vrfoundation.org Open in urlscan Pro
79.143.73.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vrfoundation.org/
Effective URL:
https://vrfoundation.org/
Submission: On December 03 via api (December 3rd 2023, 4:24:43 am UTC) from US — Scanned from DE

Summary HTTP 78 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 17 domains to perform 78 HTTP transactions. The main IP is 79.143.73.41, located in Russian Federation and belongs to RU-JSCIOT, RU. The main domain is vrfoundation.org.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.

This is the only time vrfoundation.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 34	79.143.73.41 79.143.73.41	29182 (RU-JSCIOT) (RU-JSCIOT)
2	2a00:ab00:610... 2a00:ab00:610:1::1	49505 (SELECTEL) (SELECTEL)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.27.75 13.32.27.75	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:b0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:a200:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.120.65.30 3.120.65.30	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:992a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	13.32.27.102 13.32.27.102	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:215... 2600:9000:2156:a000:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.118 13.32.99.118	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
78	22

34 79.143.73.41 (Russian Federation) 3 redirects

ASN29182 (RU-JSCIOT, RU)
PTR: new.bafsy

vrfoundation.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bafsy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xn--80abw9ao.xn--p1ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
platform-bafsy.promo-kit.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
platform.bafsy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:ab00:610:1::1 (Russian Federation)

ASN49505 (SELECTEL, RU)

349426.selcdn.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-75.fra56.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:b0d (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:a200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.65.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-65-30.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0d (United States)

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:992a (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.27.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-102.fra56.r.cloudfront.net

gdpr-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2156:a000:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-118.fra60.r.cloudfront.net

openfpcdn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	vrfoundation.org 1 redirects vrfoundation.org	876 KB
14	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4380 buttons-config.sharethis.com — Cisco Umbrella Rank: 4860 l.sharethis.com — Cisco Umbrella Rank: 4541 gdpr-api.sharethis.com — Cisco Umbrella Rank: 68093 platform-cdn.sharethis.com — Cisco Umbrella Rank: 9179	654 KB
11	google.com cse.google.com — Cisco Umbrella Rank: 3119 region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 411	175 KB
9	bafsy.com 1 redirects bafsy.com platform.bafsy.com	4 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6765	578 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75	423 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	261 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	23 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 8169 prism.app-us1.com — Cisco Umbrella Rank: 8201	8 KB
2	selcdn.ru 349426.selcdn.ru	161 KB
1	openfpcdn.io openfpcdn.io — Cisco Umbrella Rank: 15226	14 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 8444	315 B
1	promo-kit.ru platform-bafsy.promo-kit.ru	3 KB
1	1 redirects function sub() { [native code] }.	194 B
78	17

	Domain	Requested by
23	vrfoundation.org	1 redirects vrfoundation.org
8	platform.bafsy.com	bafsy.com
6	gdpr-api.sharethis.com	platform-api.sharethis.com gdpr-api.sharethis.com vrfoundation.org
6	www.google.com	cse.google.com www.google.com vrfoundation.org
5	platform-cdn.sharethis.com	vrfoundation.org
3	www.google.de	vrfoundation.org
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	vrfoundation.org www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdnjs.cloudflare.com	bafsy.com
2	fonts.googleapis.com	client
2	region1.analytics.google.com	www.googletagmanager.com
2	cse.google.com	vrfoundation.org www.google.com
2	349426.selcdn.ru	vrfoundation.org
1	openfpcdn.io	bafsy.com
1	fonts.gstatic.com	fonts.googleapis.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	clients1.google.com	vrfoundation.org
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	diffuser-cdn.app-us1.com	vrfoundation.org
1	platform-bafsy.promo-kit.ru	vrfoundation.org
1	xn--80abw9ao.xn--p1ai	1 redirects
1	bafsy.com	1 redirects
1	platform-api.sharethis.com	vrfoundation.org
78	26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
vitiligo.ai
donorbox.org
readerlinks.com
www.amazon.com
25june.org
vitinomics.net
carbonfay.ru
twitter.com

Subject Issuer	Validity	Valid
vrfoundation.org R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.selcdn.ru AlphaSSL CA - SHA256 - G4	`2023-11-24` - `2024-12-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
diffuser-cdn.app-us1.com E1	`2023-10-05` - `2024-01-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
prism.app-us1.com E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-26` - `2024-08-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
openfpcdn.io Amazon RSA 2048 M01	`2023-01-25` - `2024-02-24`	a year	crt.sh
platform-bafsy.promo-kit.ru R3	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://vrfoundation.org/
Frame ID: D9FFC52E2734847DB3C454B16E5508FE
Requests: 76 HTTP requests in this frame

Frame: https://gdpr-api.sharethis.com/portal-v2.html
Frame ID: 11A125979722B829328591111A860C67
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vitiligo Research Foundationsearch

Page URL History Show full URLs

http://vrfoundation.org/ HTTP 301
https://vrfoundation.org/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

78
Requests

99 %
HTTPS

77 %
IPv6

17
Domains

26
Subdomains

22
IPs

4
Countries

2251 kB
Transfer

5983 kB
Size

8
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/VRFoundation

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vrfoundation_/

Search URL Search Domain Scan URL

URL: http://vitiligo.ai/
Title: Launch

Search URL Search Domain Scan URL

URL: https://donorbox.org/keep-vitiligo-news-free-and-independent?default_interval=m&amount=30
Title: DonateTodayOur work is entirely funded by private donations – we receive no money from government. Your money will help us continue funding research into vitiligo and supporting people affected by the condition.

Search URL Search Domain Scan URL

URL: http://readerlinks.com/l/270082
Title: Buy on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/No-Nonsense-Guide-Vitiligo-Yan-Valle-ebook/dp/B077PW8LTK/ref=asap_bc?ie=UTF8
Title: Buy on Amazon

Search URL Search Domain Scan URL

URL: http://25june.org/

Search URL Search Domain Scan URL

URL: http://vitinomics.net/
Title: By taking a little time to fill in the anonymous questionnaire, you can help researchers better understand and fight vitiligo.

