audiences.wynter.io Open in urlscan Pro
2606:4700:3108::ac42:2b7f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://audiences.wynter.io/
Effective URL:
https://audiences.wynter.io/
Submission: On March 05 via manual (March 5th 2024, 5:09:06 pm UTC) from BE — Scanned from DE

Summary HTTP 76 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 23 domains to perform 76 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b7f, located in United States and belongs to CLOUDFLARENET, US. The main domain is audiences.wynter.io.
TLS certificate: Issued by E1 on February 22nd 2024. Valid for: 3 months.

This is the only time audiences.wynter.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:310... 2606:4700:3108::ac42:2881	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:310... 2606:4700:3108::ac42:2b7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
2	2a02:26f0:280... 2a02:26f0:280:6::213:7ade	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:267... 2600:9000:2670:2600:7:d7d6:3c40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	3.160.150.71 3.160.150.71	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:4341	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	13.227.219.3 13.227.219.3	16509 (AMAZON-02) (AMAZON-02)
2	54.209.71.205 54.209.71.205	14618 (AMAZON-AES) (AMAZON-AES)
9	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	18.153.4.44 18.153.4.44	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:25e... 2600:9000:25e8:dc00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
1	35.156.210.215 35.156.210.215	16509 (AMAZON-02) (AMAZON-02)
1	18.158.205.16 18.158.205.16	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:310... 2606:4700:3108::ac42:292d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
76	31

3 2606:4700:3108::ac42:2881 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

audiences.wynter.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
audiences-api.wynter.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3108::ac42:2b7f (United States)

ASN13335 (CLOUDFLARENET, US)

audiences.wynter.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
audiences-api.wynter.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:280:6::213:7ade (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2670:2600:7:d7d6:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.clearbitscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-71.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4341 (United States)

ASN13335 (CLOUDFLARENET, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-3.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.209.71.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-71-205.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.153.4.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:dc00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.210.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-210-215.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.205.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:292d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn4.iconfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	wynter.io 1 redirects audiences.wynter.io audiences-api.wynter.io	3 MB
14	gstatic.com www.gstatic.com fonts.gstatic.com	718 KB
10	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2656 www.google.com — Cisco Umbrella Rank: 2	105 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6596	3 KB
3	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 10356 scout.salesloft.com — Cisco Umbrella Rank: 13192	4 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4404 buttons-config.sharethis.com — Cisco Umbrella Rank: 5101 l.sharethis.com — Cisco Umbrella Rank: 4698	48 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	269 KB
2	clearbitjs.com x.clearbitjs.com — Cisco Umbrella Rank: 14941	45 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	239 B
2	google.de www.google.de — Cisco Umbrella Rank: 6744	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	398 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	69 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 703 script.hotjar.com — Cisco Umbrella Rank: 882	59 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 781	18 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1245	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
1	iconfinder.com cdn4.iconfinder.com — Cisco Umbrella Rank: 93267	14 KB
1	clearbit.com app.clearbit.com — Cisco Umbrella Rank: 15383	1 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2643	232 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1415	637 B
1	clearbitscripts.com tag.clearbitscripts.com — Cisco Umbrella Rank: 12467	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 788	7 KB
76	23

	Domain	Requested by
12	audiences.wynter.io	1 redirects audiences.wynter.io static.cloudflareinsights.com
9	www.gstatic.com	www.google.com www.gstatic.com
9	www.google.com	audiences.wynter.io www.gstatic.com www.google.com
5	fonts.gstatic.com	www.google.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com
4	audiences-api.wynter.io	audiences.wynter.io
3	www.googletagmanager.com	audiences.wynter.io www.googletagmanager.com
2	x.clearbitjs.com	tag.clearbitscripts.com
2	www.facebook.com
2	scout.salesloft.com	scout-cdn.salesloft.com
2	www.google.de
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	audiences.wynter.io connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.redditstatic.com	www.googletagmanager.com www.redditstatic.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	cdn4.iconfinder.com	audiences.wynter.io
1	app.clearbit.com	x.clearbitjs.com
1	l.sharethis.com	platform-api.sharethis.com
1	vc.hotjar.io	script.hotjar.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	region1.analytics.google.com	www.googletagmanager.com
1	alb.reddit.com
1	scout-cdn.salesloft.com	audiences.wynter.io
1	platform-api.sharethis.com	www.googletagmanager.com
1	tag.clearbitscripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	fonts.googleapis.com	audiences.wynter.io
1	static.cloudflareinsights.com	audiences.wynter.io
76	32

This site contains links to these domains. Also see Links.

Domain
audiences-api.wynter.io

Subject Issuer	Validity	Valid
wynter.io E1	`2024-02-22` - `2024-05-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-08` - `2024-07-06`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
clearbitscripts.com Amazon RSA 2048 M01	`2023-06-11` - `2024-07-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-13` - `2024-03-12`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-18`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
clearbitjs.com Amazon RSA 2048 M02	`2024-02-15` - `2025-03-16`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
clearbit.com Amazon RSA 2048 M03	`2024-02-15` - `2025-03-16`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
iconfinder.com E1	`2024-01-31` - `2024-04-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://audiences.wynter.io/
Frame ID: A20EFB0F559E9169118C73AFB227C82E
Requests: 54 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL&co=aHR0cHM6Ly9hdWRpZW5jZXMud3ludGVyLmlvOjQ0Mw..&hl=de&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=inline&cb=w88z1bf7gty6
Frame ID: 612D2F5036EA034F69DBDC0690155F71
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL
Frame ID: 1EF66298E78AAED16A087E073ACFDEF6
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Participants portalLoading

Page URL History Show full URLs

http://audiences.wynter.io/ HTTP 301
https://audiences.wynter.io/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

76
Requests

99 %
HTTPS

68 %
IPv6

23
Domains

32
Subdomains

31
IPs

3
Countries

4878 kB
Transfer

23301 kB
Size

23
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://audiences-api.wynter.io/account/signin/linkedin/auth?state=%7B%22to%22%3A%22%2F%22%7D
Title: Sign In with LinkedIn

Search URL Search Domain Scan URL

URL: https://audiences-api.wynter.io/account/signin/google/auth?state=%7B%22to%22%3A%22%2F%22%7D
Title: Sign In with Google

