x-wav
x-goog-hash
crc32c=EOK0WQ==, md5=hBMeLQqLkUoKYDe0DvDfkw==
cache-control
public, max-age=3600
x-goog-stored-content-length
40758044
accept-ranges
bytes
expires
Sat, 09 Sep 2023 22:51:51 GMT
truncated
/ Frame E791 		98 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e1598c066c5df715221eafdcd2337439111571e9a09fff634d1dda85b8d3f40

Request headers

Referer
Origin
https://narrations.ad-auris.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 8623 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Sep 2023 21:51:50 GMT
generate_204
www.youtube.com/ Frame 8623 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?grFHQA
Requested by
Host: gijn.org
URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/116/ Frame F856 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/116/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 18:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15373
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 15:06:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 10 Sep 2023 18:13:42 GMT
registerInteraction
ad-auris-logging-db-l72twop3ra-uc.a.run.app/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad-auris-logging-db-l72twop3ra-uc.a.run.app/registerInteraction
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://narrations.ad-auris.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 09 Sep 2023 21:51:51 GMT
server
Google Frontend
vary
Access-Control-Request-Headers
x-cloud-trace-context
ff658ebca708e4b2d0655c307004ed65
x-powered-by
Express
ip2geolocation-1
us-central1-ad-auris-tts-app.cloudfunctions.net/ Frame E791 		556 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-central1-ad-auris-tts-app.cloudfunctions.net/ip2geolocation-1
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/_next/static/chunks/118-5b140a8db5cfa2a9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
9813fa333d51e3dd6bb4c24ecf3449662d41b5101ad8ca883d3176bdbedf3949

Request headers

Accept
application/json, text/plain, */*
Referer
https://narrations.ad-auris.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:51 GMT
content-encoding
gzip
server
Google Frontend
x-powered-by
Express
etag
W/"22c-EXA0Dc5a08ZKVQTeQspM94NTqfw"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://narrations.ad-auris.com
x-cloud-trace-context
97adbeb140fa5a6cf1be294788beba35
cache-control
private
function-execution-id
s7qowij86yp7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
380
registerInteraction
ad-auris-logging-db-l72twop3ra-uc.a.run.app/ Frame E791 		27 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad-auris-logging-db-l72twop3ra-uc.a.run.app/registerInteraction
Requested by
Host: narrations.ad-auris.com
URL: https://narrations.ad-auris.com/_next/static/chunks/118-5b140a8db5cfa2a9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
974ce13822d6d4965b3b9b2c9b8caaec4e5f39e55fb1108844b27ed2724b3436

Request headers

Accept
application/json, text/plain, */*
Referer
https://narrations.ad-auris.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Sep 2023 21:51:51 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"1b-W0QIaOI1RPxJhs/oLxiD+0FRT0E"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
8e615142c645e675bbf306bac6af7045
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27
cast_sender.js
www.gstatic.com/eureka/clank/116/ Frame 8623 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/116/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 18:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15373
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 15:06:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 10 Sep 2023 18:13:42 GMT
js
www.googletagmanager.com/gtag/ Frame E791 		215 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-97E8QK51BL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5D86R6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ddaad130bdd3d8d0d36e6857296b39a653b82a255aec10e4d8da3401a5c4836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80560
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Sep 2023 21:51:51 GMT
js
www.googletagmanager.com/gtag/ Frame E791 		256 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZVQ68W5RY4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5D86R6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00aa491b7cc8477e392d7a2433579a0978eb4c4e02a88e35b3ee1da1baec0ebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89315
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Sep 2023 21:51:51 GMT
js
www.googletagmanager.com/gtag/ Frame E791 		238 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4JR9X9Y6P1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5D86R6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b7cd9029b950ca54e95fa59bf324c8403b77b468fc52ee54d641ccb848dbb3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://narrations.ad-auris.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 21:51:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85180
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Sep 2023 21:51:51 GMT
log_event
www.youtube.com/youtubei/v1/ Frame F856 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
X-Goog-Request-Time
1694296312069
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/XbnLkc6r3yc?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
X-YouTube-Client-Version
1.20230904.00.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtSLVNMYUZhdVF1MCj10fOnBjIGCgJERRIA
X-YouTube-Ad-Signals
dt=1694296309848&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C772%2C434&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 09 Sep 2023 21:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sat, 09 Sep 2023 21:51:52 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 8623 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
X-Goog-Request-Time
1694296312845
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/9Gp1KnTOkuM?wmode=transparent&modestbranding=1&autohide=1&showinfo=0&rel=0
X-YouTube-Client-Version
1.20230904.00.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtmU3VmNmk3QTBaayj10fOnBjIGCgJERRIA
X-YouTube-Ad-Signals
dt=1694296310078&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C772%2C434&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 09 Sep 2023 21:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sat, 09 Sep 2023 21:51:52 GMT
tb
fndrsp.net/ 		2 B
469 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AZZKZELR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.162.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://gijn.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Sep 2023 21:51:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RE3FmA01MnuNnuVVsRt5LmZeA1ZxgMogR0OOFRM4HC3N5dpdeAssmIVhVgjyWrebJ4sPRGMxLoiPYwePe8RwwvJ1GHFZGmAq%2F0wDOHo1QhkBC7CRldDnqTcYs3Y%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gijn.org
access-control-allow-credentials
true
cf-ray
8042a7c59fe01da8-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture function| FundraiseUp function| whichHeader string| banner_img_src object| _wpemojiSettings undefined| $ function| jQuery function| LoadMorePosts object| html5 object| Modernizr function| yepnope function| gtag object| dataLayer object| _gaq object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| normalizeUrl function| myFunction function| revealStyling function| axios object| addComment object| dlmXHRtranslations object| dlmXHRinstance string| dlmXHRgif object| Largo object| respond object| funEmbed object| FUN_SERVICE_CONTAINER object| FUN object| FUN_ELEMENT_KEYS boolean| FUN_IS_MALFORMED_ENV object| largo_sharer function| debounce object| _gat object| twemoji object| wp object| funElementsApi object| webpackChunk_fundraiseup_checkout function| setImmediate function| clearImmediate

