returnlearn.webs.com Open in urlscan Pro
2606:4700::6811:7728 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://invoice.returnlearn.com/
Effective URL:
https://returnlearn.webs.com/
Submission: On February 09 via automatic, source certstream-suspicious (February 9th 2023, 4:18:05 pm UTC) — Scanned from DE

Summary HTTP 75 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 75 HTTP transactions. The main IP is 2606:4700::6811:7728, located in United States and belongs to CLOUDFLARENET, US. The main domain is returnlearn.webs.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2022. Valid for: a year.

This is the only time returnlearn.webs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.190.26.117 35.190.26.117	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6811:7728	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
51	2606:4700::68... 2606:4700::6812:d054	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
2 2	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	44.196.135.123 44.196.135.123	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:402... 2a00:1450:4025:401::9d	15169 (GOOGLE) (GOOGLE)
75	11

1 35.190.26.117 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 117.26.190.35.bc.googleusercontent.com

invoice.returnlearn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:7728 (United States)

ASN13335 (CLOUDFLARENET, US)

returnlearn.webs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
members.webs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2606:4700::6812:d054 (United States)

ASN13335 (CLOUDFLARENET, US)

static.websimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mediaprocessor.websimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dynamic.websimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.21 (United States) 2 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.196.135.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-135-123.compute-1.amazonaws.com

statscollector.digital.vistaprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	websimages.com static.websimages.com — Cisco Umbrella Rank: 96498 mediaprocessor.websimages.com — Cisco Umbrella Rank: 281658 dynamic.websimages.com — Cisco Umbrella Rank: 302211	679 KB
8	webs.com returnlearn.webs.com members.webs.com — Cisco Umbrella Rank: 588179	101 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	290 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32 ajax.googleapis.com — Cisco Umbrella Rank: 298	36 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 344	17 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2296	4 KB
2	paypal.com 2 redirects www.paypal.com — Cisco Umbrella Rank: 2467	1 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76	337 B
1	vistaprint.com statscollector.digital.vistaprint.com — Cisco Umbrella Rank: 113998	114 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	870 B
1	returnlearn.com 1 redirects invoice.returnlearn.com	99 B
75	11

	Domain	Requested by
27	static.websimages.com	returnlearn.webs.com static.websimages.com
16	mediaprocessor.websimages.com	returnlearn.webs.com
8	dynamic.websimages.com	returnlearn.webs.com static.websimages.com
7	returnlearn.webs.com	returnlearn.webs.com
5	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	returnlearn.webs.com
2	ssl.google-analytics.com	1 redirects returnlearn.webs.com
2	www.paypalobjects.com	returnlearn.webs.com
2	www.paypal.com	2 redirects
1	stats.g.doubleclick.net	returnlearn.webs.com
1	statscollector.digital.vistaprint.com	returnlearn.webs.com
1	members.webs.com	returnlearn.webs.com
1	www.gstatic.com	www.google.com
1	www.google.com	returnlearn.webs.com
1	ajax.googleapis.com	returnlearn.webs.com
1	invoice.returnlearn.com	1 redirects
75	16

This site contains links to these domains. Also see Links.

Domain
gamejolt.com
retroreloader.itch.io
www.retroreloader.com
retroreloads.deviantart.com
www.patreon.com
imageprocessor.websimages.com
retroreload.webs.com
www.facebook.com
twitter.com
www.youtube.com
www.tumblr.com
www.flickr.com
www.alliancecomp.webs.com
heartsmmedia.com
www.alliancehealth.webs.com
www.amigapd.com
www.jesusaviour.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-09` - `2023-06-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
statscollector.digital.vistaprint.com Amazon RSA 2048 M01	`2022-12-05` - `2024-01-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://returnlearn.webs.com/
Frame ID: 380D9BFDD6EAD147C3499736BBC48939
Requests: 72 HTTP requests in this frame

Frame: https://returnlearn.webs.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675958400
Frame ID: 2054F9E53D206EAE1C41373CC5FEE09F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Return Learn Games

Page URL History Show full URLs

https://invoice.returnlearn.com/ HTTP 301
https://returnlearn.webs.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

75
Requests

96 %
HTTPS

69 %
IPv6

11
Domains

16
Subdomains

11
IPs

4
Countries

1128 kB
Transfer

1772 kB
Size

12
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://gamejolt.com/@retroreloader
Title: https://gamejolt.com/@retroreloader

Search URL Search Domain Scan URL

URL: https://retroreloader.itch.io/
Title: https://retroreloader.itch.io/

Search URL Search Domain Scan URL

URL: https://www.retroreloader.com/
Title: http://www.retroreloader.com

Search URL Search Domain Scan URL

URL: https://retroreloads.deviantart.com/
Title: http://retroreloads.deviantart.com/

Search URL Search Domain Scan URL

URL: https://www.patreon.com/heartsminds
Title: https://www.patreon.com/heartsminds

Search URL Search Domain Scan URL

URL: http://imageprocessor.websimages.com/fit/1920x1920/retroreload.webs.com/jh-retrogames-learning.jpg

Search URL Search Domain Scan URL

URL: http://imageprocessor.websimages.com/fit/1920x1920/retroreload.webs.com/jh-retrogames-learning%204.jpg

Search URL Search Domain Scan URL

URL: http://imageprocessor.websimages.com/fit/1920x1920/retroreload.webs.com/jh-retrogames-learning%205.jpg

Search URL Search Domain Scan URL

URL: http://imageprocessor.websimages.com/fit/1920x1920/retroreload.webs.com/jh-retrogames-learning%202.jpg

Search URL Search Domain Scan URL

URL: http://imageprocessor.websimages.com/fit/1920x1920/retroreload.webs.com/jh-retrogames-learning%203.jpg

Search URL Search Domain Scan URL

URL: http://imageprocessor.websimages.com/fit/1920x1920/retroreload.webs.com/jh-retrogames-learning%206.jpg

Search URL Search Domain Scan URL

URL: http://retroreload.webs.com/Arcade%20club%20interview%20questions-1.docx
Title: We would like your thoughts on gaming, questionnaire here

Search URL Search Domain Scan URL

URL: https://www.patreon.com/retroreload

Search URL Search Domain Scan URL

URL: https://www.facebook.com/retroreloadesign/

Search URL Search Domain Scan URL

URL: https://twitter.com/Heartsmindsmed

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/JohnRetroReloaderReturnlearn

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/blog/heartsmindsmedia

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/retroreloader/

Search URL Search Domain Scan URL

URL: http://www.alliancecomp.webs.com/

Search URL Search Domain Scan URL

URL: http://heartsmmedia.com/

Search URL Search Domain Scan URL

URL: http://www.alliancehealth.webs.com/

Search URL Search Domain Scan URL

URL: http://www.retroreloader.com/

Search URL Search Domain Scan URL

URL: http://www.amigapd.com/

Search URL Search Domain Scan URL

URL: http://www.jesusaviour.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://invoice.returnlearn.com/ HTTP 301
https://returnlearn.webs.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif HTTP 301
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Request Chain 25

https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Request Chain 72

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1228923686&utmhn=returnlearn.webs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Return%20Learn%20Games&utmhid=1191385674&utmr=-&utmp=%2F&utmht=1675959478953&utmac=UA-230305-2&utmcc=__utma%3D1.1718049966.1675959479.1675959479.1675959479.1%3B%2B__utmz%3D1.1675959479.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=493267301&utmredir=1&utmu=qlAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-230305-2&cid=1718049966.1675959479&jid=493267301&_v=5.7.2&z=1228923686

