www.rainbowpush.org Open in urlscan Pro
2606:4700:7::a29f:8a2c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rainbowpush.org/
Effective URL:
https://www.rainbowpush.org/
Submission: On September 22 via api (September 22nd 2022, 5:28:22 pm UTC) from US — Scanned from DE

Summary HTTP 87 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 21 domains to perform 87 HTTP transactions. The main IP is 2606:4700:7::a29f:8a2c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rainbowpush.org.
TLS certificate: Issued by Cloudflare Inc RSA CA-2 on January 22nd 2022. Valid for: a year.

This is the only time www.rainbowpush.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::6815:1527	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:7::... 2606:4700:7::a29f:8a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
34	2606:4700:7::... 2606:4700:7::a29f:802d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223e:2000:6:9a19:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.66.15.92 18.66.15.92	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 2	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.89.50 104.16.89.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.225.77.75 44.225.77.75	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
2	18.64.103.30 18.64.103.30	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:805::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
87	28

1 2606:4700:3032::6815:1527 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rainbowpush.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:7::a29f:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)

www.rainbowpush.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700:7::a29f:802d (United States)

ASN13335 (CLOUDFLARENET, US)

rainbowpush.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:2000:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.15.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-92.vie50.r.cloudfront.net

d3n8a8pro7vhmx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2008 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.89.50 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.embedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.225.77.75 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-77-75.us-west-2.compute.amazonaws.com

0e623270-5d14-46ae-88e9-c8e3419df43d.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.64.103.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-30.txl50.r.cloudfront.net

capture-api.reachlocalservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2006 (Ireland)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:805::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	nationbuilder.com rainbowpush.nationbuilder.com assets.nationbuilder.com — Cisco Umbrella Rank: 75150	6 MB
12	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	851 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 ajax.googleapis.com — Cisco Umbrella Rank: 293 jnn-pa.googleapis.com — Cisco Umbrella Rank: 273	38 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 340	2 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	77 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 392	8 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 714 syndication.twitter.com — Cisco Umbrella Rank: 995	133 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1027 cloudflareinsights.com — Cisco Umbrella Rank: 1016	5 KB
3	rainbowpush.org 1 redirects rainbowpush.org www.rainbowpush.org	12 KB
2	reachlocalservices.com capture-api.reachlocalservices.com — Cisco Umbrella Rank: 15472	554 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	88 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 290	17 KB
2	cloudfront.net d3n8a8pro7vhmx.cloudfront.net	29 KB
2	rlets.com cdn.rlets.com — Cisco Umbrella Rank: 12781 0e623270-5d14-46ae-88e9-c8e3419df43d.rlets.com	50 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 117	42 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 232	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113
1	google.de www.google.de — Cisco Umbrella Rank: 6352	501 B
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 2942	71 KB
1	embedly.com cdn.embedly.com — Cisco Umbrella Rank: 10067 Failed	99 KB
87	21

	Domain	Requested by
24	assets.nationbuilder.com	www.rainbowpush.org
12	www.youtube.com	cdn.embedly.com www.youtube.com
10	rainbowpush.nationbuilder.com	www.rainbowpush.org
4	jnn-pa.googleapis.com	www.youtube.com
4	cdn.jsdelivr.net	www.rainbowpush.org cdn.jsdelivr.net
2	cloudflareinsights.com	static.cloudflareinsights.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	capture-api.reachlocalservices.com	cdn.rlets.com
2	www.google.com	1 redirects www.youtube.com
2	connect.facebook.net	www.rainbowpush.org connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	ssl.google-analytics.com	1 redirects www.rainbowpush.org
2	platform.twitter.com	www.rainbowpush.org platform.twitter.com
2	d3n8a8pro7vhmx.cloudfront.net	www.rainbowpush.org rainbowpush.nationbuilder.com
2	www.rainbowpush.org	www.rainbowpush.org
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	syndication.twitter.com	platform.twitter.com
1	www.facebook.com	connect.facebook.net
1	www.google.de	www.rainbowpush.org
1	stats.g.doubleclick.net	1 redirects
1	0e623270-5d14-46ae-88e9-c8e3419df43d.rlets.com	cdn.rlets.com
1	netdna.bootstrapcdn.com	rainbowpush.nationbuilder.com
1	cdn.embedly.com	www.rainbowpush.org assets.nationbuilder.com
1	static.cloudflareinsights.com	www.rainbowpush.org
1	cdn.rlets.com	www.rainbowpush.org
1	ajax.googleapis.com	www.rainbowpush.org
1	fonts.googleapis.com	www.rainbowpush.org
1	rainbowpush.org	1 redirects
87	31