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://audiences.wynter.io/ HTTP 301
https://audiences.wynter.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3214106&time=1709658540377&li_adsId=7b0669eb-b659-4df3-85ac-f1573fae0a10&url=https%3A%2F%2Faudiences.wynter.io%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3214106&time=1709658540377&li_adsId=7b0669eb-b659-4df3-85ac-f1573fae0a10&url=https%3A%2F%2Faudiences.wynter.io%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3214106%26time%3D1709658540377%26li_adsId%3D7b0669eb-b659-4df3-85ac-f1573fae0a10%26url%3Dhttps%253A%252F%252Faudiences.wynter.io%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3214106&time=1709658540377&li_adsId=7b0669eb-b659-4df3-85ac-f1573fae0a10&url=https%3A%2F%2Faudiences.wynter.io%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3214106&time=1709658540377&li_adsId=7b0669eb-b659-4df3-85ac-f1573fae0a10&url=https%3A%2F%2Faudiences.wynter.io%2F&cookiesTest=true&liSync=true&e_ipv6=AQKeLOJZ7vqv2QAAAY4Plw99JtV3qSlFA_Og_6V8tVkiqoAAJFPftbQmR5aULkCxeq4R3taO_Sgr

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
audiences.wynter.io/
Redirect Chain

http://audiences.wynter.io/
https://audiences.wynter.io/

3 KB
2 KB

293ms
137ms

Document
text/html

2606:4700:3108::ac42:2b7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences.wynter.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a213da3034d8b30de30bf3fe90f581b6b08880f057697d651bb5f4c36f51b66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85fbb6101aacbb97-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Tue, 05 Mar 2024 17:08:59 GMT
last-modified: Mon, 04 Mar 2024 19:01:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CG6P9KcXaXAe1eu1WA%2BatpuQHD2DJRZdXvNbhyfBa7s1kbNgCV9KP501LQ%2FObIC%2B%2FT6hPxF%2F01CJQ%2BrJ5FzOx4%2BXzt3%2FK0Fw2YmRjnm4vk1QgDXxsO91U5JCeKqfHnzLE2U6mffTgRKMz8L008NS5p8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

Redirect headers

CF-RAY: 85fbb60eba09695e-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 05 Mar 2024 17:08:59 GMT
Expires: Tue, 05 Mar 2024 18:08:59 GMT
Location: https://audiences.wynter.io/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuwU4iQITfSXn0xepuqBSBMc6OKCKZlfhezYLsaznK4aho0X3ZPwQNpEidZe8%2F0RK5MCtfANBF8DfBixkhdw1Om2ZtWgnc%2FAEza50D34G2PNFTveeEpP4x9VXjWwVx%2F3MDNkxDWu2RdCXfyAPF5AGUk%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.2.c1634ff32b9765c1b0fd.css
audiences.wynter.io/ 584 KB
81 KB 158ms
157ms Stylesheet
text/css 2606:4700:3108::ac42:2b7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences.wynter.io/main.2.c1634ff32b9765c1b0fd.css

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9a46ab5d39a5becf4c5bc921eaceff98af73333cf29486a294356409af2f79

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:08:59 GMT
content-security-policy: frame-ancestors 'self'
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 04 Mar 2024 19:01:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
server: cloudflare
etag: W/"65e61a76-921eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybcPvl%2FAAJdhKa98CmsbruTj1vCq2ZrBOcGKHtBVLdR6532o5CnI0O46K5v7FX9402E0ryhcrpO397%2BYnT19xPiJ46jDFogwBSBedkwFnyNAc5HYz0f7AXwV0Q%2BWbE%2BmKripraRH1Hh6Ez0CmIOVeZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85fbb610fc01bb97-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.0.f9cf58860178fdbcecf9.css
audiences.wynter.io/ 124 KB
16 KB 139ms
138ms Stylesheet
text/css 2606:4700:3108::ac42:2b7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences.wynter.io/main.0.f9cf58860178fdbcecf9.css

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a50899e2274a0353183f32b0cc4b96a81c920646d408294c35abd5613628ac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:08:59 GMT
content-security-policy: frame-ancestors 'self'
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 04 Mar 2024 19:01:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
server: cloudflare
etag: W/"65e61a76-1f03a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKM3fVzAcZkogYs8nElcI4WPxX1b7znoSobQZsXA4CjvvXmhok5ZI%2BA410kaKJQQdAvGNzB7uxRh83xuQb3h%2Fz0TvbViLE72TC3hrL7xKL4UhsiJxFRJCCd603noOFa3Bb0t1Az9XafH1QAXdSyoN5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85fbb610fc03bb97-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
audiences.wynter.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 24ms
24ms Script
application/javascript 2606:4700:3108::ac42:2b7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences.wynter.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Feb 2024 15:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65de02d0-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lB5xtjjdMPHOUWeIap6nIDFnBdKI8rR1MUzIoo4IdNjummc84j7jmAJLZsMCxfrgbIuQb4JzXE4edeXytcREEsD%2F2wPpEsWTPvXuKxCSHUf9Hqe%2FgZJQS1gKN1RSAX754u82gCnzNgYD6bZNDtp5oEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 85fbb610fc05bb97-FRA
expires: Thu, 07 Mar 2024 17:08:59 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 132ms
90ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: audiences.wynter.io
URL: https://audiences.wynter.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://audiences.wynter.io/
Origin: https://audiences.wynter.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:08:59 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 85fbb6113cb62ba2-FRA

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 77ms
30ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/main.0.f9cf58860178fdbcecf9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6953682c0ea668bba8f2d7259f4227f9edc14e69115084b7d9b7f32a177513b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 17:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 16:04:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 17:08:59 GMT

GET
H3 200 main.0.2a682a6ca6c0f6040fc8.js Show response
audiences.wynter.io/js/ 178 KB
50 KB 213ms
212ms Script
application/javascript 2606:4700:3108::ac42:2b7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences.wynter.io/js/main.0.2a682a6ca6c0f6040fc8.js

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dd6854fd7ec4bfb255f08782d4a88b9656f7c5209ea355d78c6f78adab2cd36

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
content-security-policy: frame-ancestors 'self'
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 04 Mar 2024 19:01:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
server: cloudflare
etag: W/"65e61a76-2c6f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ad9OxrzomSQ%2BDHU2Sa9NgyciB9seMtBFpnhYiw2WnWqblQVvSQy4pz4bvI7GxoaxrVbixDV2EaLf0zR%2B9AxEm4rHVElF47QUX8yZvPnuI2GCFXOPwMlT5evu6m5D%2FXHR05jDw7XmP%2FmhXnE3Vkf1Nxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85fbb612588e90fb-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.2.633fd3ca893d0bb846af.js Show response
audiences.wynter.io/js/ 18 MB
3 MB 150ms
150ms Script
application/javascript 2606:4700:3108::ac42:2b7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences.wynter.io/js/main.2.633fd3ca893d0bb846af.js