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
returnlearn.webs.com/
Redirect Chain

https://invoice.returnlearn.com/
https://returnlearn.webs.com/

59 KB
10 KB

62ms
22ms

Document
text/html

2606:4700::6811:7728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:7728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3087f7c59daafe5b7b8534bb616df73968c1dd1bfa5b2950d0b4bf03b9ef98

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://developer.cimpress.io
age: 326070
cache-control: public, max-age=0, s-maxage=2592000
cf-cache-status: HIT
cf-ray: 796deb109d2cbb3b-FRA
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 09 Feb 2023 16:17:57 GMT
last-modified: Sun, 05 Feb 2023 21:43:27 GMT
server: cloudflare
vary: Accept-Encoding
x-robots-tag: noindex
x-ua-compatible: IE=edge,chrome=1

Redirect headers

content-length: 265
content-type: text/html; charset=utf-8
date: Thu, 09 Feb 2023 16:17:57 GMT
location: https://returnlearn.webs.com/
server: nginx/1.20.2

GET
H2 200 css
fonts.googleapis.com/ 11 KB
900 B 45ms
20ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:regular,italic,700,700italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic

Requested by

Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

426be7295052c9469b0f6d723dbcc006b29de6ae452260304c4932facc4b9d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Feb 2023 16:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 16:17:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Feb 2023 16:17:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
813 B 44ms
19ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arbutus+Slab:regular|Philosopher:regular,italic,700,700italic

Requested by

Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0224e87604e8df937d87a9b0e5daaaea17c651344ff53d94bbff0537d56a31d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Feb 2023 16:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 16:17:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Feb 2023 16:17:57 GMT

GET
H2 200 modernizr-old.js Show response
static.websimages.com/active-static/lib/ 4 KB
2 KB 51ms
15ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/active-static/lib/modernizr-old.js
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d81b6a31ad97ba5f434bab06352bf5900273acabf852e1accfe3abe5b531048d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:04:41 GMT
server: cloudflare
age: 728787
cf-polished: origSize=3948
etag: W/"f6c-5da56650dd040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb10fff43608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 10:51:30 GMT

GET
H2 200 require.js Show response
static.websimages.com/static/global/js/ 13 KB
6 KB 53ms
17ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/static/global/js/require.js
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d70e8aec4b40571f1d4b627bca978b7d15e498fcc8a4d3265df3a57acd4e9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:04:42 GMT
server: cloudflare
age: 728869
cf-polished: origSize=13698
etag: W/"3582-5da56651d1280-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb10fff53608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 10:50:08 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8/ 91 KB
33 KB 84ms
20ms Script
text/javascript 2a00:1450:400d:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js

Requested by

Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 21:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 21:18:22 GMT

GET
H2 200 bootstrap.js Show response
static.websimages.com/active-static/target/apps/ 4 KB
1 KB 50ms
15ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/active-static/target/apps/bootstrap.js
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d0587f2d1e6447a253dce0855387c855f4ea8c06b709de1615e3667281d2e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 728869
cf-polished: origSize=5312
etag: W/"14c0-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb10fff63608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 10:50:08 GMT

GET
H2 200 .theme.css
returnlearn.webs.com/ 143 KB
14 KB 334ms
332ms Stylesheet
text/css 2606:4700::6811:7728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://returnlearn.webs.com/.theme.css?pubDate=200921121717
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:7728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edd3437a06b738ee51ad4dbbdefffd755a907d20fd959810f99a9dc73aa2b7a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 09 Feb 2023 16:17:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://developer.cimpress.io
cache-control: max-age=86400
x-robots-tag: noindex
cf-ray: 796deb10cd6fbb3b-FRA
expires: Fri, 10 Feb 2023 16:17:58 GMT

GET
H2 200 sitebase.css
static.websimages.com/v55a7611/static/projects/finch/css/ 51 KB
7 KB 50ms
16ms Stylesheet
text/css 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/static/projects/finch/css/sitebase.css
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b429e34f37566057712653d200742ca6108840bdb11454f86eefae65958de088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:35 GMT
server: cloudflare
age: 728848
cf-polished: origSize=53234
etag: W/"cff2-5da5673005ec0-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=18000
cf-ray: 796deb10ffef3608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 10:50:29 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
870 B 109ms
47ms Script
text/javascript 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

719dd9d08854f73d2ff4b8bd2516a8d9f247b28fea167d18db7e8a689257ed2c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 550
x-xss-protection: 1; mode=block
expires: Thu, 09 Feb 2023 16:17:58 GMT

GET
H2 200 view.app.js Show response
static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/view/ 370 B
300 B 52ms
18ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/view/view.app.js
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7046cfd2daa220402445f1b81a8deaaf55ddb8820f5a4028f0b5da044fb0003f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:30 GMT
server: cloudflare
age: 728787
cf-polished: origSize=445
etag: W/"1bd-5da5672b41380-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb10fff73608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 10:51:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 672 B
769 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300

Requested by

Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2d4f90f5be019bdb3381f1a07cfe33ad07717029a78029522fb609767d8715b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Feb 2023 16:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Feb 2023 15:32:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Feb 2023 16:17:57 GMT

GET
H2 200 fixedFreebar.css
static.websimages.com/active-static/target/usersites/css/ 2 KB
879 B 48ms
14ms Stylesheet
text/css 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/active-static/target/usersites/css/fixedFreebar.css
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e8417354ae2dacc2f0364f636f8463a9e28d054d49673cdaf8230678d8f88b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:33 GMT
server: cloudflare
age: 727039
cf-polished: origSize=1847
etag: W/"737-5da5672e1da40-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=18000
cf-ray: 796deb10fff23608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 11:20:38 GMT

GET
H2 200 p.js Show response
static.websimages.com/static/global/js/webs/usersites/ 715 B
544 B 50ms
16ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/static/global/js/webs/usersites/p.js
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d7dfe2563e116e424aad1f863aa29431bc4e1baceeebc6550b8374ed5a806de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:04:42 GMT
server: cloudflare
age: 727781
cf-polished: origSize=849
etag: W/"351-5da56651d1280-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb10fff83608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 11:08:16 GMT

GET
H2 200 retro_reloader_poster_design___websites_by_retroreloads-dagte6x.jpg
mediaprocessor.websimages.com/fit/1920x1920/returnlearn.webs.com/ 225 KB
226 KB 1136ms
1120ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/fit/1920x1920/returnlearn.webs.com/retro_reloader_poster_design___websites_by_retroreloads-dagte6x.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b3563084cba8f2e076f9aadf7d7db40822a24e38abab889038c8ea6e17dbb3dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:59 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: 63878175-3880-496a-860c-7caa156c2daa
vary: Accept-Encoding
etag: W/"3849f-QIjRWLTWslYy4CbqTJqvrwHcYh4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb127a4b3608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 230559