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.diversityinc.com
www.iheartmedia.com
accessatt.solixcs.com
www.fcagroup.com
maps.google.com
nationbuilder.com
www.nationdigital.io

Subject Issuer	Validity	Valid
www.rainbowpush.org Cloudflare Inc RSA CA-2	`2022-01-22` - `2023-01-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
nationbuilder.com Cloudflare Inc ECC CA-3	`2021-12-05` - `2022-12-04`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-15` - `2023-02-14`	a year	crt.sh
*.rlets.com Amazon	`2021-12-30` - `2023-01-28`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-02` - `2022-09-30`	3 months	crt.sh
*.embedly.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-09` - `2022-10-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.reachlocalservices.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.rainbowpush.org/
Frame ID: 46EA88524619E3EF76E403C969721C53
Requests: 56 HTTP requests in this frame

Frame: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2F6G4l4kVBjU4%3Fwmode%3Dtransparent%26feature%3Doembed&wmode=transparent&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D6G4l4kVBjU4&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2F6G4l4kVBjU4%2Fhqdefault.jpg&key=e23856ccc1f011e0b5e44040d3dc5c07&type=text%2Fhtml&schema=youtube
Frame ID: E47167E7DFE75B4F7D01AD7BFAD31857
Requests: 1 HTTP requests in this frame

Frame: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2F6G4l4kVBjU4%3Fwmode%3Dtransparent%26feature%3Doembed&wmode=transparent&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D6G4l4kVBjU4&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2F6G4l4kVBjU4%2Fhqdefault.jpg&key=e23856ccc1f011e0b5e44040d3dc5c07&type=text%2Fhtml&schema=youtube
Frame ID: E06213FD16F571054256DB49533ED87B
Requests: 3 HTTP requests in this frame

Frame: https://0e623270-5d14-46ae-88e9-c8e3419df43d.rlets.com/static/storage.html
Frame ID: 1346C52046AE37021493BADEC8828307
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.rainbowpush.org
Frame ID: 91FC85AB00D016C50AEFD85DCA5613A5
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/6G4l4kVBjU4?wmode=transparent&widget_referrer=https%3A%2F%2Fwww.rainbowpush.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Frame ID: A1C0067FB3E4F192908EE7FE8799D71B
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page URL History Show full URLs

http://rainbowpush.org/ HTTP 301
https://www.rainbowpush.org/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

87
Requests

97 %
HTTPS

83 %
IPv6

21
Domains

31
Subdomains

28
IPs

5
Countries

7447 kB
Transfer

12892 kB
Size

9
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/306935452727673

Search URL Search Domain Scan URL

URL: https://twitter.com/RPCoalition

Search URL Search Domain Scan URL

URL: https://www.diversityinc.com/about-us/

Search URL Search Domain Scan URL

URL: https://www.iheartmedia.com/

Search URL Search Domain Scan URL

URL: https://accessatt.solixcs.com/#/home

Search URL Search Domain Scan URL

URL: https://www.fcagroup.com/en-US/Pages/home.aspx

Search URL Search Domain Scan URL

URL: https://maps.google.com/maps?q=930%20E%2050th%20St,%20Chicago,%20IL%2060615,%20United%20States
Title: 930 E 50th St, Chicago, IL 60615, United States

Search URL Search Domain Scan URL

URL: https://nationbuilder.com/
Title: NationBuilder

Search URL Search Domain Scan URL

URL: https://www.nationdigital.io/
Title: Nation Digital

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https://www.rainbowpush.org/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.rainbowpush.org/&text=Home&via=RPCoalition

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rainbowpush.org/ HTTP 301
https://www.rainbowpush.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1035561958&utmhn=www.rainbowpush.org&utme=8(Page%20type)9(Basic)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home&utmhid=1394997944&utmr=-&utmp=%2F&utmht=1663867693758&utmac=UA-99011549-1&utmcc=__utma%3D1.1644245094.1663867694.1663867694.1663867694.1%3B%2B__utmz%3D1.1663867694.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=498511424&utmredir=1&utmu=qxQAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-99011549-1&cid=1644245094.1663867694&jid=498511424&_v=5.7.2&z=1035561958 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-99011549-1&cid=1644245094.1663867694&jid=498511424&_v=5.7.2&z=1035561958 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-99011549-1&cid=1644245094.1663867694&jid=498511424&_v=5.7.2&z=1035561958&slf_rd=1&random=2848317668