12 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: n89lPL-5d08e213fc1e31eabd-00y
.gijn.org/ Name: _ga_RLEQHEYQ7G
Value: GS1.1.1694296309.1.0.1694296309.60.0.0
.gijn.org/ Name: _ga
Value: GA1.1.882429802.1694296309
.gijn.org/ Name: fundraiseup_cid
Value: 16942963096151243811
.gijn.org/ Name: __utma
Value: 168268471.882429802.1694296309.1694296310.1694296310.1
.gijn.org/ Name: __utmc
Value: 168268471
.gijn.org/ Name: __utmz
Value: 168268471.1694296310.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.gijn.org/ Name: __utmt
Value: 1
.gijn.org/ Name: __utmb
Value: 168268471.1.10.1694296310
.youtube.com/ Name: YSC
Value: tpgZWu8MENw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: fSuf6i7A0Zk
.gijn.org/ Name: fundraiseup_session
Value: {%22t%22:%22.gijn.org%22%2C%22s%22:%221694296309715%22%2C%22sp%22:1%2C%22nsa%22:0%2C%22sls%22:%22DEAXLDPQ%22}

10 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
javascript warning URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Message:
The resource https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.6a83ec5143b3476f0a22.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Message:
The resource https://static.fundraiseup.com/sentry.d5bb4900eafe4c17884e.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Message:
The resource https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Message:
The resource https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.d94eaadc1070343e6d33.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Message:
The resource https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Message:
The resource https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Message:
The resource https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c493df9d423fa3cc5d89.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://gijn.org/2022/06/06/10-tips-for-using-geolocation-and-open-source-data-to-fuel-investigations/
Message:
The resource https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-auris-logging-db-l72twop3ra-uc.a.run.app
bit.ly
cdn.fundraiseup.com
cdn.jsdelivr.net
dynamic-widget-service-l72twop3ra-uc.a.run.app
fndrsp.net
fonts.gstatic.com
gijn.org
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
narrations.ad-auris.com
region1.analytics.google.com
ssl.google-analytics.com
static.doubleclick.net
static.fundraiseup.com
stats.g.doubleclick.net
storage.googleapis.com
us-central1-ad-auris-tts-app.cloudfunctions.net
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
141.193.213.10
172.64.162.27
172.67.72.38
2001:4860:4802:32::35
2001:4860:4802:34::36
2001:4860:4802:36::36
2606:4700::6810:5614
2a00:1450:4001:800::2008
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::201b
2a00:1450:4001:80f::2004
2a00:1450:4001:828::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2016
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c07::9b
67.199.248.10
76.76.21.123
00aa491b7cc8477e392d7a2433579a0978eb4c4e02a88e35b3ee1da1baec0ebb
0428e18a04a4b3f666ed7def51b7ad8b0eeed37d79e0037073a084ff203c6c1a
05449d51753966df0f73d3943416f3b5689939fcb54dbde16afaa7a35009cdab
088e9532a4cd6710b155e81715a09e16700c07a1552d70a0888f2619a54d4f1b
0afcc7c13187b2baab1958d0a6962baefd8beca52a6354a4fc76e6ed2b78b10f