GET
H2 200 champ1.jpg
mediaprocessor.websimages.com/width/251/crop/0,0,251x165/returnlearn.webs.com/ 12 KB
12 KB 657ms
657ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/251/crop/0,0,251x165/returnlearn.webs.com/champ1.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ae9b539a743fa1d8ad1d1f953f108de2fa55f1608af1ebf68f8dbc618748b082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: 606677aa-1f39-4ea6-b56b-28378d6f4af0
vary: Accept-Encoding
etag: W/"2ff7-/9DLbagMGa+kYACjPI/k1inMrfk"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb12dab13608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12279

GET
H2 200 014.jpg
mediaprocessor.websimages.com/width/292/crop/0,0,292x164/returnlearn.webs.com/ 15 KB
16 KB 859ms
855ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/292/crop/0,0,292x164/returnlearn.webs.com/014.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b660dc4910840f07a438d07617692d9dc67b136c6dfd949676d91d553ce2c3af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:59 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: 5a672fc3-eb6e-4973-b07a-e4972889342a
vary: Accept-Encoding
etag: W/"3db6-UrlVHknoj8SOEKDrpIWcLpB6Kfw"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb12eac33608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15798

GET
H2 200 jh-retrogames-learning.jpg
mediaprocessor.websimages.com/width/275/crop/0,0,275x192/retroreload.webs.com/ 41 KB
41 KB 838ms
835ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/275/crop/0,0,275x192/retroreload.webs.com/jh-retrogames-learning.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 004e0a670de793889d3b6e94f7366422accf40d0cf7e83acf9ddc019da103610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:59 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: dd89dddc-3f26-4e4f-9233-21d3856d4c99
vary: Accept-Encoding
etag: W/"a3d3-5f1f8TWsG208b93KvQ46ZfNvry4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb12eac53608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41939

GET
H2 200 jh-retrogames-learning%204.jpg
mediaprocessor.websimages.com/width/275/crop/0,0,275x191/retroreload.webs.com/ 36 KB
36 KB 835ms
831ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/275/crop/0,0,275x191/retroreload.webs.com/jh-retrogames-learning%204.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 88a32a20b2f2da5758838c9bc4bb519eb1668a5232863204b5f38af736d1858a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:59 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: 8b01b9c3-bf8b-4a3d-a7ee-af8c6ec9add0
vary: Accept-Encoding
etag: W/"9061-wzI2ZDbg0YYOgaja9wBx1FU5nTY"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb12eac73608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36961

GET
H2 200 jh-retrogames-learning%205.jpg
mediaprocessor.websimages.com/width/275/crop/0,0,275x192/retroreload.webs.com/ 49 KB
49 KB 905ms
902ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/275/crop/0,0,275x192/retroreload.webs.com/jh-retrogames-learning%205.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f2879297f548f85019ae5a31bc79f415d351c2b534e9b6e03132debf4ec43905

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:59 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: d7077d23-a27c-4e6d-bc25-ed419eb101cf
vary: Accept-Encoding
etag: W/"c26d-w2rE1rhuaoSyOmZnp4tAiquXzFU"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb12eac83608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49773

GET
H2 200 jh-retrogames-learning%202.jpg
mediaprocessor.websimages.com/width/275/crop/0,0,275x192/retroreload.webs.com/ 45 KB
45 KB 957ms
956ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/275/crop/0,0,275x192/retroreload.webs.com/jh-retrogames-learning%202.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 82b5d8155ab2e759cbf0a9d54ef3293bf224f507b01713cf138548f50f217c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:59 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: 24976f68-6f56-48c2-9336-ee5b1dfd9e49
vary: Accept-Encoding
etag: W/"b242-u/K1ZdTKBh5BdZIIe5OQ2DuESOQ"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb133b523608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45634

GET
H2 200 jh-retrogames-learning%203.jpg
mediaprocessor.websimages.com/width/275/crop/0,0,275x192/retroreload.webs.com/ 18 KB
18 KB 921ms
920ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/275/crop/0,0,275x192/retroreload.webs.com/jh-retrogames-learning%203.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a2195189a6d011ec4a13951b5019c9b204f65cf509b7ad0a2d4229366adcebcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:59 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: f18d2f41-2256-4ff7-bed2-3275867b8e2a
vary: Accept-Encoding
etag: W/"4928-J5YOmVgOkN1REu7OKO9boVtwvvE"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb133b533608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18728

GET
H2 200 jh-retrogames-learning%206.jpg
mediaprocessor.websimages.com/width/275/crop/0,0,275x192/retroreload.webs.com/ 43 KB
43 KB 940ms
938ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/275/crop/0,0,275x192/retroreload.webs.com/jh-retrogames-learning%206.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6af86b090ebbb95a0739f873a8050d94afde96e15ae8197d33b1bd5d70924b6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:59 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: 88be91ff-876a-485a-ba09-bde8f7753291
vary: Accept-Encoding
etag: W/"ac43-uOVCtwb8kqXswnDC500TPjvoP2s"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb133b4b3608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44099

GET
H2 200 email-decode.min.js Show response
returnlearn.webs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 10ms
10ms Script
application/javascript 2606:4700::6811:7728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://returnlearn.webs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6811:7728 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Feb 2023 18:52:43 GMT
server: cloudflare
etag: W/"63e14c7b-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 796deb116e56bb3b-FRA
expires: Sat, 11 Feb 2023 16:17:57 GMT

GET
H2 200 8_bit_heroes_by_giles85-d6icu4f.jpg
mediaprocessor.websimages.com/width/240/crop/0,0,240x170/returnlearn.webs.com/ 26 KB
26 KB 1142ms
1142ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/240/crop/0,0,240x170/returnlearn.webs.com/8_bit_heroes_by_giles85-d6icu4f.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fb99d202906a2e32e436fdd560a6cec726f6f063daa345d808c5a8eefdf1e596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:59 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: ff859ba6-850f-42bb-9e52-54ead75f2324
vary: Accept-Encoding
etag: W/"6933-Aa5O4Mzo3c85mI0RyM8DLos2TMA"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb133b553608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26931

GET
H2

200

btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

3 KB
3 KB

51ms
10ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF2) /

Resource Hash

33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 27 May 2021 14:20:07 GMT
server: ECAcc (frc/4CF2)
etag: "60afaa97-c1b"
x-cache: HIT
content-type: image/gif
paypal-debug-id: 2b4c172ba8a6d
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 3099
expires: Thu, 09 Feb 2023 17:17:58 GMT

Redirect headers

x-served-by: cache-hhn-etou8220096-HHN
date: Thu, 09 Feb 2023 16:17:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f83716536b952-60210df8c0422c77-01
x-timer: S1675959479.545909,VS0,VE154
x-cache: MISS
location: https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
paypal-debug-id: f83716536b952
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain

https://www.paypal.com/en_US/i/scr/pixel.gif
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