Request Chain 68

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

87 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.rainbowpush.org/
Redirect Chain

http://rainbowpush.org/
https://www.rainbowpush.org/

46 KB
10 KB

678ms
411ms

Document
text/html

2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ad7a8d629b540b7864d55097a0271e6d61b211e7538959f590f490d5300534a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors rainbowpush.nationbuilder.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-request-method: GET, POST, PUT, DELETE
age: 13
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74ecc171781f996c-FRA
content-encoding: br
content-security-policy: frame-ancestors rainbowpush.nationbuilder.com
content-type: text/html; charset=utf-8
date: Thu, 22 Sep 2022 17:28:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
server: cloudflare
status: 200 OK
vary: Accept-Encoding
x-content-digest: b205cdbd401b35295bbbbd0a958a248f168768c4
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-middleware-start: t=1663867692079252
x-nb-cached-page: yes
x-rack-cache: fresh
x-request-id: 895914cd-7ee9-434f-a343-5a0b1465c2ba
x-runtime: 0.830236
x-served-by: app14

Redirect headers

CF-RAY: 74ecc16f8d7ebbe9-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 22 Sep 2022 17:28:11 GMT
Expires: Thu, 22 Sep 2022 18:28:11 GMT
Location: https://www.rainbowpush.org/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMG1po3Ci3dOCovsMEIcP7FRTlldhBQ69TMIfIlQt%2FSp0u4%2BT%2FwaLzgK%2BElqRpMJksNMTvS5PazKCWyXkTUnOHraDiBYaE4LK1%2BYaLi5Un7Xmkba%2BePIXfIgDsBwiO3il29GLN6Wy1w45lkvlMo%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 150ms
65ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 16:28:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Sep 2022 17:28:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Sep 2022 17:28:12 GMT

GET
H2 200 remodal.css
rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/ 2 KB
805 B 555ms
437ms Stylesheet
text/css 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/remodal.css

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b986cc934432b19f05b4a2f0d0f5fbeb96cf698b545465df15cf53c35ecd196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200 OK
x-middleware-start: t=1663867692637397
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 37cf00b7-119a-4783-8478-dd99baa41d31
x-served-by: app10
x-runtime: 0.083857
x-content-digest: 7aa55d8a847522fdac2d63c5649f7b6c15d6a22d
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"6b986cc934432b19f05b4a2f0d0f5fbe-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 74ecc174c9dd9067-FRA
x-rack-cache: fresh
expires: Fri, 22 Sep 2023 23:17:24 GMT

GET
H2 200 remodal-default-theme.css
rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/ 5 KB
1 KB 546ms
429ms Stylesheet
text/css 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/remodal-default-theme.css

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

370c49c5ba241c54b36196c644394dd9f91554a875ab4dbfae6549ca7088dee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200 OK
x-middleware-start: t=1663867692634009
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: ab29ba7b-b234-4858-a94f-d2b94c999f60
x-served-by: app13
x-runtime: 0.132631
x-content-digest: e3c0078d4e589886ee89b263c992c37d98b2ee57
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"370c49c5ba241c54b36196c644394dd9-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 74ecc174d9df9067-FRA
x-rack-cache: fresh
expires: Fri, 22 Sep 2023 23:17:24 GMT

GET
H2 200 selectric.css
rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/ 4 KB
1 KB 532ms
415ms Stylesheet
text/css 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/selectric.css

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad2b369a9fad37f4d0c2bd23746d9c4b8be3cbba24baf781f25a853246875fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200 OK
x-middleware-start: t=1663867692617548
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 4863a343-207c-4333-9e46-2fce7e2de391
x-served-by: app12
x-runtime: 0.055632
x-content-digest: d64eae4547775fd767b48ff4ce53fb4cb0c64e81
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"ad2b369a9fad37f4d0c2bd23746d9c4b-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 74ecc174d9e19067-FRA
x-rack-cache: fresh
expires: Fri, 22 Sep 2023 23:17:24 GMT

GET
H2 200 magnific-popup.css
rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/ 7 KB
2 KB 548ms
431ms Stylesheet
text/css 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/magnific-popup.css