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13d1b7f56cd5bab13f4d1e11afb5a45f72ef66e7ca7b8dd3188339d735409fd9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
content-security-policy: frame-ancestors 'self'
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 04 Mar 2024 19:01:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
server: cloudflare
etag: W/"65e61a76-1223d96"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPUNcBNg8J0H%2BffTXOczUrOKuoeNjJuya%2FDMnQRxo07e4b7m9lWhZw7FNeUITJpA4gd3d2wTMpgR%2Buw0FvXY88u4Fgx9KfaT2ZKbETbAxduH6e2UfNqv7vl9D3y6L7O2FVqTV%2FPv7o6SxZOY%2Bx%2FpPj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85fbb612589090fb-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.3f9ce63f02bfc7fc6ac1.js Show response
audiences.wynter.io/js/ 1 KB
1 KB 138ms
137ms Script
application/javascript 2606:4700:3108::ac42:2b7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences.wynter.io/js/main.3f9ce63f02bfc7fc6ac1.js

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdcedcc0085acc0e4d5a4489b2d73c2aae3f918b17f31bafcf4d8e8b1cc772be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
content-security-policy: frame-ancestors 'self'
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 04 Mar 2024 19:01:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
server: cloudflare
etag: W/"65e61a76-5d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oD866j6qAO97ahNYpR8gK7vIdg0XK2bdZtEYlHLgwM6XdJkEjQqnNqYS304392FuND7zhCHBjCN574pA1RpCNyS7HgLy9azeTZRTmCmEqcXNQfS2YmArxOAV7EfcpEmp95sdSEU1yw9dcZIhLeBYu40%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85fbb612589290fb-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
99 KB 105ms
54ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PV89JST

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42dabf9ef4c1424c64a9a43157b664945e2992df86699a2b7f0ee1ff84ba31a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:08:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100729
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 17:08:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
94 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C2DMM9H6Z0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV89JST

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0eaff6a1231f49409a822630c4fcaeea3e32df5767e8fedfafa74c496a11ec78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95670
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 17:09:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV89JST

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 15:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4852
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Mar 2024 17:48:08 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 28 KB
9 KB 91ms
18ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV89JST
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Feb 2024 20:38:48 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "9a680c8c475d8bba600d4d87b4fa7ee5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 8702

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
856 B 134ms
29ms Script
application/javascript 2a02:26f0:280:6::213:7ade
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV89JST

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:6::213:7ade Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

26ab1e1eeca5b1289daa3d87aaf2e04534286ddb4f159bf83fb0c63f87ab1964

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Mar 2024 18:59:30 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=84447
accept-ranges: bytes
content-length: 646

GET
H2 200 hotjar-2756857.js Show response
static.hotjar.com/c/ 9 KB
4 KB 121ms
55ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2756857.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV89JST

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

34062e1a17f977291e1de32e4bea41e645d7f786a6d5af1315459351bef6771f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 17:09:00 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/af2a9e49397fb6077edcb6944537d087
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: m4Jcsl2eM2aQE_zRuIo8VqfHdXszzCl4rArhc7mx3aUQRkiAbu8KUw==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 65ms
63ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-379621830&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV89JST

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d04290e0779a0bfbad0b3a8288665397d374868b2206c2fdcfe350ff5a95f932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78111
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 17:09:00 GMT

GET
H2 200 tags.js Show response
tag.clearbitscripts.com/v1/pk_8a25fe9313b336322c446d54c11d0b1f/ 16 KB
5 KB 236ms
185ms Script
application/javascript 2600:9000:2670:2600:7:d7d6:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.clearbitscripts.com/v1/pk_8a25fe9313b336322c446d54c11d0b1f/tags.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV89JST

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:2600:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Clearbit /

Resource Hash

2740082b1b7896f1b45b96faadf30c85082e12363e54d608ee8f28f536067ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
via: 1.1 9938d2bc2f9fab06207e42238c10bb32.cloudfront.net (CloudFront)
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
etag: W/"209bbc54562ad5f8826fc19e95a53478"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
x-amz-cf-id: z1sjfgGbQJ_prZsTJ-odRqC7PXyFsyLzFiBVt3ANrg6-WE_bmxvTYw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 64ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Mar 2024 17:09:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: c1JDdwgzFQ0Eajj9y/IG/xEixF3rsRly0pThZ9fXrKIOORaP50gii50HnWdJXWfpVt1XhXpu8aj27RdcwvGdNA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 206 KB
46 KB 77ms
22ms Script
text/javascript 3.160.150.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PV89JST

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-71.fra60.r.cloudfront.net

Software

Resource Hash

cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:05:43 GMT
content-encoding: gzip
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P7
age: 197
etag: W/"3360d-7zvdaxLS2Lhi3Pty7QrCYymkuqI"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: TxYPIBSeZLnARWIj-EMPB2KXKfNHTM7mtlbkIfvVnb613Zk0G63uzg==

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 147ms
34ms Script
application/javascript 2606:4700::6811:4341
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4341 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 6AYM5TBGP85NWW11
age: 89
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iZXzGJO9VKymfdzReJmr7uE1uhKUFMKsUsy30jwDEB8uHKDqgWj3ipTG0+hcOjJ7Zu1MV8OmYQjRXYRVud4p80wZyJlSS/jYgm2Q/S0HUNA=
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 85fbb6146a629966-FRA
expires: Tue, 05 Mar 2024 21:09:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 36ms
25ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=302407052&t=pageview&_s=1&dl=https%3A%2F%2Faudiences.wynter.io%2F&ul=en-us&de=UTF-8&dt=Participants%20portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=739957931&gjid=268736348&cid=864109997.1709658540&tid=UA-486673-38&_gid=1741532427.1709658540&_r=1&_slc=1&gtm=45He42t1n81PV89JSTv811359066za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=66719812

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://audiences.wynter.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 17:09:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://audiences.wynter.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t2_a4lm41ae_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
700 B 88ms
43ms XHR
application/json 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_a4lm41ae_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 98