43 B
392 B

94ms
10ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBC) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (frc/4CBC)
etag: "5d5637be-2b"
x-cache: HIT
content-type: image/gif
paypal-debug-id: d1c4cfe1ff620
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 43
expires: Thu, 09 Feb 2023 17:17:58 GMT

Redirect headers

x-served-by: cache-hhn-etou8220096-HHN
date: Thu, 09 Feb 2023 16:17:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f83716539c33f-42743f5af8b974f4-01
x-timer: S1675959479.546763,VS0,VE148
x-cache: MISS
location: https://www.paypalobjects.com/en_US/i/scr/pixel.gif
paypal-debug-id: f83716539c33f
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-cache-hits: 0

GET
H2 200 allconsulting2.jpg
mediaprocessor.websimages.com/width/240/crop/0,0,240x82/returnlearn.webs.com/ 13 KB
13 KB 726ms
725ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/240/crop/0,0,240x82/returnlearn.webs.com/allconsulting2.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1040df0db4a518737f8d0c078b3a31058d9d0af27967a77245e4fd627f08cb54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: 32c0a399-9d51-4f6d-8c4e-e9ed8bf7f690
vary: Accept-Encoding
etag: W/"34e6-ZzVGj8RaokpKFje0v5VTD8ydrW8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb133b4c3608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13542

GET
H2 200 Changing-Minds-Logo72dpi.jpg
mediaprocessor.websimages.com/width/105/crop/0,0,105x111/returnlearn.webs.com/ 10 KB
10 KB 735ms
734ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/105/crop/0,0,105x111/returnlearn.webs.com/Changing-Minds-Logo72dpi.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: afc96518bb6b23507ce576f3fe3f2afa9855c1d5caf6be649c2461a9b4272414

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: 0402c73a-aa6f-4cff-96c2-a87bf5f0c672
vary: Accept-Encoding
etag: W/"2753-TLvs8oool+9lwWFOujUVNOXSHXQ"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb133b573608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10067

GET
H2 200 Therapy3.jpg
mediaprocessor.websimages.com/width/129/crop/10,0,105x105/returnlearn.webs.com/ 9 KB
9 KB 859ms
858ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/129/crop/10,0,105x105/returnlearn.webs.com/Therapy3.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 50d9ed56408b85a002848d7a2dc859abbb4c27272afcc687cd5a0f9e2302ae47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:59 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: a2e3c096-5498-4e28-82e3-a9c2fbcd4d32
vary: Accept-Encoding
etag: W/"244a-M0MXeFwHycu0g6yxFOxn4P3+Jis"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb133b4f3608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9290

GET
H2 200 retro_reloader_poster_design___websites_by_retroreloads-dagte6x.jpg
mediaprocessor.websimages.com/width/240/crop/0,0,240x151/returnlearn.webs.com/ 29 KB
29 KB 767ms
766ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/240/crop/0,0,240x151/returnlearn.webs.com/retro_reloader_poster_design___websites_by_retroreloads-dagte6x.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 28cd8f30cf49ca08170d17921fa06f3e773ae1bec2d861f225f2576aa5f5a826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:59 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: 65cfdfd5-5e33-4e9d-83f7-6276447d7595
vary: Accept-Encoding
etag: W/"7422-KLtWYbGgobyGUENTNvi3QmqXPUQ"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb133b563608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29730

GET
H2 200 amigapd.png
mediaprocessor.websimages.com/width/240/crop/0,0,240x75/returnlearn.webs.com/ 31 KB
31 KB 783ms
782ms Image
image/png 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/240/crop/0,0,240x75/returnlearn.webs.com/amigapd.png
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: af93b1e89daae65a55d019fc2b5c8677703d92fcf6c061107f184dad5a8f428a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:59 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: f8831633-a104-4bb8-bf42-2e6b84cbaa46
vary: Accept-Encoding
etag: W/"7bac-wcMNFiSCfHrRjKXIWZsPBDIyIkU"
content-type: image/png
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb133b4d3608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31660

GET
H2 200 jh-christian-christmas-wallpaper-for-desktop-wwwwallpapersinhdcom-quotes-desktop-picture-christian-wallpaper.jpg
mediaprocessor.websimages.com/width/240/crop/0,0,240x138/returnlearn.webs.com/ 17 KB
17 KB 935ms
935ms Image
image/jpeg 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaprocessor.websimages.com/width/240/crop/0,0,240x138/returnlearn.webs.com/jh-christian-christmas-wallpaper-for-desktop-wwwwallpapersinhdcom-quotes-desktop-picture-christian-wallpaper.jpg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d0c7f05ee5ff781d8b0ed1c6315c81f6d7cfbae0a3a3990f9c1a126ce42ff990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:59 GMT
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
requestid: e3b9a01a-766e-4d18-86cf-595b9526b2fc
vary: Accept-Encoding
etag: W/"4453-GGqZxDjG61rd2YyJ4as1WhOoals"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, s-maxage=604800,max-age=604800
accept-ranges: bytes
cf-ray: 796deb133b593608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17491

GET
H2 200 collector.js Show response
static.websimages.com/active-static/target/stats/ 1 KB
816 B 23ms
20ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/active-static/target/stats/collector.js
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 728990
cf-polished: origSize=1803
etag: W/"70b-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb12eaca3608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 10:48:08 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 406 KB
162 KB 394ms
71ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://returnlearn.webs.com/
Origin: https://returnlearn.webs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 05:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Feb 2024 05:58:19 GMT

GET
H2 200 ModuleClassLoader.js Show response
static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/common/ 7 KB
2 KB 33ms
32ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/common/ModuleClassLoader.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 323e937396ca48b07e70dff5ed5ecb491c15dcba895238fa49ad4261bda4f7e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 728867
cf-polished: origSize=11074
etag: W/"2b42-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb12eacd3608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 10:50:11 GMT

GET
H2 200 base.js Show response
static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/common/ 697 B
442 B 24ms
23ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/common/base.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 128c89070499938d3e361642fb21dfb3b5c8ac90fa1f787bc68153bb0873bde6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 728746
cf-polished: origSize=1116
etag: W/"45c-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb12ead13608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 10:52:12 GMT

GET
H2 200 log.js Show response
static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/common/ 2 KB
885 B 22ms
21ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/common/log.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f566f515ee1be2109870fef118d26ccc1406135e39c95f30fda41e5cf5989f48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 728866
cf-polished: origSize=2422
etag: W/"976-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb12ead83608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 10:50:12 GMT

GET
H2 200 webs.modules.js Show response
static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/common/ 2 KB
1 KB 25ms
24ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/common/webs.modules.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dae0a0dc094e9374bb84bc36f84d85284ff3caeb345f919861eae0ebf183aeaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 728866
cf-polished: origSize=3759
etag: W/"eaf-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb12eada3608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 10:50:12 GMT

GET
H2 200 sitebase.js Show response
static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/builder/ 3 KB
1 KB 23ms
22ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/builder/sitebase.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d68efc40cabf78c969ee83125a932d1ddb3f2a8d0067eee66220103c53590f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 728746
cf-polished: origSize=4461
etag: W/"116d-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb12fadd3608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 10:52:12 GMT