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a44e537eb0dfe0dfdb3a7ab134b25790c6f99e33436bf603e879598ec164a9fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200 OK
x-middleware-start: t=1663867692630468
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 3d6baf16-084d-4b50-95ce-160b29fc83a7
x-served-by: app12
x-runtime: 0.055297
x-content-digest: 4bc5c190369aa8724e02171cfac745b15a95b952
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"a44e537eb0dfe0dfdb3a7ab134b25790-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 74ecc174d9e29067-FRA
x-rack-cache: fresh
expires: Fri, 22 Sep 2023 23:17:24 GMT

GET
H2 200 slick.css
cdn.jsdelivr.net/jquery.slick/1.6.0/ 2 KB
665 B 125ms
41ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick.css

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 11716487
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 557
etag: W/"6c1-bp0TNCoRqM/Z5C7iQ+rq4BzaTiU"
x-served-by: cache-fra19127-FRA, cache-hhn4054-HHN
date: Thu, 22 Sep 2022 17:28:12 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 slick-theme.css
cdn.jsdelivr.net/jquery.slick/1.6.0/ 3 KB
1 KB 124ms
40ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick-theme.css

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 5674911
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 866
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
x-served-by: cache-fra19169-FRA, cache-hhn4054-HHN
date: Thu, 22 Sep 2022 17:28:12 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 theme.scss
rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/ 2 MB
166 KB 953ms
838ms Stylesheet
text/css 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/theme.scss

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b709765886f900bddeee79f8b324e02513cce78270aec88efbd568ed2cf4459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200 OK
x-middleware-start: t=1663867692629883
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: e38dcb55-ee2a-47aa-b6c7-856f46fb0ee7
x-served-by: app14
x-runtime: 17.730367
x-content-digest: eb467029ba8958bd0df4bcc086b094352fcd9bce
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"7b709765886f900bddeee79f8b324e02-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 74ecc174d9e39067-FRA
x-rack-cache: fresh
expires: Fri, 22 Sep 2023 23:17:24 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/ 30 KB
6 KB 125ms
38ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/jquery-ui.css

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 07:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5640
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 07:16:14 GMT

GET
H2 200 main-8c2eba07eac00048396ca2d93ee8c5910a71fab32d0d2ca58e306ee84c6227bf.js Show response
assets.nationbuilder.com/assets/liquid/ 336 KB
102 KB 183ms
66ms Script
application/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/main-8c2eba07eac00048396ca2d93ee8c5910a71fab32d0d2ca58e306ee84c6227bf.js
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c2eba07eac00048396ca2d93ee8c5910a71fab32d0d2ca58e306ee84c6227bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:12 GMT
via: 1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 18154274
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 14 Feb 2022 16:21:10 GMT
server: cloudflare
etag: W/"6b30f4636a39c0d52db9fec93e90cbcd"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=31557600
x-amz-cf-pop: DUS51-P2
cf-ray: 74ecc174ddbb9b40-FRA
x-amz-cf-id: AFnIPaDkoO4hcPccpEt2Lg_mtyuAZJkIIt9selOfyOo_v1DsfmH4kQ==
expires: Fri, 22 Sep 2023 23:28:12 GMT

GET
H2 200 jquery.ui.effect.min.js Show response
rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/ 13 KB
5 KB 545ms
430ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/jquery.ui.effect.min.js

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200 OK
x-middleware-start: t=1663867692634013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: f49240a4-ea02-40fb-9bc4-daa1b2528e5e
x-served-by: app11
x-runtime: 0.095247
x-content-digest: 1b3c129be8aafb7c1d1cc795870d3e25365fc2a9
server: cloudflare
etag: W/"5f3ca08629dbf4b97858143154de2a7b"
x-frame-options: ALLOWALL
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31556952
cf-ray: 74ecc174d9e49067-FRA
x-rack-cache: fresh
expires: Fri, 22 Sep 2023 23:17:24 GMT

GET
H2 200 jquery.ui.effect-slide.min.js Show response
rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/ 774 B
935 B 524ms
409ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/jquery.ui.effect-slide.min.js

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200 OK
x-middleware-start: t=1663867692616642
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 21eeee53-d5bb-4821-8b33-567d6c136a21
x-served-by: app14
x-runtime: 0.055201
x-content-digest: 2d0b4629f786724cb9ceba70e34ff5775fa16084
server: cloudflare
etag: W/"1c56ffc47b4761b0396058aa73916486"
x-frame-options: ALLOWALL
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31556952
cf-ray: 74ecc174d9e59067-FRA
x-rack-cache: fresh
expires: Fri, 22 Sep 2023 23:17:24 GMT