0c9a8bf4daf539463f609b2d8c45c1f138658dfdb9f6b776f2a20da40c92e152
111cb621fb35d629a5a8451f7d0290e20d5b299f772070cc0bf387029e4f0674
1163d8731ed6f681c27113b5b8af6d76b1afa9662123b4603330fe2ee45464c6
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13679b65ad7ae5389651cdc9ffc8a785e0a66b277022e6834b57e1a8cfa8fb5e
15989710987ebffff3465a6f20000af3fb6691e1647ac9c9a80e3162bb8e0ec0
168b73d7539992b9354fe32aec5c4e9d377cdc8c4a296001673c777214bbcd59
1a0684697ae67755933f2449bab6f396c2465430ab1b1bc23439107cde458892
1cbe1468bb9a4bdcc5250fdf8d1c6cfccd2e3824018a47bf93344b255827fdbe
1d47e1aa9459fbfab27e58f6aee6752f5df385cd5e43429006d4243fbd0a5334
1d6ad1316c43e95ebb9aab6987969149ff0980880bd0a16c301220371fcace0b
1ddaad130bdd3d8d0d36e6857296b39a653b82a255aec10e4d8da3401a5c4836
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
2221e9372eb6a6bf90c0269412580aaa624181fe55845f967a543c9ac2f086bf
22fca8c9633ea6ba077348ab5a18dc79a4e11ce9562a39a8b699e4e0abf0209a
233d0ee075f20b586e69d99507db3fc9c1b87a9f171a69227b36748b456a4188
269ecf4b08606b54dc8c218bdf964be9b4647e8eec22c2ae718bdd3103e243b4
2745aa4401c27f592fb4ddacc499021177fe4438ff87821c3cc7281a908ed8fc
28d07f4357439b5e43f7c406e7d33d9034b1b5d0a49832c810a77d651f606c88
2bc825168f83a9a45e3db51e2a06d56b947d18ca3acdbc06ba7acff5c428f047
2c7c8214e86e92be7f9539596aab6c72faf5a129711ee5fa6722ad249eafac29
2dc5bcb88c13edac556886c704f23fd208a59f14c4a219fa16409ac97cf85026
36b36452c44c4c355671f0ea4ae3b20cf0fb1fe2813d3ec2678570362591acb7
3b7cd9029b950ca54e95fa59bf324c8403b77b468fc52ee54d641ccb848dbb3c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4231d5357bb8476431ba65f14ed7c39e6597be210f35498c8b0bba5354af4b0e
428e9bf47be6c7dcda4938fae05cdf0b0e9cbaf145bb5a4aeba297ccfb78b10e
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
492d1d55fbd62102770e1904106eb06bbeadf8e4240570e4494d279970f016d6
497a51c828bd26b0a7bad47d449dfc7118a57a30e828147bd8f4d92f3ad95baa
4a2f3af492588a668c1008f330fd1e9bfd5111eea4e315980e3476dcc4cde20b
4b3bfd2018fda17cb7e1f3486c5a0e0bdcec78cb8123d0effcca478ce895d5a1
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55166251d302b469fd82cc777fc62d10d1599b6c27c72c57f930eae05fbab1d7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
632f5d2ec53c954857585917f56a7550b164dee985f12f8a3a9de598cf82e9f6
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6f173fbde897c4b5e403c91d99bfc6d671efea799450ca3b11c0d1bcce2ddfc1
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
739f7119f54f70d3f3e55a378094b834ad1a08d6dc36d2d401cb7acfcd743172
73e68151ad8beb1a795c7d4b9a51313b5e5da51f6a400b5a42e09a6ef03c7b1b
741aabb89e957dbb1cab29a69362a71d2ad65d885016925ac840f25b7254fc0d
7562de8e00f0f0721fd342c7b3f32ab8e19d3338934b328c944df1cf91e2738c
77da17edd53c05959ebac8ade75b92e9e4c921177ab5d2e833fc03c355217768
785272c9b1033897a81797962645fa74e7da0c63dd7208bae2ef171ecba275ea
78d3fa1c57fbf252c5e3caa2e62cae3e49d67c45ddf5cab7a5338f6064606e41
791b444b9e8bd9c559866b58eb0305ec016efba9fbaccb8e4fb29449ea068de9
7a5b61e5a9c23b78c3f73d8ded55ff260f58e36f67ebfe1b3330755104f78ad1
7e1598c066c5df715221eafdcd2337439111571e9a09fff634d1dda85b8d3f40
7fb540111e201fc18122b6f49ce413362cf4add3584c4fcc8bc8708f1dbf322b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