GET
H2 200 css_browser_selector.js Show response
static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/common/ 1 KB
640 B 23ms
22ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/common/css_browser_selector.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32aacb45db50a6c1c47bac023d907b625e400b873b8f2baff72dbcbee4f1da35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 728538
cf-polished: origSize=1386
etag: W/"56a-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb12fade3608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 10:55:40 GMT

GET
H2 200 bg_body.png
dynamic.websimages.com/s/themes/space/v1.14/images/ 2 KB
2 KB 223ms
208ms Image
image/png 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dynamic.websimages.com/s/themes/space/v1.14/images/bg_body.png
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/.theme.css?pubDate=200921121717
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 282fe77d6a15cb97eaf6ff7b9d5cd6d3ad5070394f4a2c72629fffac496657ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Feb 2023 05:00:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
p3p: CP="Potato"
cache-control: max-age=86400
cf-ray: 796deb130b033608-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Feb 2023 16:17:58 GMT

GET
H2 200 thumb-680x459-f.jpeg
returnlearn.webs.com/ 10 KB
10 KB 396ms
395ms Image
image/jpeg 2606:4700::6811:7728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://returnlearn.webs.com/thumb-680x459-f.jpeg
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/.theme.css?pubDate=200921121717
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:7728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94b661217d5f0db6d54ac404325dc7c1b440ab278ee4f6521a5cecfeeec5fa77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/.theme.css?pubDate=200921121717
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
cf-cache-status: MISS
last-modified: Tue, 26 Apr 2022 20:26:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: https://developer.cimpress.io
cache-control: max-age=604800
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 796deb12e88fbb3b-FRA
content-length: 10421

GET
H2 200 7.png
static.websimages.com/static/finchTemplates/backgrounds/textures/ 6 KB
7 KB 20ms
19ms Image
image/png 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.websimages.com/static/finchTemplates/backgrounds/textures/7.png
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/.theme.css?pubDate=200921121717
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 119d9b448f09d7747b0558a49038a0c4105bd407031d9207ffca7f2b1db677c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
cf-cache-status: HIT
age: 192537
cf-polished: origSize=8025, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6476
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Mar 2022 14:04:42 GMT
server: cloudflare
etag: "1f59-5da56651d1280"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=18000
accept-ranges: bytes
cf-ray: 796deb12fadf3608-FRA
expires: Tue, 07 Feb 2023 15:49:01 GMT

GET
H2 200 oY1Z8e7OuLXkJGbXtr5ba7ZlbKUc.woff2
fonts.gstatic.com/s/arbutusslab/v16/ 18 KB
19 KB 413ms
95ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arbutusslab/v16/oY1Z8e7OuLXkJGbXtr5ba7ZlbKUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arbutus+Slab:regular|Philosopher:regular,italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67797523bfe065fd2772ac162406abcdd091b962817654df5641960f96e89914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://returnlearn.webs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 07:37:40 GMT
x-content-type-options: nosniff
age: 117618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18840
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:30:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 07:37:40 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 366ms
48ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:regular,italic,700,700italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://returnlearn.webs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:21:09 GMT
x-content-type-options: nosniff
age: 176209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 15:21:09 GMT

GET
H2 200 vEFI2_5QCwIS4_Dhez5jcWjValgb8tc.woff2
fonts.gstatic.com/s/philosopher/v19/ 19 KB
19 KB 435ms
118ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/philosopher/v19/vEFI2_5QCwIS4_Dhez5jcWjValgb8tc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arbutus+Slab:regular|Philosopher:regular,italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33fd76af7762a3a075fe1ff9deede7663d8eeb7da6ad98bed2b8b47e5a0b4a17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://returnlearn.webs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 11:44:35 GMT
x-content-type-options: nosniff
age: 16403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19484
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 11:44:35 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 503ms
185ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:regular,italic,700,700italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://returnlearn.webs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:49:45 GMT
x-content-type-options: nosniff
age: 149293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 22:49:45 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 308ms
12ms Script
text/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 15:31:58 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2760
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Thu, 09 Feb 2023 17:31:58 GMT

GET
H2 200 style01.png
members.webs.com/s/modules/social-links/v1.23/icons/ 34 KB
35 KB 225ms
210ms Image
image/png 2606:4700::6811:7728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://members.webs.com/s/modules/social-links/v1.23/icons/style01.png
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/.theme.css?pubDate=200921121717
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:7728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5cadee877a193cdf1922f418014d3f298ae80eb56a5b61c7711d9fc3a8398df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="Potato"
access-control-allow-origin: *
content-type: image/png
cache-control: max-age=86400
cf-ray: 796deb133925bb3b-FRA
expires: Fri, 10 Feb 2023 16:17:58 GMT

GET
H3 200 footer_logo_sprite.png
static.websimages.com/active-static/target/usersites/images/ 1 KB
1 KB 20ms
20ms Image
image/webp 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.websimages.com/active-static/target/usersites/images/footer_logo_sprite.png
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/active-static/target/usersites/css/fixedFreebar.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5cbc8204e4e3025245c817666fb5e378a798bda77a3503c84384d8a48c08fcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.websimages.com/active-static/target/usersites/css/fixedFreebar.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
cf-cache-status: HIT
age: 1494484
cf-polished: origFmt=png, origSize=4241
content-disposition: inline; filename="footer_logo_sprite.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1142
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
etag: "1091-5da5672a4d140"
vary: Accept
content-type: image/webp
cache-control: max-age=18000
accept-ranges: bytes
cf-ray: 796deb132a812bd7-FRA
expires: Mon, 23 Jan 2023 14:09:54 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 436ms
153ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:regular,italic,700,700italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://returnlearn.webs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:58:58 GMT
x-content-type-options: nosniff
age: 260340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 15:58:58 GMT

GET
H2 200 invisible.js Show response
returnlearn.webs.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 2054 37 KB
18 KB 18ms
18ms Script
application/javascript 2606:4700::6811:7728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://returnlearn.webs.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675958400
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:7728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06db59bd7ff4765a57f1c77dacc373e4403ce63a156ce7eaa855feb70a40ea50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 796deb1328febb3b-FRA

GET
H2 200 record
statscollector.digital.vistaprint.com/ 0
114 B 535ms
97ms Image
text/plain 44.196.135.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statscollector.digital.vistaprint.com/record?siteId=121267219&pageId=322297790&pageTitle=Home&parentPageId=&premium=false&builderType=SB_3&referrer=&location=https%3A%2F%2Freturnlearn.webs.com%2F&visitorId=963905370
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.135.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-135-123.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: https://developer.cimpress.io
date: Thu, 09 Feb 2023 16:17:59 GMT
x-powered-by: Express
content-type: text/plain

GET
H3 200 fixedFreebar.js Show response
static.websimages.com/v55a7611/active-static/target/usersites/js/ 213 B
396 B 26ms
21ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/target/usersites/js/fixedFreebar.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa4cac8e566eb9d001b4f5b30d2fd1cb402bfbfcf59ebdd49ba39bcb7ea95279