GET
H2 200 d1446ae88e9c8e3419df43d.js Show response
cdn.rlets.com/capture_configs/0e6/232/705/ 195 KB
48 KB 187ms
54ms Script
text/javascript 2600:9000:223e:2000:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rlets.com/capture_configs/0e6/232/705/d1446ae88e9c8e3419df43d.js

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:2000:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7b6aad0ae538ad0507d03d60a3dea15c9dae8fd1b1269593731cbb84004aa560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 15:41:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 6413
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: eb4d8cc8-1684-4544-9d68-a66557e4e7d3
x-runtime: 0.091212
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
etag: W/"7b6aad0ae538ad0507d03d60a3dea15c"
x-download-options: noopen
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
cache-control
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: ydOx6rWvJPS80hP-92EYwHKVKUI2Loz5Rfp9kipVTLk09ytGsnhinA==

GET
H3 200 rainbow-push-coalition-logo_0.png
assets.nationbuilder.com/rainbowpush/sites/2/meta_images/original/ 22 KB
23 KB 103ms
102ms Image
image/png 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/sites/2/meta_images/original/rainbow-push-coalition-logo_0.png?1602744455
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db3d79f3ac1178f00b5f1c66858c99b69b25f4073f19eccdedc77fd891eb3654

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23005
last-modified: Thu, 15 Oct 2020 06:47:36 GMT
server: cloudflare
etag: "2e25e9c47418544513ef36b398e0aec8"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17bb8cc5bf9-FRA
x-amz-cf-id: 7Wg1dkXsVcxlow6aK42xgjBMjzIY7Tnz7Lcutv3yod6D7zO2n0UxTA==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H2 200 rainbow-push-white.png
d3n8a8pro7vhmx.cloudfront.net/rainbowpush/pages/61/attachments/original/1602976731/ 27 KB
27 KB 192ms
64ms Image
image/png 18.66.15.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3n8a8pro7vhmx.cloudfront.net/rainbowpush/pages/61/attachments/original/1602976731/rainbow-push-white.png?1602976731
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-92.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d63e87fe01ec1496983e6c9d8ad7843bf0a93cf9adddec2cb7bdf3de62e7b66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 ac02b9a9a93754a9f85004c4c9792fee.cloudfront.net (CloudFront)
etag: "1fb6757e861a92ccf3060694e78197c5"
last-modified: Sat, 17 Oct 2020 23:18:52 GMT
server: AmazonS3
age: 10134
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
date: Thu, 22 Sep 2022 14:39:20 GMT
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
content-length: 27387
x-amz-cf-id: e31OBGABG5wXgCQmd7saZGZL_KSldluB5OZIrPkJMjCZfXGsdTriRA==

GET
H2 200 email-decode.min.js Show response
www.rainbowpush.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
817 B 59ms
58ms Script
application/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rainbowpush.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Sep 2022 14:16:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6329cb53-4d7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 74ecc1778a87996c-FRA
expires: Sat, 24 Sep 2022 17:28:12 GMT

GET
H3 200 liquid-afd4cb8734a76f96f5097a424ed61c3c3354d9f9472cc52b6d1513ee749d49ec.js Show response
assets.nationbuilder.com/assets/ 77 KB
30 KB 132ms
74ms Script
application/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid-afd4cb8734a76f96f5097a424ed61c3c3354d9f9472cc52b6d1513ee749d49ec.js
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afd4cb8734a76f96f5097a424ed61c3c3354d9f9472cc52b6d1513ee749d49ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:12 GMT
via: 1.1 5ea5681c91ed88c9c3af7fc72fa26702.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 12125081
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Apr 2022 15:29:08 GMT
server: cloudflare
etag: W/"909a1715626f3a3a70f397976485caca"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=31557600
x-amz-cf-pop: TXL50-P4
cf-ray: 74ecc1785add5bf9-FRA
x-amz-cf-id: eBh9Fv53zbnNnW8iMOLZMTry_Q0oo4B5Fld0PO0flfv7TTYc7QYj0Q==
expires: Fri, 22 Sep 2023 23:28:12 GMT