Search URL Search Domain Scan URL

URL: https://carbonfay.ru/
Title: made by carbonfay

Search URL Search Domain Scan URL

URL: https://twitter.com/vrfoundation

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vrfoundation_

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vrfoundation.org/ HTTP 301
https://vrfoundation.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://bafsy.com/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow HTTP 301
https://xn--80abw9ao.xn--p1ai/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow HTTP 302
https://platform-bafsy.promo-kit.ru/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow

78 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vrfoundation.org/
Redirect Chain

http://vrfoundation.org/
https://vrfoundation.org/

27 KB
10 KB

167ms
73ms

Document
text/html

79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://vrfoundation.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

new.bafsy

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

13c39a8b449fe883ed6617d869323bc4786e4127fa9b4bde95661ab498597ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 04:24:37 GMT
etag: W/"13c39a8b449fe883ed6617d869323bc4"
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000
vary: Accept-Encoding Origin
x-content-type-options: nosniff nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: ef89114b-c2b6-41f5-8a0e-8f645640d431
x-runtime: 0.020623
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Sun, 03 Dec 2023 04:24:37 GMT
Location: https://vrfoundation.org/
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
vrfoundation.org/assets/ 151 KB
24 KB 64ms
63ms Stylesheet
text/css 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
content-encoding: gzip
last-modified: Thu, 30 Nov 2023 10:41:08 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "656866c4-5e59"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public
content-length: 24153
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_fb-5316ac622c47ed381385f92011b78d4d38f5190c53e5dbebae00bc3c293a5607.png
vrfoundation.org/assets/ 984 B
1 KB 102ms
100ms Image
image/png 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/logo_fb-5316ac622c47ed381385f92011b78d4d38f5190c53e5dbebae00bc3c293a5607.png
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5316ac622c47ed381385f92011b78d4d38f5190c53e5dbebae00bc3c293a5607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
last-modified: Wed, 10 May 2023 10:44:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "645b7596-3d8"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 984
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_inst-9008fb38a48ab8e280a8db4b48b4ff8793ed9c76feb9c780d74873f01fd5d483.png
vrfoundation.org/assets/ 16 KB
16 KB 144ms
143ms Image
image/png 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/logo_inst-9008fb38a48ab8e280a8db4b48b4ff8793ed9c76feb9c780d74873f01fd5d483.png
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9008fb38a48ab8e280a8db4b48b4ff8793ed9c76feb9c780d74873f01fd5d483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
last-modified: Wed, 10 May 2023 10:44:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "645b7596-3f23"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 16163
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 heroImg1.jpeg
349426.selcdn.ru/cbf-storage/vrf/ 70 KB
71 KB 183ms
66ms Image
image/jpeg 2a00:ab00:610:1::1
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://349426.selcdn.ru/cbf-storage/vrf/heroImg1.jpeg
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:ab00:610:1::1 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 801ce481908b825eac73999ba93cf38f6054b4d9230e3c492f563b4e2e3ae493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-container-storage-policy-name: Policy-0
date: Sat, 02 Dec 2023 22:13:43 GMT
last-modified: Thu, 27 Apr 2023 12:50:38 GMT
age: 22254
etag: "244c490ed75bb146b8efd4ae8c175d22"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
x-timestamp: 1682599837.01424
x-container-storage-policy-index: 0
accept-ranges: bytes
content-length: 71682
x-trans-id: 1759cba310152f5b

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
4 KB 71ms
36ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=05d634a5b3fd88d0f

Requested by

Host: vrfoundation.org
URL: https://vrfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

1414e6dcedd8f3a45c7b5c5732eb6d5569ffd9c498e3988621d060af4165e6bc

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-gy05atPVcIygsO4__uP7SA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-gy05atPVcIygsO4__uP7SA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Sun, 03 Dec 2023 04:24:37 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2433
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Sun, 03 Dec 2023 04:24:37 GMT

GET
H2 200 img1mob-ea5338eea9514fa5ec0c5ce99e212568ed9a23b0cb7303f27e9e45ee08426cdf.jpg
vrfoundation.org/assets/ 14 KB
14 KB 101ms
99ms Image
image/jpeg 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/img1mob-ea5338eea9514fa5ec0c5ce99e212568ed9a23b0cb7303f27e9e45ee08426cdf.jpg
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ea5338eea9514fa5ec0c5ce99e212568ed9a23b0cb7303f27e9e45ee08426cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-382d"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 14381
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 book1-3e95e3a401ae772ff28f1554b1353fa56f0f0d35e873a393d66120efec4073af.jpg
vrfoundation.org/assets/ 16 KB
16 KB 107ms
106ms Image
image/jpeg 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/book1-3e95e3a401ae772ff28f1554b1353fa56f0f0d35e873a393d66120efec4073af.jpg
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3e95e3a401ae772ff28f1554b1353fa56f0f0d35e873a393d66120efec4073af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-40b5"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 16565
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amazon-23bc2b64d3ee8f8f41c4faa0a2fb368a38cc954155e7e67c91ee1ea1f83fe9ce.png
vrfoundation.org/assets/ 1 KB
1 KB 110ms
108ms Image
image/png 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/amazon-23bc2b64d3ee8f8f41c4faa0a2fb368a38cc954155e7e67c91ee1ea1f83fe9ce.png
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 23bc2b64d3ee8f8f41c4faa0a2fb368a38cc954155e7e67c91ee1ea1f83fe9ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-4bb"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1211
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vitiligo_book_en_small-9c06cddbaee58a66fef52678da613741227bebf78348afbfb639ddde6f18e186.jpg
vrfoundation.org/assets/ 16 KB
16 KB 124ms
123ms Image
image/jpeg 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/vitiligo_book_en_small-9c06cddbaee58a66fef52678da613741227bebf78348afbfb639ddde6f18e186.jpg
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9c06cddbaee58a66fef52678da613741227bebf78348afbfb639ddde6f18e186

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-40bc"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 16572
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 twitter-7dfd774df219d565a27ca80076236766b165fd0686eabe8d4b54736c9b511b93.svg
vrfoundation.org/assets/ 1 KB
861 B 144ms
143ms Image
image/svg+xml 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/twitter-7dfd774df219d565a27ca80076236766b165fd0686eabe8d4b54736c9b511b93.svg
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7dfd774df219d565a27ca80076236766b165fd0686eabe8d4b54736c9b511b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-27e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000, public
content-length: 638
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 facebook-c058cd83c61062ee46185ba9f1cd94fa33bf584a2342f8e6406344425318bd87.svg
vrfoundation.org/assets/ 553 B
564 B 175ms
174ms Image
image/svg+xml 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/facebook-c058cd83c61062ee46185ba9f1cd94fa33bf584a2342f8e6406344425318bd87.svg
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c058cd83c61062ee46185ba9f1cd94fa33bf584a2342f8e6406344425318bd87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-155"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000, public
content-length: 341
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 instagram-ccd233565461c2e83e1479a9f414a3196d4ec67eb1fd785e5893a475e6bc0adc.svg
vrfoundation.org/assets/ 1 KB
674 B 175ms
174ms Image
image/svg+xml 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/instagram-ccd233565461c2e83e1479a9f414a3196d4ec67eb1fd785e5893a475e6bc0adc.svg
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ccd233565461c2e83e1479a9f414a3196d4ec67eb1fd785e5893a475e6bc0adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-1c3"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000, public
content-length: 451
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-84c4217a23305dbdccf12a819c8ae92fef0af58d775e718f67cf3a5870ab9099.js Show response
vrfoundation.org/assets/ 498 KB
136 KB 134ms
132ms Script
application/javascript 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://vrfoundation.org/assets/application-84c4217a23305dbdccf12a819c8ae92fef0af58d775e718f67cf3a5870ab9099.js
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 84c4217a23305dbdccf12a819c8ae92fef0af58d775e718f67cf3a5870ab9099