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 1494480
cf-polished: origSize=386
etag: W/"182-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb14efa22bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 23 Jan 2023 14:09:58 GMT

GET
H3 200 spine.min.js Show response
static.websimages.com/v55a7611/active-static/lib/spine/ 8 KB
3 KB 22ms
19ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/lib/spine/spine.min.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 589ba5922514887cd7b1fa8abf3bb03e4084a008f092fc6f7cab19c11f622723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 14:04:41 GMT
server: cloudflare
age: 1495572
etag: W/"1eca-5da56650dd040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb14efa32bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 23 Jan 2023 13:51:46 GMT

GET
H3 200 tooltip.js Show response
static.websimages.com/v55a7611/active-static/target/internal/common/ 4 KB
2 KB 34ms
32ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/target/internal/common/tooltip.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf5680cedc7e1e477c00ba1fb10d4307a755e19acc964c991e3ef233151b5502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 1495572
cf-polished: origSize=5844
etag: W/"16d4-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb14efa42bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 23 Jan 2023 13:51:46 GMT

GET
H3 200 nodeDataTooltip.js Show response
static.websimages.com/v55a7611/active-static/lib/ 1 KB
863 B 44ms
42ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/lib/nodeDataTooltip.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 110a2f46b22736a51903176d9947700e2e759ed662a4e127406741c98d273e3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:04:41 GMT
server: cloudflare
age: 1495572
cf-polished: origSize=1752
etag: W/"6d8-5da56650dd040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb14efa62bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 23 Jan 2023 13:51:46 GMT

GET
H3 200 creativeCommons.js Show response
static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/common/ 932 B
694 B 34ms
32ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/target/internal/sitebuilder/common/creativeCommons.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c16d8e0d2683bef52ec881e26ce9151e90002b7513bf1413e7039326ac402187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 1495572
cf-polished: origSize=1401
etag: W/"579-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb14efa82bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 23 Jan 2023 13:51:46 GMT

GET
H2 200 pica.js
returnlearn.webs.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 2054 27 KB
12 KB 18ms
18ms Other
application/javascript 2606:4700::6811:7728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://returnlearn.webs.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:7728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f4dd185a5fbdfc0ead3301fd620f0ce3d9739823bfbc6d956697a1fac76d341

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 796deb14fcc9bb3b-FRA

GET
H3 200 link.js Show response
static.websimages.com/v55a7611/active-static/lib/require/ 924 B
738 B 25ms
25ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/lib/require/link.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ea10c9e35ffe5145ef5a40896ce5e880be6a61d31de65eb7cc919120bfa3c09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:04:41 GMT
server: cloudflare
age: 1495572
cf-polished: origSize=2373
etag: W/"945-5da56650dd040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb15284e2bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 23 Jan 2023 13:51:46 GMT

GET
H3 200 translate.js Show response
static.websimages.com/v55a7611/active-static/lib/translate/ 2 KB
1 KB 35ms
35ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/lib/translate/translate.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6820df27787e4a6afd1d540ffc72c8999012789c54419951bcdde7a369cb0862

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:04:41 GMT
server: cloudflare
age: 1495572
cf-polished: origSize=4827
etag: W/"12db-5da56650dd040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb15284f2bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 23 Jan 2023 13:51:46 GMT

GET
H3 200 underscore.js Show response
static.websimages.com/v55a7611/active-static/lib/backbone/ 19 KB
6 KB 22ms
22ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/lib/backbone/underscore.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e59ef50a17b0014fb3f24c6542f40aecdeedf4f368eff42f9ca4096f2c0bbfe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:04:41 GMT
server: cloudflare
age: 1495572
cf-polished: origSize=41120
etag: W/"a0a0-5da56650dd040-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb1538682bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 23 Jan 2023 13:51:46 GMT

GET
H3 200 tooltip.css
static.websimages.com/v55a7611/static/projects/finch/css/ 2 KB
946 B 18ms
18ms Stylesheet
text/css 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/static/projects/finch/css/tooltip.css
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/v55a7611/active-static/lib/require/link.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19c9244c7c7a048b1a684f8da110c425597fede15b68b8bd83d9fc3209ac5855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:32 GMT
server: cloudflare
age: 1495571
cf-polished: origSize=2165
etag: W/"875-5da5672d29800-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=18000
cf-ray: 796deb1548922bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 23 Jan 2023 13:51:47 GMT

GET
H3 200 localize.js Show response
static.websimages.com/v55a7611/active-static/target/ 1 KB
725 B 77ms
76ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/target/localize.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1c8f61b1602029ff1a5d72b3dc52ba6494aa3d58567e1d716f9034ca1911ae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 1495572
cf-polished: origSize=1706
etag: W/"6aa-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb1599112bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 23 Jan 2023 13:51:46 GMT

GET
H3 200 locale.js Show response
static.websimages.com/v55a7611/active-static/target/ 2 KB
932 B 18ms
18ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/v55a7611/active-static/target/locale.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b5c858e3714339bd30277437312918ecb556655b9265945ecfddd41b5dd0bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
age: 1495572
cf-polished: origSize=2398
etag: W/"95e-5da5672a4d140-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 796deb1599122bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 23 Jan 2023 13:51:46 GMT

GET
H3 200 / Show response
dynamic.websimages.com/s/resources/en-US/webs.creativecommons.attribution/ 285 B
407 B 23ms
22ms Script
application/json 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dynamic.websimages.com/s/resources/en-US/webs.creativecommons.attribution/?callback=define
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63c0c76181ac4665cce8a77f97855d58cd2b3d4afb8bf7693b7c8bbfb1b02187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Jan 2023 08:47:23 GMT
server: cloudflare
age: 1495835
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
p3p: CP="Potato"
cache-control: public, max-age=3600, s-maxage=86400
cf-ray: 796deb1629ed2bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 header_editor_view.js Show response
dynamic.websimages.com/s/modules/header_editor/v1.55/ 873 B
686 B 19ms
19ms Script
text/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dynamic.websimages.com/s/modules/header_editor/v1.55/header_editor_view.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5180d19231ff2b3f4c0024713c9ababf65c5a7dc1b9116de1f894dde144d2ff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1495831
cf-polished: origSize=1114
p3p: CP="Potato"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 23 Jan 2023 08:47:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 796deb165a2d2bd7-FRA
expires: Tue, 24 Jan 2023 08:47:27 GMT

GET
H3 200 title_view.js Show response
dynamic.websimages.com/s/modules/title/v1.18/ 425 B
488 B 19ms
18ms Script
text/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dynamic.websimages.com/s/modules/title/v1.18/title_view.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ec91d61c2407b6ee8158b037d8e870d20178e2036ebb47c6c27f51c1609dfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1495831
cf-polished: origSize=515
p3p: CP="Potato"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 23 Jan 2023 08:47:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 796deb165a322bd7-FRA
expires: Tue, 24 Jan 2023 08:47:27 GMT