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 103ms
23ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1709658540203&id=t2_a4lm41ae&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=3be33967-520b-4279-986f-041159df7ae4&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_c9439d84&dpm=&dpcc=&dprc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 85ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-C2DMM9H6Z0&gtm=45je42t1v882152989z8811359066za200&_p=1709658539899&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=864109997.1709658540&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&dl=https%3A%2F%2Faudiences.wynter.io%2F&sid=1709658540&sct=1&seg=0&dt=Participants%20portal&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&ep.clean_url=https%3A%2F%2Faudiences.wynter.io%2F&tfd=995
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C2DMM9H6Z0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 17:09:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://audiences.wynter.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 84ms
28ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C2DMM9H6Z0&cid=864109997.1709658540&gtm=45je42t1v882152989z8811359066za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C2DMM9H6Z0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 17:09:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://audiences.wynter.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 333ms
282ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C2DMM9H6Z0&cid=864109997.1709658540&gtm=45je42t1v882152989z8811359066za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1719391578

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 17:09:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 69ms
27ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-486673-38&cid=864109997.1709658540&jid=739957931&gjid=268736348&_gid=1741532427.1709658540&_u=YGBACEAABAAAACAAI~&z=781947941

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://audiences.wynter.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 05 Mar 2024 17:09:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://audiences.wynter.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2704695686489285 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 147ms
146ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2704695686489285?v=2.9.148&r=stable&domain=audiences.wynter.io&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

10fb01154fa0da2da2956561510c48fddb9fe969e1138ed4a010598272f8b3e9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Mar 2024 17:09:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: VB2RNMY2frtTGvrHjRgjrpDnzzUl9qCWQI4D1kjVkjW/n1FnTrd1ApwfgeHHWelZNsJyrpAe7WR7QDDZyt9y5g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.84f80a92c39bbd76564a.js Show response
script.hotjar.com/ 221 KB
55 KB 104ms
30ms Script
application/javascript 13.227.219.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.84f80a92c39bbd76564a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2756857.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-3.ams54.r.cloudfront.net

Software

Resource Hash

8cfc58c903082aab59592305e949e7b3c9215f3a62d70d13b9baee604d6132ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 12:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2b298af2bb6f21ab0dee9e764d8bcb28.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 363534
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55719
last-modified: Fri, 01 Mar 2024 12:09:47 GMT
etag: "fd429e33536e4a29658cbbc9d61c6168"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: g4XrCOwMxXmnuzV88MBHIlPJr25Dvhb_OD8kVKoi1-giORn5ySOqKw==

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 33ms
33ms Script
application/javascript 2a02:26f0:280:6::213:7ade
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:280:6::213:7ade Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2017e4b8e2b04c8305a4ad71ad1c4cb40ebe8414d779f9ed27c1b0cad0446e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Mar 2024 18:59:30 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=84500
accept-ranges: bytes
content-length: 17199

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
358 B 394ms
116ms XHR
application/json 54.209.71.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDkyMTd9.jptpKXcbBOOS7Ary2zNoaeMjCqnqpqHCBrUkTGik5k8

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.209.71.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-71-205.compute-1.amazonaws.com

Software

Resource Hash

b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://audiences.wynter.io
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 800c22c85ac815942ce3f61fc6816295

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 333ms
283ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-486673-38&cid=864109997.1709658540&jid=739957931&_u=YGBACEAABAAAACAAI~&z=332736858

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 17:09:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 291ms
290ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-486673-38&cid=864109997.1709658540&jid=739957931&_u=YGBACEAABAAAACAAI~&z=332736858

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 17:09:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3214106&time=1709658540377&li_adsId=7b0669eb-b659-4df3-85ac-f1573fae0a10&url=https%3A%2F%2Faudiences.wynter.io%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3214106&time=1709658540377&li_adsId=7b0669eb-b659-4df3-85ac-f1573fae0a10&url=https%3A%2F%2Faudiences.wynter.io%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3214106%26time%3D1709658540377%26li_adsId%3D7b0669eb-b659-4df3-85ac-f1573fae0a10%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3214106&time=1709658540377&li_adsId=7b0669eb-b659-4df3-85ac-f1573fae0a10&url=https%3A%2F%2Faudiences.wynter.io%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3214106&time=1709658540377&li_adsId=7b0669eb-b659-4df3-85ac-f1573fae0a10&url=https%3A%2F%2Faudiences.wynter.io%2F&cookiesTest=true&liSync=true&e_...

0
266 B

217ms
162ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3214106&time=1709658540377&li_adsId=7b0669eb-b659-4df3-85ac-f1573fae0a10&url=https%3A%2F%2Faudiences.wynter.io%2F&cookiesTest=true&liSync=true&e_ipv6=AQKeLOJZ7vqv2QAAAY4Plw99JtV3qSlFA_Og_6V8tVkiqoAAJFPftbQmR5aULkCxeq4R3taO_Sgr
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:02 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 39570C7C4B9D4C4D86397BEAE92DD1C2 Ref B: FRAEDGE1709 Ref C: 2024-03-05T17:09:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYS7OYXs88tpCAlkIYQTA==

Redirect headers

date: Tue, 05 Mar 2024 17:09:01 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 1000B692BEB74329ABE00E8B8BF6E5B2 Ref B: FRAEDGE1813 Ref C: 2024-03-05T17:09:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3214106&time=1709658540377&li_adsId=7b0669eb-b659-4df3-85ac-f1573fae0a10&url=https%3A%2F%2Faudiences.wynter.io%2F&cookiesTest=true&liSync=true&e_ipv6=AQKeLOJZ7vqv2QAAAY4Plw99JtV3qSlFA_Og_6V8tVkiqoAAJFPftbQmR5aULkCxeq4R3taO_Sgr
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYS7OYUXzMwkY3M6rbizw==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 65ms
19ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2704695686489285&ev=PageView&dl=https%3A%2F%2Faudiences.wynter.io%2F&rl=&if=false&ts=1709658540527&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1709658540526.1176631988&ler=empty&cdl=API_unavailable&it=1709658540306&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Mar 2024 17:09:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_8a25fe9313b336322c446d54c11d0b1f/ 0
21 B 311ms
250ms Script
application/javascript 18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_8a25fe9313b336322c446d54c11d0b1f/destinations.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_8a25fe9313b336322c446d54c11d0b1f/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
content-length: 0

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_8a25fe9313b336322c446d54c11d0b1f/ 168 KB
45 KB 268ms
207ms Script
application/javascript 18.153.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_8a25fe9313b336322c446d54c11d0b1f/tracking.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_8a25fe9313b336322c446d54c11d0b1f/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.153.4.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-153-4-44.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

7ef1b6996189dd9cb07510c359d8d927959fd7f12d8d04c61562ff9cf063c4cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600