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 21:07:43 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "628d491f-21dc8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public
content-length: 138696
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 205 KB
46 KB 40ms
7ms Script
text/javascript 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: vrfoundation.org
URL: https://vrfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Resource Hash

130c61c2bfc6dff6d70ec2dae4ca8ba7dcf669878d81c91a5821b44b3972c2b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:18:58 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
age: 339
etag: W/"332a8-TLw9AuvfjXyryvfCUMBAgFW/bLw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: 5RCWzsdzsJ3Fdmc-6auyEP35Z682Fq-dBke5_z0ZlKpzZz2ck676LA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
75 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PK8GBX

Requested by

Host: vrfoundation.org
URL: https://vrfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18331639abafb4498d8355a35d91299b52edd3561d096c236a27359c83807545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76172
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Dec 2023 04:24:37 GMT

GET
H2

200

actions.js Show response
platform-bafsy.promo-kit.ru/cdp/
Redirect Chain

https://bafsy.com/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow
https://xn--80abw9ao.xn--p1ai/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow
https://platform-bafsy.promo-kit.ru/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow

7 KB
3 KB

356ms
49ms

Script
application/javascript

79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-bafsy.promo-kit.ru/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow

Requested by

Host: vrfoundation.org
URL: https://vrfoundation.org/

Protocol

Server

79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

new.bafsy

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4029b7bf5e4f78b9d567f0e8aa8367d22cb7516c43b57027ec2dd1ea9dc15329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
x-content-type-options: nosniff, nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: c2b73ef6-b905-4693-a030-0d68e2525590
x-runtime: 0.002013
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0 (Ubuntu)
etag: W/"4029b7bf5e4f78b9d567f0e8aa8367d2"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate

Redirect headers

location: https://platform-bafsy.promo-kit.ru/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow
date: Sun, 03 Dec 2023 04:24:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
content-length: 154
content-type: text/html

GET
H2 200 logo-6f00d1a401c85ba842908fb3440a0a1ca1a2ccaa2e9f02612990f5d75b19bfb8.svg
vrfoundation.org/assets/ 637 KB
482 KB 136ms
132ms Image
image/svg+xml 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/logo-6f00d1a401c85ba842908fb3440a0a1ca1a2ccaa2e9f02612990f5d75b19bfb8.svg
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6f00d1a401c85ba842908fb3440a0a1ca1a2ccaa2e9f02612990f5d75b19bfb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-7866d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000, public
content-length: 493165
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 img1.png
349426.selcdn.ru/cbf-storage/vrf/ 90 KB
90 KB 211ms
173ms Image
image/png 2a00:ab00:610:1::1
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://349426.selcdn.ru/cbf-storage/vrf/img1.png
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:ab00:610:1::1 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 463867831b8ee1af701a73a60f8d93072a87fd66544be460d711c3a46a954e8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-container-storage-policy-name: Policy-0
date: Sat, 02 Dec 2023 20:30:41 GMT
last-modified: Thu, 27 Apr 2023 12:50:36 GMT
age: 28436
etag: "b78c40a241808124caf96e2e846d1a49"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
x-timestamp: 1682599835.89856
x-container-storage-policy-index: 0
accept-ranges: bytes
content-length: 91667
x-trans-id: 1759cba2cdc04d8b

GET
H2 200 book-shadow-9ec8e7afd5d5f4a440200322b62d3799a8a2c19eda1438ad025ea0f0a1f43677.png
vrfoundation.org/assets/ 21 KB
21 KB 136ms
132ms Image
image/png 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/book-shadow-9ec8e7afd5d5f4a440200322b62d3799a8a2c19eda1438ad025ea0f0a1f43677.png
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9ec8e7afd5d5f4a440200322b62d3799a8a2c19eda1438ad025ea0f0a1f43677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-523f"
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 21055
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ico-donate-7250da6fe08b8aaf957bde6be858a7c64a37ba800877eb567f5e641887de8cc7.svg
vrfoundation.org/assets/ 12 KB
6 KB 136ms
132ms Image
image/svg+xml 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/ico-donate-7250da6fe08b8aaf957bde6be858a7c64a37ba800877eb567f5e641887de8cc7.svg
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7250da6fe08b8aaf957bde6be858a7c64a37ba800877eb567f5e641887de8cc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-1623"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000, public
content-length: 5667
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 info-bg-1-0ccb57b33ac84dfff29eea3129b919f8a75fb045498eb0f412deb19739a0d7b9.jpg
vrfoundation.org/assets/ 8 KB
8 KB 136ms
133ms Image
image/jpeg 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/info-bg-1-0ccb57b33ac84dfff29eea3129b919f8a75fb045498eb0f412deb19739a0d7b9.jpg
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0ccb57b33ac84dfff29eea3129b919f8a75fb045498eb0f412deb19739a0d7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-1ea1"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 7841
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 info_bg2-4422cd554cb760e22b23d37949e1774f753480bc91a829df8b8ddd146b1ff3ce.jpg
vrfoundation.org/assets/ 10 KB
10 KB 135ms
133ms Image
image/jpeg 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/info_bg2-4422cd554cb760e22b23d37949e1774f753480bc91a829df8b8ddd146b1ff3ce.jpg
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4422cd554cb760e22b23d37949e1774f753480bc91a829df8b8ddd146b1ff3ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-2915"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 10517
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 info_bg3-892f3e90f4c03f8497dd171e3157c46359d8b6072f336f531a4c20bad6bde696.jpg
vrfoundation.org/assets/ 12 KB
12 KB 136ms
133ms Image
image/jpeg 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/info_bg3-892f3e90f4c03f8497dd171e3157c46359d8b6072f336f531a4c20bad6bde696.jpg
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 892f3e90f4c03f8497dd171e3157c46359d8b6072f336f531a4c20bad6bde696