GET
H3 200 image_view.js Show response
dynamic.websimages.com/s/modules/image/v1.28/ 2 KB
1 KB 39ms
38ms Script
text/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dynamic.websimages.com/s/modules/image/v1.28/image_view.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c144620e30f43f58676ba26a585a3754e4f67098099312604778916a60c10739

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1495571
cf-polished: origSize=3232
p3p: CP="Potato"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 23 Jan 2023 08:51:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 796deb165a342bd7-FRA
expires: Tue, 24 Jan 2023 08:51:47 GMT

GET
H3 200 social-links_view.js Show response
dynamic.websimages.com/s/modules/social-links/v1.23/ 2 KB
615 B 44ms
43ms Script
text/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dynamic.websimages.com/s/modules/social-links/v1.23/social-links_view.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0213e2d63c9b6bf9f103e459305db036eaf07ce1cb02d741023464bc7ac77434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1495571
cf-polished: origSize=1969
p3p: CP="Potato"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 23 Jan 2023 08:51:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 796deb165a352bd7-FRA
expires: Tue, 24 Jan 2023 08:51:47 GMT

GET
H3 200 donate_view.js Show response
dynamic.websimages.com/s/modules/donate/v1.11/ 712 B
681 B 28ms
27ms Script
text/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dynamic.websimages.com/s/modules/donate/v1.11/donate_view.js
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34f9b241e99435f9aedf61a9cfa13507f614b3c5810bed331f1d214d92c48a68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 1471271
cf-polished: origSize=870
p3p: CP="Potato"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 23 Jan 2023 15:36:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 796deb165a372bd7-FRA
expires: Tue, 24 Jan 2023 15:36:47 GMT

POST
H2 200 796deb109d2cbb3b Show response
returnlearn.webs.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 2054 2 B
349 B 35ms
34ms XHR
text/plain 2606:4700::6811:7728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://returnlearn.webs.com/cdn-cgi/challenge-platform/h/b/cv/result/796deb109d2cbb3b
Requested by: Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675958400
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:7728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 796deb1758a3bb3b-FRA
content-type: text/plain; charset=UTF-8

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1228923686&utmhn=returnlearn.webs.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-230305-2&cid=1718049966.1675959479&jid=493267301&_v=5.7.2&z=1228923686

35 B
337 B

69ms
24ms

Image
image/gif

2a00:1450:4025:401::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-230305-2&cid=1718049966.1675959479&jid=493267301&_v=5.7.2&z=1228923686