GET
H2 200 62134b3d49c8c1001914ffc5.js Show response
buttons-config.sharethis.com/js/ 467 B
910 B 569ms
486ms Script
text/javascript 2600:9000:25e8:dc00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/62134b3d49c8c1001914ffc5.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25e8:dc00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a3b77c8442345147719cabab2d4659db87b5c46ac660f34496de8b3dd594b41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:02 GMT
via: 1.1 3f2f1c546e63f10a66abd1c978af36f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 21 Feb 2022 08:30:07 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
etag: "3f50d3a1d32ec31949903ac05e05cf8c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 467
x-amz-cf-id: bLAhRARtYaDnYDLS4iOxVrYSaBM9QKPYnX389C0dB8rCWPlpshoV6A==

GET
H2 204 2756857 Show response
vc.hotjar.io/sessions/ 0
232 B 338ms
45ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2756857?s=0.25&r=0.0505326625975413
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.84f80a92c39bbd76564a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Mar 2024 17:09:02 GMT
cache-control: no-store
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: LUEkp40uOYfyoqvJ7iqKQiBCl-KKsp4bodnGhOZ1xzABpS6gZ7W3mQ==
x-cache: Miss from cloudfront

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
406 B 441ms
96ms XHR
text/plain 35.156.210.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=audiences.wynter.io&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Faudiences.wynter.io%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Participants%20portal&cms=unknown&publisher=62134b3d49c8c1001914ffc5&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&uuid=00353822-29c0-4e3e-a058-1f1a67a4913d

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.210.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-210-215.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 17:09:02 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://audiences.wynter.io
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
467 B 115ms
115ms XHR
application/json 54.209.71.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.209.71.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-71-205.compute-1.amazonaws.com

Software

Resource Hash

30650850b3322f7f3c954dfcfb9dfe9c2b8f0e62d61042a7b069674ab4c03c99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://audiences.wynter.io
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 76c6ab9bdc889b8124d1f831fa20bc35

OPTIONS
H2 204 current
audiences-api.wynter.io/users/ Frame 0
0 227ms
146ms Preflight 2606:4700:3108::ac42:2881
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences-api.wynter.io/users/current

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2881 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,pragma
Access-Control-Request-Method: GET
Origin: https://audiences.wynter.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: cache-control,pragma
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://audiences.wynter.io
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85fbb61f5a029a39-FRA
date: Tue, 05 Mar 2024 17:09:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdYLYByrTQsQTRKGkl9OGyVf8c4fqYGUSe9hf09rVdSloiMBXsHrwz%2F1pidrzicdRSo6vDRYX8m%2FoTH5yZ7ZhO4HGxQBWBa3R98HLskEV5Lq5%2FZS2JRBx6NHRbXCeWZSR8Yg098CW8F%2FKanswkvfsvjMnPvV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin

GET
H3 401 current Show response
audiences-api.wynter.io/users/ 2 B
552 B 144ms
143ms XHR
application/json 2606:4700:3108::ac42:2b7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences-api.wynter.io/users/current

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/js/main.2.633fd3ca893d0bb846af.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
pragma: no-cache
cache-control: no-cache
Referer: https://audiences.wynter.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://audiences.wynter.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44lHEvCbBzhvfZVj4eO9nClNDMqk9oO0%2FbVMKBPmyBQMBsWDR3Dci21XlrnDezgk6av67rcXP8TB%2Bp5ylR5Ji8FVINjK%2FyJrRfQcm6B9Q3csAkb%2Bnqz0UP9fZ0G7VYzVIhpzLYDOhfi9cx9mWmvSiVuew7Vv"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 85fbb62039f590fb-FRA

POST
H3 204 rum Show response
audiences.wynter.io/cdn-cgi/ 0
143 B 24ms
24ms XHR
text/plain 2606:4700:3108::ac42:2b7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences.wynter.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://audiences.wynter.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json

Response headers

date: Tue, 05 Mar 2024 17:09:01 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://audiences.wynter.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 85fbb61ed81490fb-FRA

POST
H2 200 p Show response
app.clearbit.com/v1/ 16 B
1 KB 363ms
295ms XHR
application/json 18.158.205.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v2/pk_8a25fe9313b336322c446d54c11d0b1f/tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://audiences.wynter.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Mar 2024 17:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, Origin
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://audiences.wynter.io
access-control-expose-headers
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://checkout.stripe.com https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com https://*.commandbar.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://*.commandbar.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://*.commandbar.com https://api.segment.io https://checkout.stripe.com https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*.commandbar.com https://checkout.stripe.com; img-src 'self' https://*.commandbar.com https://*.stripe.com data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
access-control-allow-credentials: true
content-type: application/json

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
196 B 179ms
179ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://audiences.wynter.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 17:09:01 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 053FB60FC18945BE9A6343836025F4DD Ref B: FRAEDGE1813 Ref C: 2024-03-05T17:09:02Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://audiences.wynter.io
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYS7OYaXaLiHh24qyqwnA==

OPTIONS
H2 204 logout
audiences-api.wynter.io/account/ Frame 0
0 140ms
139ms Preflight 2606:4700:3108::ac42:2881
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences-api.wynter.io/account/logout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2881 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://audiences.wynter.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://audiences.wynter.io
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85fbb6214c4a9a39-FRA
date: Tue, 05 Mar 2024 17:09:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzLMlDwXezUR7hPq5URSz%2FwrZVOi%2FNoxVJTmEFNbajZnQbIFWi%2FXdjd05MfFPitA1y64I0RydQJQs55eLlccWObKgMZJb%2FhiPJG1sUiK5WUHaAyeYE5TrhqVMmy2bqueXcVd8ZnZfSutisl6pgT%2BJO29HMdU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin

POST
H3 200 logout Show response
audiences-api.wynter.io/account/ 2 B
681 B 208ms
207ms XHR
application/json 2606:4700:3108::ac42:2b7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences-api.wynter.io/account/logout

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/js/main.2.633fd3ca893d0bb846af.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://audiences.wynter.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 17:09:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://audiences.wynter.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yX6kmFPGjyv2pqHiQv45fuWqbrZlee8qYNocQdnjesa68jbQwMOzegh4dmqcmIDEoUgyoOWOQWmE3qdtcl76Kmlti8wjbtaM9KOUxWLlvZYCsLmqUGI8TlQEGG1fodjKAfLHTlXwQSMpANCJ9SlDzKBUsFVG"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 85fbb6220c0890fb-FRA