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-2f75"
content-type: image/jpeg
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 12149
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 creator-db1206913a6cc27182106153e47225ba8b126886b428357f07c87d315ec54a0a.svg
vrfoundation.org/assets/ 4 KB
3 KB 136ms
133ms Image
image/svg+xml 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrfoundation.org/assets/creator-db1206913a6cc27182106153e47225ba8b126886b428357f07c87d315ec54a0a.svg
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: db1206913a6cc27182106153e47225ba8b126886b428357f07c87d315ec54a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-cf4"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000, public
content-length: 3316
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 museosanscyrl-700-webfont-22876b3e4c78d32bb35d660267ad2fe4b74060dc66a5135e18044343ae89e584.woff2
vrfoundation.org/assets/ 32 KB
32 KB 133ms
131ms Font
application/octet-stream 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://vrfoundation.org/assets/museosanscyrl-700-webfont-22876b3e4c78d32bb35d660267ad2fe4b74060dc66a5135e18044343ae89e584.woff2
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 22876b3e4c78d32bb35d660267ad2fe4b74060dc66a5135e18044343ae89e584

Request headers

Referer: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
Origin: https://vrfoundation.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-7fe0"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32736
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 museosanscyrl-500-webfont-aca4cb766677bc1302c8290499468bde4ae96c852a70c4638db8e06979c9ffa3.woff2
vrfoundation.org/assets/ 32 KB
32 KB 134ms
131ms Font
application/octet-stream 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://vrfoundation.org/assets/museosanscyrl-500-webfont-aca4cb766677bc1302c8290499468bde4ae96c852a70c4638db8e06979c9ffa3.woff2
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: aca4cb766677bc1302c8290499468bde4ae96c852a70c4638db8e06979c9ffa3

Request headers

Referer: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
Origin: https://vrfoundation.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-7f24"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32548
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 museosanscyrl-300-webfont-a275dd7d87bb7daa241319d1f0bc20315b4946343c4a37ce9aa8463f70b530f8.woff2
vrfoundation.org/assets/ 32 KB
32 KB 134ms
132ms Font
application/octet-stream 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://vrfoundation.org/assets/museosanscyrl-300-webfont-a275dd7d87bb7daa241319d1f0bc20315b4946343c4a37ce9aa8463f70b530f8.woff2
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: new.bafsy
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a275dd7d87bb7daa241319d1f0bc20315b4946343c4a37ce9aa8463f70b530f8

Request headers

Referer: https://vrfoundation.org/assets/application-5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d.css
Origin: https://vrfoundation.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
last-modified: Wed, 06 Apr 2022 13:15:42 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "624d927e-7ee8"
content-type: application/octet-stream
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32488
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
90 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G88BQ4456P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PK8GBX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63ee3b9774a0e11a2720af8129d8f8408cd9ce00e502a94dc1e8acef1f74e534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 04:24:37 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 50ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-G88BQ4456P&gtm=45je3bt0v9117904570z8812005086&_p=1701577477753&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=788361361.1701577478&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701577477&sct=1&seg=0&dl=https%3A%2F%2Fvrfoundation.org%2F&dt=Vitiligo%20Research%20Foundation&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=490
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G88BQ4456P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 04:24:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vrfoundation.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 79ms
23ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G88BQ4456P&cid=788361361.1701577478&gtm=45je3bt0v9117904570z8812005086&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G88BQ4456P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 04:24:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vrfoundation.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 54ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-G88BQ4456P&cid=788361361.1701577478&gtm=45je3bt0v9117904570z8812005086&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1277114430

Requested by

Host: vrfoundation.org
URL: https://vrfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 04:24:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 67ms
19ms Script
application/javascript 2606:4700::6810:b0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: vrfoundation.org
URL: https://vrfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:b0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:38 GMT
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P2
age: 206
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 82f90a85b8444d22-FRA
x-amz-cf-id: Znru-wHQkCoRkEzgI0NAmf5MD5O4bjR_iQvix3I5LQK_rysFOinPRg==

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/2b35e7a15e0e30e2/ 314 KB
105 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/2b35e7a15e0e30e2/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=05d634a5b3fd88d0f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbf7eb98f997a8df116c6515ce77a2e76be2dafbdbc62cd7feade398544ac0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106943
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 17:44:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 03 Dec 2023 04:24:38 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/2b35e7a15e0e30e2/ 41 KB
9 KB 56ms
14ms Stylesheet
text/css 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/2b35e7a15e0e30e2/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=05d634a5b3fd88d0f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9068
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 17:44:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 03 Dec 2023 04:24:38 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 52ms
11ms Stylesheet
text/css 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=05d634a5b3fd88d0f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sun, 03 Dec 2023 05:00:50 GMT

GET
H2 200 5e0396cfb784b90012810dae.js Show response
buttons-config.sharethis.com/js/ 1 KB
921 B 456ms
399ms Script
text/javascript 2600:9000:206f:a200:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5e0396cfb784b90012810dae.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:a200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0715c063c5c5a2857ecb04434fc7e51bee10d1410ada8b9dc6f5659bd0681da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:39 GMT
content-encoding: gzip
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 02 Jun 2020 23:46:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
etag: W/"8b9e6134a8d5c1293c2b6499d9e21dad"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
x-amz-cf-id: fkQeQKbxR5aeEVeQWlWZBkjc2VjFCd3crG03Qpa4uKvuzUgesMz0bg==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
403 B 46ms
7ms XHR
text/plain 3.120.65.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=vrfoundation.org&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fvrfoundation.org%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Vitiligo%20Research%20Foundation&cms=unknown&publisher=5e0396cfb784b90012810dae&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&uuid=212194a5-ef07-42ef-b23a-d6645b963a15

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.120.65.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-65-30.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sun, 03 Dec 2023 04:24:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://vrfoundation.org
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 / Show response
prism.app-us1.com/ 246 B
490 B 216ms
190ms Script
application/javascript 2606:4700::6810:a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=89895264&u=https%3A%2F%2Fvrfoundation.org%2F

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.25

Resource Hash

3b7167e684bdb4c289e10df6fac66d9312122b6cf8eaf295b41d81e1a46dfee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.25
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 74
cf-ray: 82f90a860aae5d3d-FRA