Requested by

Host: returnlearn.webs.com
URL: https://returnlearn.webs.com/

Protocol

Server

2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Feb 2023 16:17:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Feb 2023 16:17:58 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-230305-2&cid=1718049966.1675959479&jid=493267301&_v=5.7.2&z=1228923686
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
dynamic.websimages.com/s/resources/en-US/webs.module.header_editor/ 770 B
489 B 16ms
15ms Script
application/json 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dynamic.websimages.com/s/resources/en-US/webs.module.header_editor/?callback=define
Requested by: Host: static.websimages.com
URL: https://static.websimages.com/static/global/js/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 347d03e35db9b4131aecaa14d44248eced52c33138f6b4833ffa6c421755a9f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://returnlearn.webs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 16:17:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Jan 2023 08:47:27 GMT
server: cloudflare
age: 1495831
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
p3p: CP="Potato"
cache-control: public, max-age=3600, s-maxage=86400
cf-ray: 796deb177c692bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
returnlearn.webs.com/	1969-12-31 23:59:59	Name: fwww Value: 45ba6b1dde081c4ad831a57029cd25b11d59de08237283c0423d6830b69410b0
.members.webs.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 461E1C776ECC944AD0A6F833F6687D9E
.members.webs.com/	1969-12-31 23:59:59	Name: AWSELB Value: 2DE53737061E01C79768F60FB635FE7F7208F4DED49002C21CFFD3384C52F9D43F37737156EAE3927D93B42945D5606E2D81432B88A7B357404F37CA69ABE184E825CF12E1908E896041D6BAE7FCAAAD25797B8BA9
returnlearn.webs.com/	1970-01-20 09:34:05	Name: webs-stats-visitor-id Value: 963905370
.paypal.com/	1970-01-20 19:08:39	Name: ts Value: vreXpYrS%3D1770653878%26vteXpYrS%3D1675961278%26vr%3D36f829621860a2d1f2d139abfb89eba0%26vt%3D36f829621860a2d1f2d139abfb89eb9f%26vtyp%3Dnew
.paypal.com/	1970-01-20 19:08:39	Name: ts_c Value: vr%3D36f829621860a2d1f2d139abfb89eba0%26vt%3D36f829621860a2d1f2d139abfb89eb9f
returnlearn.webs.com/	1970-01-20 19:08:39	Name: __utma Value: 1.1718049966.1675959479.1675959479.1675959479.1
returnlearn.webs.com/	1969-12-31 23:59:59	Name: __utmc Value: 1
returnlearn.webs.com/	1970-01-20 13:55:27	Name: __utmz Value: 1.1675959479.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
returnlearn.webs.com/	1970-01-20 09:32:40	Name: __utmt Value: 1
returnlearn.webs.com/	1970-01-20 09:32:41	Name: __utmb Value: 1.1.10.1675959479
.webs.com/	1970-01-20 09:32:41	Name: __cf_bm Value: fAlQlgtyZEJbVdbSPMUv5Nv8m1Vw8YVYLI4LCngYRmI-1675959478-0-AfmUW37LK1ovitwb2FENNnBnxffNeGtwZN7BVLWs6qc6buoJCKBj4hP19VpxllaJAcziFT6lD8dbs+XI4L+DRZOOjRvXTGHfYpXo37OCeK4/FujavEjoc/vq7d+p+yURgdfO4whxR6Htdpv2hdUHz9Y=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://returnlearn.webs.com/(Line 222) Message: Mixed Content: The page at 'https://returnlearn.webs.com/' was loaded over HTTPS, but requested an insecure element 'http://dynamic.websimages.com/s/themes/space/v1.14/images/bg_body.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://returnlearn.webs.com/(Line 222) Message: Mixed Content: The page at 'https://returnlearn.webs.com/' was loaded over HTTPS, but requested an insecure element 'http://returnlearn.webs.com/thumb-680x459-f.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
dynamic.websimages.com
fonts.googleapis.com
fonts.gstatic.com
invoice.returnlearn.com
mediaprocessor.websimages.com
members.webs.com
returnlearn.webs.com
ssl.google-analytics.com
static.websimages.com
stats.g.doubleclick.net
statscollector.digital.vistaprint.com
www.google.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
151.101.1.21
192.229.221.25
2606:4700::6811:7728
2606:4700::6812:d054
2a00:1450:4001:80b::200a
2a00:1450:4001:828::2008
2a00:1450:400d:803::2003
2a00:1450:400d:803::200a
2a00:1450:400d:808::2004
2a00:1450:400d:80a::2003
2a00:1450:4025:401::9d
35.190.26.117
44.196.135.123
004e0a670de793889d3b6e94f7366422accf40d0cf7e83acf9ddc019da103610
0213e2d63c9b6bf9f103e459305db036eaf07ce1cb02d741023464bc7ac77434
0224e87604e8df937d87a9b0e5daaaea17c651344ff53d94bbff0537d56a31d1
06db59bd7ff4765a57f1c77dacc373e4403ce63a156ce7eaa855feb70a40ea50
098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89
1040df0db4a518737f8d0c078b3a31058d9d0af27967a77245e4fd627f08cb54
110a2f46b22736a51903176d9947700e2e759ed662a4e127406741c98d273e3b
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
119d9b448f09d7747b0558a49038a0c4105bd407031d9207ffca7f2b1db677c5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
128c89070499938d3e361642fb21dfb3b5c8ac90fa1f787bc68153bb0873bde6
12b5c858e3714339bd30277437312918ecb556655b9265945ecfddd41b5dd0bf
19c9244c7c7a048b1a684f8da110c425597fede15b68b8bd83d9fc3209ac5855
1d7dfe2563e116e424aad1f863aa29431bc4e1baceeebc6550b8374ed5a806de
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
282fe77d6a15cb97eaf6ff7b9d5cd6d3ad5070394f4a2c72629fffac496657ab
28cd8f30cf49ca08170d17921fa06f3e773ae1bec2d861f225f2576aa5f5a826
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8417354ae2dacc2f0364f636f8463a9e28d054d49673cdaf8230678d8f88b6
323e937396ca48b07e70dff5ed5ecb491c15dcba895238fa49ad4261bda4f7e9
32aacb45db50a6c1c47bac023d907b625e400b873b8f2baff72dbcbee4f1da35
33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256
33fd76af7762a3a075fe1ff9deede7663d8eeb7da6ad98bed2b8b47e5a0b4a17
347d03e35db9b4131aecaa14d44248eced52c33138f6b4833ffa6c421755a9f5
34f9b241e99435f9aedf61a9cfa13507f614b3c5810bed331f1d214d92c48a68
3d0587f2d1e6447a253dce0855387c855f4ea8c06b709de1615e3667281d2e78
426be7295052c9469b0f6d723dbcc006b29de6ae452260304c4932facc4b9d0d
50d9ed56408b85a002848d7a2dc859abbb4c27272afcc687cd5a0f9e2302ae47
5180d19231ff2b3f4c0024713c9ababf65c5a7dc1b9116de1f894dde144d2ff1
589ba5922514887cd7b1fa8abf3bb03e4084a008f092fc6f7cab19c11f622723
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
63c0c76181ac4665cce8a77f97855d58cd2b3d4afb8bf7693b7c8bbfb1b02187
67797523bfe065fd2772ac162406abcdd091b962817654df5641960f96e89914
6820df27787e4a6afd1d540ffc72c8999012789c54419951bcdde7a369cb0862
6af86b090ebbb95a0739f873a8050d94afde96e15ae8197d33b1bd5d70924b6f
7046cfd2daa220402445f1b81a8deaaf55ddb8820f5a4028f0b5da044fb0003f
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
719dd9d08854f73d2ff4b8bd2516a8d9f247b28fea167d18db7e8a689257ed2c
7d68efc40cabf78c969ee83125a932d1ddb3f2a8d0067eee66220103c53590f5
7d70e8aec4b40571f1d4b627bca978b7d15e498fcc8a4d3265df3a57acd4e9fc
82b5d8155ab2e759cbf0a9d54ef3293bf224f507b01713cf138548f50f217c22
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88a32a20b2f2da5758838c9bc4bb519eb1668a5232863204b5f38af736d1858a
8f4dd185a5fbdfc0ead3301fd620f0ce3d9739823bfbc6d956697a1fac76d341
94b661217d5f0db6d54ac404325dc7c1b440ab278ee4f6521a5cecfeeec5fa77
9ea10c9e35ffe5145ef5a40896ce5e880be6a61d31de65eb7cc919120bfa3c09
a2195189a6d011ec4a13951b5019c9b204f65cf509b7ad0a2d4229366adcebcc
ab3087f7c59daafe5b7b8534bb616df73968c1dd1bfa5b2950d0b4bf03b9ef98
ae9b539a743fa1d8ad1d1f953f108de2fa55f1608af1ebf68f8dbc618748b082
af93b1e89daae65a55d019fc2b5c8677703d92fcf6c061107f184dad5a8f428a
afc96518bb6b23507ce576f3fe3f2afa9855c1d5caf6be649c2461a9b4272414
b3563084cba8f2e076f9aadf7d7db40822a24e38abab889038c8ea6e17dbb3dd
b429e34f37566057712653d200742ca6108840bdb11454f86eefae65958de088
b4ec91d61c2407b6ee8158b037d8e870d20178e2036ebb47c6c27f51c1609dfe
b660dc4910840f07a438d07617692d9dc67b136c6dfd949676d91d553ce2c3af
c144620e30f43f58676ba26a585a3754e4f67098099312604778916a60c10739
c16d8e0d2683bef52ec881e26ce9151e90002b7513bf1413e7039326ac402187
c1c8f61b1602029ff1a5d72b3dc52ba6494aa3d58567e1d716f9034ca1911ae1
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cf5680cedc7e1e477c00ba1fb10d4307a755e19acc964c991e3ef233151b5502
d0c7f05ee5ff781d8b0ed1c6315c81f6d7cfbae0a3a3990f9c1a126ce42ff990
d5cbc8204e4e3025245c817666fb5e378a798bda77a3503c84384d8a48c08fcd
d81b6a31ad97ba5f434bab06352bf5900273acabf852e1accfe3abe5b531048d
dae0a0dc094e9374bb84bc36f84d85284ff3caeb345f919861eae0ebf183aeaa
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59ef50a17b0014fb3f24c6542f40aecdeedf4f368eff42f9ca4096f2c0bbfe6
e5cadee877a193cdf1922f418014d3f298ae80eb56a5b61c7711d9fc3a8398df
edd3437a06b738ee51ad4dbbdefffd755a907d20fd959810f99a9dc73aa2b7a4
f2879297f548f85019ae5a31bc79f415d351c2b534e9b6e03132debf4ec43905
f2d4f90f5be019bdb3381f1a07cfe33ad07717029a78029522fb609767d8715b
f566f515ee1be2109870fef118d26ccc1406135e39c95f30fda41e5cf5989f48
fa4cac8e566eb9d001b4f5b30d2fd1cb402bfbfcf59ebdd49ba39bcb7ea95279
fb99d202906a2e32e436fdd560a6cec726f6f063daa345d808c5a8eefdf1e596

returnlearn.webs.com Open in urlscan Pro 2606:4700::6811:7728 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

96 %HTTPS

69 %IPv6

11 Domains

16 Subdomains

11 IPs

4 Countries

1128 kBTransfer

1772 kBSize

12 Cookies

24 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

returnlearn.webs.com Open in urlscan Pro
2606:4700::6811:7728 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

96 %
HTTPS

69 %
IPv6

11
Domains

16
Subdomains

11
IPs

4
Countries

1128 kB
Transfer

1772 kB
Size

12
Cookies

75 HTTP transactions
0 data transactions