868da4185c250265c9ec42e5dfbe1791c82c0c1941e9c0139062a5dc6a59f9ad
8b6a268eb42b3384c45c46b16614967e56e591025874a5f1d9fc0499f8bec6b3
8c10bfd761676feda6e280e0d31794b1a8d21279f437ddb817a708d6fe0b72db
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
8ffb16062f3fd1e5115097972ebe81d043800fddb435623ed9ec8fd764e7c752
90186839bf5abcd681fa54e4b9223c39c1d2967a7436a9d4045de04b29427285
934b9131d619f05c76bf57e9dddee0b1e4770f7fab517c8d64167679400fb84d
94f6774cf11b0ae2c438126649c4fbe4e3314a8cfaed638a65f66840ad3c1be9
974ce13822d6d4965b3b9b2c9b8caaec4e5f39e55fb1108844b27ed2724b3436
97a159e488477400a41c43897dc257375cf9bdabd184e67c79ca01a13c051647
9813fa333d51e3dd6bb4c24ecf3449662d41b5101ad8ca883d3176bdbedf3949
98f15cd0cb1ffd1cac04bdc842346898ee3e097a61783be2a9bbf9095d02ffe8
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
a21b787c709f9bc7af1ce3f6177617a767dc65418cb0d48ec36afef999f0ab3d
a6f1a27523fac115bbbfe84f4fe2b29a6eb77997c02eb7a18f438bcea73927a0
a85c3374bc9eef9454f5d41e40b8cc2d33490afce860f68e374fd18a37acef2f
a9f217c38dab9cc8ad8da8d9d383da0baaaea68ad3c6310cb18388fe7ae4a454
ab193b03189605d219d5f85c3830b9d8075a1b00900853d298d018303362b606
afcc75531c0a0ca9e2cac790f06176d118535553b9f4b20fc7428754fc02fc33
b3dbf7f9bc1bf4aac1ee09444608266f6a355a4ddb67184d4a73cf6f3920ec9b
b50dd2bf096a0d4c875f872b396cb0aa2d9fbcd085c578d48bfe4f5109768d4b
b678670df4d4427305f8f7b564affa7d36d51aaf85987117555e4dc09e731d83
b8b8e77df304134446ca875214b28cdbb9a36511daedbc4b8ba8ef77fc86964c
bd717b1f2517da99c7e51bfe7082ee01251c25f66be52d5a081dabb26805c89a
bec4d70b4458b6965f67c6cef110d1a46ebc982308611f4eeb8bb4a626cb1453
bf359a3cb0d6b3d4716f5c6d38e82bef32c84313d7210ee5999f2ba36dbe39a8
c60e6d3bf82428d186dad6edace0123261968759c6462417f5d5c42464e6f8cb
c65ff67fb00c0a3606f626010f9f51a042a8da36f20fa07dd98ba406cf37d851
cc125602a1b168bf46fa7daaa9468cd937b0fd3dfddeedff556340ee1c0b0b2c
d1dcf8b585bb80f72250e359e0cd545c9218c7452ca2555ef6817b1ac97e3daf
d625ffeb66507b5bb261bed24c35f5f5ff9f156f5ebd3fce5b95f29f054f5469
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
dd9ddad21c9e6f19fa4e50a1cdefa3a0e21107e7c0e8ef90d22e1c3372cc0394
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ee86b4e0927c9e138247510884fc856ba7e713830d624f3cba9bda8b26de46
e48977302b56fd91f13fd5f891c75061dddb72c653db8885b4ede75e2a8e86d8
e4dcfd138ab21b6f3679e81114be6f752b478552c6e8c39af2c1436e49865841
e4f6436ec3f96d2900f3c277650e9a6972f42170a883790d862a624df532fe33
e59dd93adb670656d3323a3b3bf614209cdd9916dd9ac1acea5fed28a866f0a1
e72a698d067306ab6bdd738403e0c32a63bb3d37ff5611a77fd6f8d75d2d0466
ea5183bef3367e24520cdc650950acfbdc20e47a9b526d41eb93bb7feccddd28
eb5228927b9ab8babed664ebab3230878a10d91180006e7fe546df4f013c7e12
ebd9916f73aea2ae814451af5fa1ce5fad205d534409877fd10bd6ffb43dd3c2
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb7136beedea0e3ce62bce0eb8bbce95107cfac5268889eef78bf5781e5ebde
f0b7e34a0c461754e737c28261e71affc345d019841efe465d58037bb3006e7e
fa4ffe02411e1ffaaa2bda2fece4c0fb2c85456db525b6f31254e1fa0529d3cc
fb824e1aa563232406380294e54413a39eb66c0a72d4c56bb20d7fa864f09d45
fba4f9d362163844edb5bf128ffa9d1a9a5cb6926965a42c5c62ea5233657c93
fd927536a19a1583559667290bad2f79ee2994a0bab4a8a2abf1a002e14c2565