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 143 KB
52 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/2b35e7a15e0e30e2/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9211b98042b17907d74bb76aa84613fe8d9dec0208003af8082899a662a00c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "12933309866110392501"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Sun, 03 Dec 2023 04:24:38 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/2b35e7a15e0e30e2/default+en.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/2b35e7a15e0e30e2/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:04:55 GMT
x-content-type-options: nosniff
age: 145183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 30 Nov 2024 12:04:55 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: vrfoundation.org
URL: https://vrfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:40:32 GMT
x-content-type-options: nosniff
age: 171846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 30 Nov 2024 04:40:32 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 60ms
6ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: vrfoundation.org
URL: https://vrfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 138ms
118ms Script
text/javascript 2606:4700:4400::ac40:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=89895264&prismid=5a02d7c1-7d3f-4f6b-9a5d-bdbdaf1f276b&url=https%3A%2F%2Fvrfoundation.org%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.24
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.24
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 13
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 82f90a875c321913-FRA
content-length: 0

GET
H2 200 is_eu Show response
gdpr-api.sharethis.com/ 14 B
402 B 163ms
85ms XHR
application/json 13.32.27.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gdpr-api.sharethis.com/is_eu

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-102.fra56.r.cloudfront.net

Software

Resource Hash

7a9029645ca045423baf70eb0ef119d0640061fbb4813631607dc9b44771bec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:39 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
etag: W/"e-y/fjTepD2HNpTnKC8rRrbahwByo"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public
content-length: 14
x-amz-cf-id: wMP8PSc4kLRIxp3Ik29-s8WVGtaxXSQFmwSfAdJ1gM0tqRqrnwle6g==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
745 B 73ms
7ms Image
image/svg+xml 2600:9000:2156:a000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: vrfoundation.org
URL: https://vrfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 02:45:41 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA50-C1
age: 1474738
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 301
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "c6e9be45643e197ce1db1d7e24a99adc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 5jG_LJr-ABm1c53Lx_LW_gKjhuhNXEr9nvS7gumT_DMrHwzdctb40A==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 368 B
778 B 75ms
9ms Image
image/svg+xml 2600:9000:2156:a000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: vrfoundation.org
URL: https://vrfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:21:17 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 15 Sep 2023 16:58:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 206
x-amz-server-side-encryption: AES256
etag: "2deb3d5121d475d195577a70b0a91a0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 368
x-amz-cf-id: 8NXd48qLQW-IQEPlDJ9zDSV4oS0Bvxlt8aetDn5OQ_HPCcNAvc3yag==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
786 B 77ms
11ms Image
image/svg+xml 2600:9000:2156:a000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/email.svg

Requested by

Host: vrfoundation.org
URL: https://vrfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 16:06:15 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA50-C1
age: 1599504
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 343
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "5977437466e857c7ddcadda6f6d88c2a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: D4J2kBA6dYjqvVZ6DWWeM6tnygDlClay2-E5RoY4sMbrsgNOr9PWpA==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 77ms
12ms Image
image/svg+xml 2600:9000:2156:a000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/whatsapp.svg

Requested by

Host: vrfoundation.org
URL: https://vrfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 04:18:43 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA50-C1
age: 345956
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 832
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
etag: "afe7fc60ed757db39a88d2950fce69c9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: UhBzkz4VeUHtx1XR0NFgSbyOodSPK_BFFFmqhb990Mp-7yxxM7dAmA==

GET
H2 200 sms.svg
platform-cdn.sharethis.com/img/ 2 KB
1 KB 75ms
10ms Image
image/svg+xml 2600:9000:2156:a000:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/sms.svg

Requested by

Host: vrfoundation.org
URL: https://vrfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:a000:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3cb6024ae2cbbe02889d75c14ad2450d3e55209359d8800a847fcff83cddc3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:40:00 GMT
content-encoding: gzip
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 1457079
x-amz-server-side-encryption: AES256
etag: W/"e7eca7e85a8b3599935b0649debb23f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: q_R1bsUpApeHWAiWZEc13WvpWF51QSfOTwzAK1E4fEOU8nRYq5xpSA==

GET
H2 200 cmp-v2.js Show response
gdpr-api.sharethis.com/ 2 MB
527 KB 22ms
7ms Script
text/javascript 13.32.27.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gdpr-api.sharethis.com/cmp-v2.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-102.fra56.r.cloudfront.net

Software

Resource Hash

55065824cade0323f98d18691514bb1f8c8c1d606d7639f9b0e014d79cde6d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:15:01 GMT
content-encoding: gzip
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
age: 578
etag: W/"1e560c-qpOsqtKds3+8b4nrlooeWarwoKM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
x-amz-cf-id: bVRgeqr1myOV_C7CcVV-eZBBJ8nvpPxa1XDKGndk_PhWnwbulTg38g==

GET
H2 200 portal-v2.html Show response
gdpr-api.sharethis.com/ Frame 11A1 2 KB
1 KB 7ms
7ms Document
text/html 13.32.27.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gdpr-api.sharethis.com/portal-v2.html

Requested by

Host: gdpr-api.sharethis.com
URL: https://gdpr-api.sharethis.com/cmp-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-102.fra56.r.cloudfront.net

Software

Resource Hash

8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://vrfoundation.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1058
cache-control: max-age=3600, public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 03 Dec 2023 04:07:00 GMT
etag: W/"865-g9QqzjbIJI1xmvSY3DM2A/8Cpl8"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-cf-id: FRF8jGNOAggJK_ET3nS_lNWwTdQ6TtTOR-SuO_7FJE37MxHTUAXR9g==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

GET
H2 200 css
fonts.googleapis.com/ 8 KB
818 B 39ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93c9b0c2e8b47042c9f1cff90e635f3fe72d3a0384ea73b0a122dd28dd33316d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 04:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 03:37:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 04:24:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 36ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cb2602f766e34b3a1cfe4aec0ace43d8d8197abb402fbb325a2c7820f99c5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 04:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 03:55:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 04:24:38 GMT

GET
H2 200 vendor-list.json Show response
gdpr-api.sharethis.com/v3/ 553 KB
69 KB 8ms
8ms XHR
application/json 13.32.27.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gdpr-api.sharethis.com/v3/vendor-list.json

Requested by

Host: gdpr-api.sharethis.com
URL: https://gdpr-api.sharethis.com/cmp-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-102.fra56.r.cloudfront.net

Software

Resource Hash

3ef2f2769900bd8d3ce1b482ab7e820b7a6c1f8fa495dd5e41adc7842a65916e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:19:52 GMT
content-encoding: gzip
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
age: 68687
etag: W/"8a4e4-V/fGUTLS35UtaYKAYFIwKfAICb8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-id: oixjMR8ImrpJWy_jdVBfUQis2b-0DVyk7Op9UhXphC1e5_SrnX7nAw==