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
143 B 185ms
185ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://audiences.wynter.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 17:09:01 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 544FF1025C274CF3972192D9BA0126AA Ref B: FRAEDGE1813 Ref C: 2024-03-05T17:09:02Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://audiences.wynter.io
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYS7OYafvKJH6waLUtKww==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/js/main.2.633fd3ca893d0bb846af.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d16c5e8767ea9afc0ae019bf487e5398313e9a730469863c225ff6a90f2f874d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 17:09:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 21ms
20ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2704695686489285&ev=PageView&dl=https%3A%2F%2Faudiences.wynter.io%2Fsignin%3Fto%3D%252F&rl=&if=false&ts=1709658542267&sw=1600&sh=1200&v=2.9.148&r=stable&ec=1&o=4126&fbp=fb.1.1709658540526.1176631988&ler=empty&cdl=API_unavailable&it=1709658540306&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Mar 2024 17:09:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 logo.fa9d2b31890dadd439de411dc4025a4a.png
audiences.wynter.io/images/ 6 KB
7 KB 153ms
153ms Image
image/webp 2606:4700:3108::ac42:2b7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://audiences.wynter.io/images/logo.fa9d2b31890dadd439de411dc4025a4a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4afaf47f855da7afb6252f58b867ad67c71a7b21ca50101b16b655ef7f972901

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/signin?to=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:02 GMT
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=16434
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6302
cf-bgj: imgq:100,h2pri
last-modified: Mon, 04 Mar 2024 19:01:10 GMT
server: cloudflare
etag: "65e61a76-4032"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvDZGq5DZ6zJGkt3WIxhAGTmhSXkwlPENaYpYYTT%2F7tuBUH3Ha0ilJoigQtcGFJA2A7%2FR9EtfdS%2F%2Brgn9ZeTn52RL8oBDMvhnDekTFIO6a9xP7w3qQwzJOEdXxpFuX6hh3vxGL0R1GK2Ne4W2ZGr7gU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85fbb6215b1690fb-FRA

GET
H2 200 new-google-favicon-512.png
cdn4.iconfinder.com/data/icons/new-google-logo-2015/400/ 13 KB
14 KB 130ms
59ms Image
image/webp 2606:4700:3108::ac42:292d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.iconfinder.com/data/icons/new-google-logo-2015/400/new-google-favicon-512.png

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/main.0.f9cf58860178fdbcecf9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:292d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db368a6c1354a22cd098672f65320798689d8b8f4eec112fd9766a7ef7ea4d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://audiences.wynter.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:02 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 414329
cf-polished: origFmt=png, origSize=19055
content-disposition: inline; filename="new-google-favicon-512.webp"
alt-svc: h3=":443"; ma=86400
content-length: 13066
x-request-id: cb04319c-9351-4994-83df-90e1954ed5ed
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1707409905&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=tTbVQwnQ695OSSpvFeo5JFsn0hbzgqSVWgl9CuJSg5k%3D
cf-bgj: imgq:100,h2pri
last-modified: Tue, 20 Feb 2024 12:10:05 GMT
server: cloudflare
vary: Accept
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1707409905&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=tTbVQwnQ695OSSpvFeo5JFsn0hbzgqSVWgl9CuJSg5k%3D"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 85fbb621cc2435f1-FRA
expires: Wed, 05 Mar 2025 17:09:02 GMT

GET
H3 200 GothamNarrow-Ultra.d8d505bb714a947e2dd04a4c3574de04.woff
audiences.wynter.io/ 59 KB
60 KB 129ms
129ms Font
font/woff 2606:4700:3108::ac42:2b7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences.wynter.io/GothamNarrow-Ultra.d8d505bb714a947e2dd04a4c3574de04.woff

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/main.0.f9cf58860178fdbcecf9.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cda5b6b48192ee465ce13afa795ff644adc521d93e2660f8c5083e6a874376c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://audiences.wynter.io/main.0.f9cf58860178fdbcecf9.css
Origin: https://audiences.wynter.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:02 GMT
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=15724800; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 60724
last-modified: Mon, 04 Mar 2024 19:01:10 GMT
server: cloudflare
etag: "65e61a76-ed34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8DRUseeKU1%2FzcIYmjxBVnBY9MpO3EvWaziN9tw3%2BUqNUBv%2B38ZwvQrEjGDre39HwSCEOXuGJJ1PB4h3rRp17RBx6rjWYJIfjk1bQIbiTk%2FKojMJaWtmpa5NAvNjheiqNzJOPPIKxVLbxeixg84AxfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85fbb6215b1f90fb-FRA

GET
H3 200 GothamNarrow-Book.7a40bcfb92c14161afa463e89a6b0bee.woff
audiences.wynter.io/ 71 KB
72 KB 138ms
138ms Font
font/woff 2606:4700:3108::ac42:2b7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://audiences.wynter.io/GothamNarrow-Book.7a40bcfb92c14161afa463e89a6b0bee.woff

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/main.0.f9cf58860178fdbcecf9.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bab11758aa29e7a44f5ada919fb232e6cb7b3ae8b4a03dcd2e49e724eac775da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://audiences.wynter.io/main.0.f9cf58860178fdbcecf9.css
Origin: https://audiences.wynter.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:02 GMT
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=15724800; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 72828
last-modified: Mon, 04 Mar 2024 19:01:10 GMT
server: cloudflare
etag: "65e61a76-11c7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcwNwgUh1btAnffzlKZpJF2vg8DisEveVzVWCf8j2X9gG62pO%2FoUXhTR3vYhzyVxIS4G4gYtvDYr7phkWM4o0KVsgP6jwNXrDynYp%2FV%2BI5D99gt9YoCtkb%2B0mTjjL3pIwA%2FRkal9xvWdNIhJePD%2B70o%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85fbb6215b2090fb-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 494 KB
197 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://audiences.wynter.io/
Origin: https://audiences.wynter.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201116
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 15:31:32 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 612D 46 KB
29 KB 48ms
46ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL&co=aHR0cHM6Ly9hdWRpZW5jZXMud3ludGVyLmlvOjQ0Mw..&hl=de&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=inline&cb=w88z1bf7gty6

Requested by

Host: audiences.wynter.io
URL: https://audiences.wynter.io/js/main.2.633fd3ca893d0bb846af.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9f13f54ec4751a599b42d3c2f556f9b9eadaf9de298fe3324d0967bda307dcc6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AAzanHy9XlNn2PgVHmS-0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://audiences.wynter.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-AAzanHy9XlNn2PgVHmS-0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 17:09:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 612D 55 KB
24 KB 58ms
19ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL&co=aHR0cHM6Ly9hdWRpZW5jZXMud3ludGVyLmlvOjQ0Mw..&hl=de&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=inline&cb=w88z1bf7gty6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 15:31:32 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 612D 494 KB
196 KB 68ms
29ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201116
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 15:31:32 GMT