GET
H2 200 cmp-list.json Show response
gdpr-api.sharethis.com/v2/ 11 KB
4 KB 6ms
6ms Fetch
application/json 13.32.27.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gdpr-api.sharethis.com/v2/cmp-list.json

Requested by

Host: gdpr-api.sharethis.com
URL: https://gdpr-api.sharethis.com/cmp-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-102.fra56.r.cloudfront.net

Software

Resource Hash

a11e4352fd23d73386b174275cc8a06b0dc0924a1219b843f471ffa9bbe03eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept: application/json
Referer: https://vrfoundation.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 10:12:53 GMT
content-encoding: gzip
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
age: 65505
etag: W/"2cdd-LpnFvbRoo8+JTwRRPVD1cJz/4Dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-id: IwZPoZ81t4tXsYDkgqxQJjChrrLkTKd9X-15q4ngN839D_FAc2cboA==

GET
H2 200 gear.png
gdpr-api.sharethis.com/static/media/ 1 KB
1 KB 7ms
7ms Image
image/png 13.32.27.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdpr-api.sharethis.com/static/media/gear.png

Requested by

Host: vrfoundation.org
URL: https://vrfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.102 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-102.fra56.r.cloudfront.net

Software

Resource Hash

9a8d6fec895b72510a781f8c72643450f7cdac47e65136de8c132526e9bccc30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 05:20:28 GMT
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
age: 83050
etag: W/"418-mq8l6jU/x/aM4wjuAx3Ipuodoz0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400, public
content-length: 1048
x-amz-cf-id: 16NVP_w1Ps7gfZUmakto8o6DQvKHsO6TsRvHBrrzh_y63AAk_LSlUg==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vrfoundation.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:29:28 GMT
x-content-type-options: nosniff
age: 136510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 14:29:28 GMT

GET
H2 200 browser-polyfill.min.js Show response
cdnjs.cloudflare.com/ajax/libs/babel-core/5.6.15/ 83 KB
21 KB 29ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/babel-core/5.6.15/browser-polyfill.min.js

Requested by

Host: bafsy.com
URL: https://bafsy.com/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9c15a2727855b6b24591dc43d1c522d04a3859180ea246f4c990d4de63af0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 434784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21126
last-modified: Mon, 04 May 2020 16:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d6a-14cd3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruP9j0HCFiAJ1oKwaoKu1bY1Ntkiu5tyEEqyRD4JnSbPHe55OoFpitDZX1Upp8F3zOkcZMk56XWNxWnxM0dgOT2G58VZ6Qd5iQdgJu4lg6dhfAGGx0lRCtYs0mq2dOkZeQgDn21yAcaAyqD2vU97EYXc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82f90a8b8a896967-FRA
expires: Fri, 22 Nov 2024 04:24:38 GMT

GET
H2 200 url-search-params.js Show response
cdnjs.cloudflare.com/ajax/libs/url-search-params/1.1.0/ 7 KB
2 KB 33ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/url-search-params/1.1.0/url-search-params.js

Requested by

Host: bafsy.com
URL: https://bafsy.com/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc0e68d47465158820ae7d321bee9b286967967f5f5b18b84bd72fce8e8594ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 440566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1821
last-modified: Mon, 04 May 2020 16:17:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04016-1a88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aQ5TNyFvGV%2BryPbsu2k1t9glo3szFycViZVjOul9MQjs0Mywt1x4vDlNUflQDL58Z6wnIjsIJCVIM3bCm%2BhK5zWLaNR7IhfbBbaALcLkr1yRamsPk2WnShYCHCCYp1QNt0TIav4xOm8gMc7qxVg3jfL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82f90a8b8a866967-FRA
expires: Fri, 22 Nov 2024 04:24:38 GMT

GET
H2 200 v3 Show response
openfpcdn.io/fingerprintjs/ 33 KB
14 KB 31ms
8ms Script
text/javascript 13.32.99.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://openfpcdn.io/fingerprintjs/v3

Requested by

Host: bafsy.com
URL: https://bafsy.com/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-118.fra60.r.cloudfront.net

Software

CloudFront /

Resource Hash

57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://vrfoundation.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 02:03:10 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 9343
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"hurxpFJ1hzJm8rhSSUCMgpelT2E"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=589740, s-maxage=10970
x-amz-cf-id: Sx6lyrl2DMw0eXuK35rITVy8a7HriQ0ljw4PZtYbwL0hbgVGisbWNw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PK8GBX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 03:22:36 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3723
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 03 Dec 2023 05:22:36 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
223 B 14ms
14ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=993368392&t=pageview&_s=1&dl=https%3A%2F%2Fvrfoundation.org%2F&ul=en-us&de=UTF-8&dt=Vitiligo%20Research%20Foundation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1252974554&gjid=581965734&cid=788361361.1701577478&tid=UA-32448219-2&_gid=405785902.1701577479&_r=1&_slc=1&gtm=45He3bt0n815PK8GBXv812005086&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&z=1457371140

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

ccbc1083cd2f172b2a424f772a6fd889945c8d058677bd9e59320b4970738f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vrfoundation.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 04:24:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vrfoundation.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 profiles Show response
platform.bafsy.com/api/v1/cdp/ 388 B
728 B 252ms
55ms XHR
application/json 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.bafsy.com/api/v1/cdp/profiles

Requested by

Host: bafsy.com
URL: https://bafsy.com/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

new.bafsy

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fbdb0bb278f11c11805f62b6b7e329f8174058dcf6c73a377d788af90dc11316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vrfoundation.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-runtime: 0.009316
date: Sun, 03 Dec 2023 04:24:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"fbdb0bb278f11c11805f62b6b7e329f8"
access-control-max-age: 1728000
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
x-request-id: c9159a37-d867-4cc7-b7d5-3f1cfb09b120

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-32448219-2&cid=788361361.1701577478&jid=1252974554&gjid=581965734&_gid=405785902.1701577479&_u=YCDACEAABAAAACAAI~&z=1288930377

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vrfoundation.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 03 Dec 2023 04:24:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vrfoundation.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
96 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PC0SPLMMYS&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2294af4a83879e0641ad93e2335e1d4d641f8227b5996e9fc6cd545b6ef9e34e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 04:24:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 04:24:39 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 17ms
16ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-32448219-2&cid=788361361.1701577478&jid=1252974554&_u=YCDACEAABAAAACAAI~&z=96122584

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 04:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-32448219-2&cid=788361361.1701577478&jid=1252974554&_u=YCDACEAABAAAACAAI~&z=96122584

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 04:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 16ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PC0SPLMMYS&gtm=45je3bt0v9105003562&_p=1701577477753&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&tcfd=10001&ul=en-us&sr=1600x1200&cid=788361361.1701577478&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fvrfoundation.org%2F&dt=Vitiligo%20Research%20Foundation&sid=1701577479&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1753
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC0SPLMMYS&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 04:24:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vrfoundation.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 19ms
18ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PC0SPLMMYS&cid=788361361.1701577478&gtm=45je3bt0v9105003562&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PC0SPLMMYS&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 04:24:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vrfoundation.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 17ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PC0SPLMMYS&cid=788361361.1701577478&gtm=45je3bt0v9105003562&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=986548690

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vrfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 04:24:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 656c030722af64753be2b748
platform.bafsy.com/api/v1/cdp/profiles/ Frame 0
0 44ms
44ms Preflight
text/plain 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.bafsy.com/api/v1/cdp/profiles/656c030722af64753be2b748

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

new.bafsy

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Origin: https://vrfoundation.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 1728000
content-encoding: gzip
content-type: text/plain
date: Sun, 03 Dec 2023 04:24:39 GMT
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 200 activities Show response
platform.bafsy.com/api/v1/cdp/ 15 B
503 B 47ms
47ms XHR
application/json 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.bafsy.com/api/v1/cdp/activities

Requested by

Host: bafsy.com
URL: https://bafsy.com/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

new.bafsy

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vrfoundation.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-runtime: 0.002376
date: Sun, 03 Dec 2023 04:24:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"a29ee2b15c494311c52521766e44af56"
access-control-max-age: 1728000
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
x-request-id: d537658c-2ad3-46c5-bc66-21b61aec180c

PUT
H2 200 656c030722af64753be2b748 Show response
platform.bafsy.com/api/v1/cdp/profiles/ 918 B
907 B 52ms
52ms XHR
application/json 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.bafsy.com/api/v1/cdp/profiles/656c030722af64753be2b748

Requested by

Host: bafsy.com
URL: https://bafsy.com/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

new.bafsy

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5522afd4f442d883b161e8c6c83e8e19324af9f158c50b610d600a5b4659648f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vrfoundation.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-runtime: 0.007403
date: Sun, 03 Dec 2023 04:24:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"5522afd4f442d883b161e8c6c83e8e19"
access-control-max-age: 1728000
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
x-request-id: 4dcca95b-8879-485c-b9c0-8291f0a76450

POST
H2 200 activities Show response
platform.bafsy.com/api/v1/cdp/ 15 B
503 B 48ms
48ms XHR
application/json 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.bafsy.com/api/v1/cdp/activities

Requested by

Host: bafsy.com
URL: https://bafsy.com/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

new.bafsy

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vrfoundation.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-runtime: 0.002656
date: Sun, 03 Dec 2023 04:24:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"a29ee2b15c494311c52521766e44af56"
access-control-max-age: 1728000
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
x-request-id: 064f93c9-f2b7-4241-90b9-a1e7b4b1f9ec

POST
H2 200 activities Show response
platform.bafsy.com/api/v1/cdp/ 15 B
504 B 52ms
51ms XHR
application/json 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.bafsy.com/api/v1/cdp/activities

Requested by

Host: bafsy.com
URL: https://bafsy.com/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

new.bafsy

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vrfoundation.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-runtime: 0.003209
date: Sun, 03 Dec 2023 04:24:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"a29ee2b15c494311c52521766e44af56"
access-control-max-age: 1728000
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
x-request-id: 89bff3bf-5370-4905-8594-3da0ef6bd670

POST
H2 200 activities Show response
platform.bafsy.com/api/v1/cdp/ 15 B
503 B 48ms
48ms XHR
application/json 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.bafsy.com/api/v1/cdp/activities

Requested by

Host: bafsy.com
URL: https://bafsy.com/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

new.bafsy

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vrfoundation.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-runtime: 0.003005
date: Sun, 03 Dec 2023 04:24:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"a29ee2b15c494311c52521766e44af56"
access-control-max-age: 1728000
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
x-request-id: 0bbee660-bf67-4690-9439-9b4cd92d63e1

POST
H2 200 activities Show response
platform.bafsy.com/api/v1/cdp/ 15 B
503 B 48ms
48ms XHR
application/json 79.143.73.41
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.bafsy.com/api/v1/cdp/activities

Requested by

Host: bafsy.com
URL: https://bafsy.com/cdp/actions.js?company_uid=GKImT3EzpXfujuNgNU41ow

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

new.bafsy

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vrfoundation.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-runtime: 0.002783
date: Sun, 03 Dec 2023 04:24:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"a29ee2b15c494311c52521766e44af56"
access-control-max-age: 1728000
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
x-request-id: 7e2b421c-2d8a-4804-bfa6-0ed573a5cbe1

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vrfoundation.org/	1969-12-31 23:59:59	Name: _vrf_session Value: tevM26zZolK1H6%2BzD96UN2lvCtwVqgqXkI6nH7wn5wqLtiS3wx02QabuG9Jyzdw1nCthSe%2BwxuZb1hVPJ9KE04FaNUY8VQMWmTn5QmEbXwqnrh1EEqBxoTIV%2B6988Wg%2F%2FYVvZyPp%2F%2B3YICVl9MA%3D--aAmtqNhzlX25H1gW--oIzw6nwGW%2BJ%2F4m7XcL6LAQ%3D%3D
.vrfoundation.org/	1970-01-21 02:15:37	Name: _ga_G88BQ4456P Value: GS1.1.1701577477.1.0.1701577477.60.0.0
prism.app-us1.com/	1970-01-20 17:22:49	Name: prism_89895264 Value: 5a02d7c1-7d3f-4f6b-9a5d-bdbdaf1f276b
.vrfoundation.org/	1970-01-20 17:22:49	Name: prism_89895264 Value: 5a02d7c1-7d3f-4f6b-9a5d-bdbdaf1f276b
.vrfoundation.org/	1970-01-21 02:15:37	Name: _ga Value: GA1.2.788361361.1701577478
.vrfoundation.org/	1970-01-20 16:41:03	Name: _gid Value: GA1.2.405785902.1701577479
.vrfoundation.org/	1970-01-20 16:39:37	Name: _gat_UA-32448219-2 Value: 1
.vrfoundation.org/	1970-01-21 02:15:37	Name: _ga_PC0SPLMMYS Value: GS1.2.1701577479.1.0.1701577479.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