GET
H3 200 oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js Show response
www.google.com/js/bg/ Frame 612D 17 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL&co=aHR0cHM6Ly9hdWRpZW5jZXMud3ludGVyLmlvOjQ0Mw..&hl=de&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=inline&cb=w88z1bf7gty6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:57:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6931
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:57:24 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 612D 2 KB
2 KB 20ms
19ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 14:54:26 GMT
x-content-type-options: nosniff
age: 94476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Mar 2024 14:54:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 612D 15 KB
15 KB 88ms
26ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 77803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 19:32:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 612D 15 KB
16 KB 82ms
21ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:26:30 GMT
x-content-type-options: nosniff
age: 441752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 14:26:30 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 612D 102 B
135 B 30ms
29ms Other
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e6ccfa30b73831d6528662ece5421627caab9f02289cf4902a0a4d67cdc1dd8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL&co=aHR0cHM6Ly9hdWRpZW5jZXMud3ludGVyLmlvOjQ0Mw..&hl=de&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=inline&cb=w88z1bf7gty6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 17:09:02 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 1EF6 7 KB
1 KB 32ms
31ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2b61fe8d3076a97acfb3e13a976d2d334a6aa912cf15d413872cb77f634ed7b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FUNoLm06E08UjnS_W8oF2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://audiences.wynter.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FUNoLm06E08UjnS_W8oF2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 17:09:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 1EF6 55 KB
24 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 15:31:32 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 1EF6 494 KB
196 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201116
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 15:31:32 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 1EF6 20 KB
15 KB 56ms
56ms XHR
application/json 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1eb015d4b996dc743a5c19824783cb2109111f89149d74a76720c41734631a43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 05 Mar 2024 17:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 17:09:03 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1EF6 600 B
624 B 19ms
19ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 13:46:32 GMT
x-content-type-options: nosniff
age: 98551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Mar 2024 13:46:32 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1EF6 530 B
554 B 21ms
20ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 09:00:07 GMT
x-content-type-options: nosniff
age: 29336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 12 Mar 2024 09:00:07 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1EF6 665 B
689 B 21ms
19ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 13:46:32 GMT
x-content-type-options: nosniff
age: 98551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Mar 2024 13:46:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1EF6 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 77804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 19:32:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1EF6 15 KB
15 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 17:34:06 GMT
x-content-type-options: nosniff
age: 84897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 17:34:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1EF6 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:26:30 GMT
x-content-type-options: nosniff
age: 441753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 14:26:30 GMT

GET
H3 200 oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js Show response
www.google.com/js/bg/ Frame 1EF6 17 KB
7 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:57:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6931
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:57:24 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 1EF6 45 KB
45 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA4slsKPb_omS95q5tu6Sak3gBV4iuVXexPV-GTNKMaxpemcraYnw3Oe6TAaXht6HjEg7TkCvrORolFR-iheFtD6Fx7h3WqYirqhFBQOjYHCtYhRS46ZOjJfwDnUaqVNgW1rz9gh2ntHzHvTke7TL-HnQ-fmyuwl-VmsVNFfTPX4i1MzXm91XYkG9VtEHFIeCEvtyZKthQ-fVvVw4LWUKc1vZVdMmA&k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

62e40996153e5285ae8320ddfb54d98f605c15099058b5b244a9ec87c7b35e2b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHpmIaAAAAAPRnRj9YOTNM4t-lte5iMrUP3EuL
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 17:09:03 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 17:09:03 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:13:30	Name: _GRECAPTCHA Value: 09AOiBZIAE5D2HjCKZ0x22OF9s1RXY7u7ZjgDqrldmKJ4EfkSYQRPlPTGwGSRJiMOFWcrVEDLLcfRTccT0guaEO_Q
.wynter.io/	1970-01-20 18:55:44	Name: _gid Value: GA1.2.1741532427.1709658540
.wynter.io/	1970-01-20 18:54:18	Name: _gat_UA-486673-38 Value: 1
.wynter.io/	1970-01-20 21:03:54	Name: _rdt_uuid Value: 1709658540200.3be33967-520b-4279-986f-041159df7ae4
.wynter.io/	1970-01-21 04:30:18	Name: _ga Value: GA1.1.864109997.1709658540
.wynter.io/	1970-01-20 21:03:54	Name: _fbp Value: fb.1.1709658540526.1176631988
.linkedin.com/	1970-01-20 21:03:54	Name: li_sugr Value: 2eb9573d-2db3-49ca-9dd4-bb253535ac0e
.linkedin.com/	1970-01-21 03:39:54	Name: bcookie Value: "v=2&6dec1756-9a6b-42b4-8f6a-6d37bee5732a"
.linkedin.com/	1970-01-20 18:55:44	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2709:u=1:x=1:i=1709658540:t=1709744940:v=2:sig=AQELDcMHLLvhHAg9n6RV2LavEhcOoe-3"
.linkedin.com/	1970-01-20 19:37:30	Name: UserMatchHistory Value: AQIY_lHGUjMcJAAAAY4PlwqJmuzj96Jik7REs_VVKLcEBnIspO6sa58zHsxDNiDkOheUDvmqZ_X90w
.linkedin.com/	1970-01-20 19:37:30	Name: AnalyticsSyncHistory Value: AQLuhjYuDa9-tQAAAY4PlwqJjwjYBjst50V64t865BhVtHXZZzQITAvoWZA7WgO3nyI5Dx7ELfRxKYuKN6v5xA
audiences.wynter.io/	1969-12-31 23:59:59	Name: logglytrackingsession Value: dc4f711b-f5de-4578-b4fa-cd35171f7fd5
.www.linkedin.com/	1970-01-21 03:39:54	Name: bscookie Value: "v=1&202403051709017b7dd23d-e1c7-40b0-8d17-4fb1dfe308c5AQEmNTso_4ePn1TmWZEGW6noaRPxIILB"
.linkedin.com/	1970-01-20 23:13:30	Name: li_gc Value: MTswOzE3MDk2NTg1NDE7MjswMjGLkbaTf9eQWgU4zNYBmqToOWUpHljvG03ptjtZoA3WKg==
.wynter.io/	1970-01-21 03:39:54	Name: _hjSessionUser_2756857 Value: eyJpZCI6ImNhMzRkNzQ5LTI0ODAtNTdkOC04NWYwLWJlZGQ1NWYxMzAxMyIsImNyZWF0ZWQiOjE3MDk2NTg1NDE4NjEsImV4aXN0aW5nIjpmYWxzZX0=
.wynter.io/	1970-01-20 18:54:20	Name: _hjSession_2756857 Value: eyJpZCI6ImUwODU1NDViLTg1N2YtNGFhZi1iNTFkLTZkZGRjNGVhZjU0MSIsImMiOjE3MDk2NTg1NDE4NjIsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
audiences.wynter.io/	1970-01-20 19:04:23	Name: slireg Value: https://scout.us4.salesloft.com
.wynter.io/	1970-01-21 03:39:54	Name: cb_user_id Value: null
.wynter.io/	1970-01-21 03:39:54	Name: cb_group_id Value: null
.wynter.io/	1970-01-21 03:39:54	Name: cb_anonymous_id Value: %22ab34f045-fd94-46a9-84c6-85877d05da5d%22
audiences.wynter.io/	1970-01-21 03:39:54	Name: sliguid Value: 14233ffc-0941-44bd-85df-b279bf8d5f4d
audiences.wynter.io/	1970-01-21 03:39:54	Name: slirequested Value: true
.wynter.io/	1970-01-21 04:30:18	Name: _ga_C2DMM9H6Z0 Value: GS1.1.1709658540.1.1.1709658543.57.0.0