349426.selcdn.ru
bafsy.com
buttons-config.sharethis.com
cdnjs.cloudflare.com
clients1.google.com
cse.google.com
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
gdpr-api.sharethis.com
l.sharethis.com
openfpcdn.io
platform-api.sharethis.com
platform-bafsy.promo-kit.ru
platform-cdn.sharethis.com
platform.bafsy.com
prism.app-us1.com
region1.analytics.google.com
stats.g.doubleclick.net
trackcmp.net
vrfoundation.org
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
xn--80abw9ao.xn--p1ai
13.32.27.102
13.32.27.75
13.32.99.118
2001:4860:4802:32::36
2600:9000:206f:a200:c:abe:f440:93a1
2600:9000:2156:a000:1d:85c3:6640:93a1
2606:4700:4400::ac40:992a
2606:4700::6810:a0d
2606:4700::6810:b0d
2606:4700::6811:190e
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9c
2a00:ab00:610:1::1
3.120.65.30
79.143.73.41
0cb2602f766e34b3a1cfe4aec0ace43d8d8197abb402fbb325a2c7820f99c5d2
0ccb57b33ac84dfff29eea3129b919f8a75fb045498eb0f412deb19739a0d7b9
130c61c2bfc6dff6d70ec2dae4ca8ba7dcf669878d81c91a5821b44b3972c2b6
13c39a8b449fe883ed6617d869323bc4786e4127fa9b4bde95661ab498597ca8
1414e6dcedd8f3a45c7b5c5732eb6d5569ffd9c498e3988621d060af4165e6bc
18331639abafb4498d8355a35d91299b52edd3561d096c236a27359c83807545
22876b3e4c78d32bb35d660267ad2fe4b74060dc66a5135e18044343ae89e584
2294af4a83879e0641ad93e2335e1d4d641f8227b5996e9fc6cd545b6ef9e34e
23bc2b64d3ee8f8f41c4faa0a2fb368a38cc954155e7e67c91ee1ea1f83fe9ce
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3b7167e684bdb4c289e10df6fac66d9312122b6cf8eaf295b41d81e1a46dfee2
3cb6024ae2cbbe02889d75c14ad2450d3e55209359d8800a847fcff83cddc3ce
3e95e3a401ae772ff28f1554b1353fa56f0f0d35e873a393d66120efec4073af
3ef2f2769900bd8d3ce1b482ab7e820b7a6c1f8fa495dd5e41adc7842a65916e
4029b7bf5e4f78b9d567f0e8aa8367d22cb7516c43b57027ec2dd1ea9dc15329
4422cd554cb760e22b23d37949e1774f753480bc91a829df8b8ddd146b1ff3ce
463867831b8ee1af701a73a60f8d93072a87fd66544be460d711c3a46a954e8e
5316ac622c47ed381385f92011b78d4d38f5190c53e5dbebae00bc3c293a5607
55065824cade0323f98d18691514bb1f8c8c1d606d7639f9b0e014d79cde6d60
5522afd4f442d883b161e8c6c83e8e19324af9f158c50b610d600a5b4659648f
5626badf0b2370bc10e1f501dc33f3e32c4a53677362017cc00e0fb3a33c4c6d
57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
63ee3b9774a0e11a2720af8129d8f8408cd9ce00e502a94dc1e8acef1f74e534
6f00d1a401c85ba842908fb3440a0a1ca1a2ccaa2e9f02612990f5d75b19bfb8
7250da6fe08b8aaf957bde6be858a7c64a37ba800877eb567f5e641887de8cc7
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
7a9029645ca045423baf70eb0ef119d0640061fbb4813631607dc9b44771bec1
7dfd774df219d565a27ca80076236766b165fd0686eabe8d4b54736c9b511b93
801ce481908b825eac73999ba93cf38f6054b4d9230e3c492f563b4e2e3ae493
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
84c4217a23305dbdccf12a819c8ae92fef0af58d775e718f67cf3a5870ab9099
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
892f3e90f4c03f8497dd171e3157c46359d8b6072f336f531a4c20bad6bde696
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6
9008fb38a48ab8e280a8db4b48b4ff8793ed9c76feb9c780d74873f01fd5d483
93c9b0c2e8b47042c9f1cff90e635f3fe72d3a0384ea73b0a122dd28dd33316d
9a8d6fec895b72510a781f8c72643450f7cdac47e65136de8c132526e9bccc30
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c06cddbaee58a66fef52678da613741227bebf78348afbfb639ddde6f18e186
9ec8e7afd5d5f4a440200322b62d3799a8a2c19eda1438ad025ea0f0a1f43677
a0715c063c5c5a2857ecb04434fc7e51bee10d1410ada8b9dc6f5659bd0681da
a11e4352fd23d73386b174275cc8a06b0dc0924a1219b843f471ffa9bbe03eeb
a275dd7d87bb7daa241319d1f0bc20315b4946343c4a37ce9aa8463f70b530f8
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
aca4cb766677bc1302c8290499468bde4ae96c852a70c4638db8e06979c9ffa3
bc0e68d47465158820ae7d321bee9b286967967f5f5b18b84bd72fce8e8594ac
c058cd83c61062ee46185ba9f1cd94fa33bf584a2342f8e6406344425318bd87
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
c9211b98042b17907d74bb76aa84613fe8d9dec0208003af8082899a662a00c4
ccbc1083cd2f172b2a424f772a6fd889945c8d058677bd9e59320b4970738f43
ccd233565461c2e83e1479a9f414a3196d4ec67eb1fd785e5893a475e6bc0adc
db1206913a6cc27182106153e47225ba8b126886b428357f07c87d315ec54a0a
dbf7eb98f997a8df116c6515ce77a2e76be2dafbdbc62cd7feade398544ac0a8
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5338eea9514fa5ec0c5ce99e212568ed9a23b0cb7303f27e9e45ee08426cdf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9c15a2727855b6b24591dc43d1c522d04a3859180ea246f4c990d4de63af0db
fbdb0bb278f11c11805f62b6b7e329f8174058dcf6c73a377d788af90dc11316

vrfoundation.org Open in urlscan Pro 79.143.73.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

99 %HTTPS

77 %IPv6

17 Domains

26 Subdomains

22 IPs

4 Countries

2251 kBTransfer

5983 kBSize

8 Cookies

11 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vrfoundation.org Open in urlscan Pro
79.143.73.41 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

99 %
HTTPS

77 %
IPv6

17
Domains

26
Subdomains

22
IPs

4
Countries

2251 kB
Transfer

5983 kB
Size

8
Cookies

78 HTTP transactions
0 data transactions