45 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/2704695686489285?v=2.9.148&r=stable&domain=audiences.wynter.io&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://audiences-api.wynter.io/users/current Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://audiences.wynter.io/signin?to=%2F Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
app.clearbit.com
audiences-api.wynter.io
audiences.wynter.io
buttons-config.sharethis.com
cdn4.iconfinder.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
platform-api.sharethis.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
scout-cdn.salesloft.com
scout.salesloft.com
script.hotjar.com
snap.licdn.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
tag.clearbitscripts.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
x.clearbitjs.com
13.107.42.14
13.227.219.3
151.101.193.140
18.153.4.44
18.158.205.16
18.66.112.110
18.66.97.49
2001:4860:4802:34::36
2600:9000:25e8:dc00:c:abe:f440:93a1
2600:9000:2670:2600:7:d7d6:3c40:93a1
2606:4700:3108::ac42:2881
2606:4700:3108::ac42:292d
2606:4700:3108::ac42:2b7f
2606:4700::6810:3965
2606:4700::6811:4341
2620:1ec:21::14
2a00:1450:4001:806::2003
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2004
2a00:1450:4001:830::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9a
2a02:26f0:280:6::213:7ade
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::396
3.160.150.71
35.156.210.215
54.209.71.205
0eaff6a1231f49409a822630c4fcaeea3e32df5767e8fedfafa74c496a11ec78
10fb01154fa0da2da2956561510c48fddb9fe969e1138ed4a010598272f8b3e9
13d1b7f56cd5bab13f4d1e11afb5a45f72ef66e7ca7b8dd3188339d735409fd9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1eb015d4b996dc743a5c19824783cb2109111f89149d74a76720c41734631a43
2017e4b8e2b04c8305a4ad71ad1c4cb40ebe8414d779f9ed27c1b0cad0446e23
26ab1e1eeca5b1289daa3d87aaf2e04534286ddb4f159bf83fb0c63f87ab1964
2740082b1b7896f1b45b96faadf30c85082e12363e54d608ee8f28f536067ec2
2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697
2b61fe8d3076a97acfb3e13a976d2d334a6aa912cf15d413872cb77f634ed7b8
30650850b3322f7f3c954dfcfb9dfe9c2b8f0e62d61042a7b069674ab4c03c99
34062e1a17f977291e1de32e4bea41e645d7f786a6d5af1315459351bef6771f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42dabf9ef4c1424c64a9a43157b664945e2992df86699a2b7f0ee1ff84ba31a4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4afaf47f855da7afb6252f58b867ad67c71a7b21ca50101b16b655ef7f972901
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e6ccfa30b73831d6528662ece5421627caab9f02289cf4902a0a4d67cdc1dd8
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62e40996153e5285ae8320ddfb54d98f605c15099058b5b244a9ec87c7b35e2b
6953682c0ea668bba8f2d7259f4227f9edc14e69115084b7d9b7f32a177513b8
6cda5b6b48192ee465ce13afa795ff644adc521d93e2660f8c5083e6a874376c
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a213da3034d8b30de30bf3fe90f581b6b08880f057697d651bb5f4c36f51b66
7ef1b6996189dd9cb07510c359d8d927959fd7f12d8d04c61562ff9cf063c4cb
7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8cfc58c903082aab59592305e949e7b3c9215f3a62d70d13b9baee604d6132ab
9dd6854fd7ec4bfb255f08782d4a88b9656f7c5209ea355d78c6f78adab2cd36
9f13f54ec4751a599b42d3c2f556f9b9eadaf9de298fe3324d0967bda307dcc6
a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0
a3b77c8442345147719cabab2d4659db87b5c46ac660f34496de8b3dd594b41d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921
bab11758aa29e7a44f5ada919fb232e6cb7b3ae8b4a03dcd2e49e724eac775da
bdcedcc0085acc0e4d5a4489b2d73c2aae3f918b17f31bafcf4d8e8b1cc772be
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c
d04290e0779a0bfbad0b3a8288665397d374868b2206c2fdcfe350ff5a95f932
d16c5e8767ea9afc0ae019bf487e5398313e9a730469863c225ff6a90f2f874d
d7a50899e2274a0353183f32b0cc4b96a81c920646d408294c35abd5613628ac
db368a6c1354a22cd098672f65320798689d8b8f4eec112fd9766a7ef7ea4d64
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc9a46ab5d39a5becf4c5bc921eaceff98af73333cf29486a294356409af2f79

audiences.wynter.io Open in urlscan Pro 2606:4700:3108::ac42:2b7f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

99 %HTTPS

68 %IPv6

23 Domains

32 Subdomains

31 IPs

3 Countries

4878 kBTransfer

23301 kBSize

23 Cookies

2 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

audiences.wynter.io Open in urlscan Pro
2606:4700:3108::ac42:2b7f Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

99 %
HTTPS

68 %
IPv6

23
Domains

32
Subdomains

31
IPs

3
Countries

4878 kB
Transfer

23301 kB
Size

23
Cookies

76 HTTP transactions
0 data transactions