GET
H3 200 bootstrap.js Show response
rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/ 65 KB
14 KB 112ms
64ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/bootstrap.js

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc4a90e5c0f890d1f8668b26236db8f1d35448714f9812270008613d7b0ad0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 73372
status: 200 OK
x-middleware-start: t=1663794321841071
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 0f475f4b-ce03-4b1d-bbf9-0f2f32ef7ab9
x-served-by: app12
x-runtime: 0.172702
x-content-digest: 56444859edd76300f8d6e734de0ba8af21539070
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"bc4a90e5c0f890d1f8668b26236db8f1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 74ecc1798eb55c32-FRA
x-rack-cache: fresh
expires: Fri, 22 Sep 2023 23:17:25 GMT

GET
H3 200 _nm-scripts.js Show response
rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/ 94 KB
26 KB 74ms
74ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/_nm-scripts.js

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e0d0c7068297c98819e2311c466299bd6ffccdf7f96590385a23c3ca701627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 73371
status: 200 OK
x-middleware-start: t=1663794322437056
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: ce40ad6b-1024-4e43-b7e8-dea38f98da04
x-served-by: app14
x-runtime: 0.106448
x-content-digest: 23724fa9072c5cf58b06370fd6cf8dd1eca28012
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"76e0d0c7068297c98819e2311c466299"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 74ecc17a28195c32-FRA
x-rack-cache: fresh
expires: Fri, 22 Sep 2023 23:17:25 GMT

GET
H3 200 remodal.min.js Show response
rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/ 8 KB
3 KB 83ms
83ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/remodal.min.js

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21ea2a0ec1a9c48686c58d481b308e247fa9f747d2208099ce598ef823e555c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 73371
status: 200 OK
x-middleware-start: t=1663794322666487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: 97211efd-9464-4c5c-a4a9-4aeb633798a6
x-served-by: app14
x-runtime: 0.076065
x-content-digest: 84ce6b3f9b2de38a68253c6b8fdee77273b00962
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"c21ea2a0ec1a9c48686c58d481b308e2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 74ecc17aea2d5c32-FRA
x-rack-cache: fresh
expires: Fri, 22 Sep 2023 23:17:25 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 14 KB
5 KB 205ms
98ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 74ecc17c6e04902e-FRA

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 249ms
59ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 17:28:13 GMT
Content-Encoding: gzip
Age: 297
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29220
x-tw-cdn: VZ
Last-Modified: Wed, 31 Aug 2022 20:41:50 GMT
Server: ECS (frb/6711)
Etag: "f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 245ms
79ms Script
text/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4407
date: Thu, 22 Sep 2022 16:14:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 22 Sep 2022 18:14:46 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 144ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rainbowpush.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 254259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 18:50:34 GMT

GET media.html
cdn.embedly.com/widgets/ Frame E471 0
0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 130ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de014d1f86a764310472f8c63e785f3e87cca41164015ce554a6c22ddcf1b5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: OJ2Akd4uwC/pmLQ187wTJA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: puA9D0aXI/qSCOQjGOzgXzgOH0JDGb1k57BCZFV1H2WEPtJu83GUEIGFl5+V7HSbHbHRq5WO9J6Kwy9sEzgfog==
x-fb-trip-id: 917726464
x-fb-content-md5: 81b687b5c43f01ad8527bc897121e7e8
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Sep 2022 17:28:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c09dea8f5eec2bfe89eff21a46ea8c9d"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 22 Sep 2022 17:40:04 GMT

GET
H2 200 cd-arrow.svg
d3n8a8pro7vhmx.cloudfront.net/themes/5f4fef024764e8a79ed5424b/attachments/original/1484575955/ 1 KB
1 KB 590ms
486ms Image
image/svg+xml 18.66.15.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3n8a8pro7vhmx.cloudfront.net/themes/5f4fef024764e8a79ed5424b/attachments/original/1484575955/cd-arrow.svg?1484575955
Requested by: Host: rainbowpush.nationbuilder.com
URL: https://rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/theme.scss
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-92.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53ba6e49ea8e838495e817f4a8f410a426f8083bfe560ea623823985b1a005cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rainbowpush.nationbuilder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 22 Sep 2022 17:28:14 GMT
via: 1.1 ac02b9a9a93754a9f85004c4c9792fee.cloudfront.net (CloudFront)
last-modified: Wed, 02 Sep 2020 19:20:09 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
etag: "e4f3e937b8ec432626789fbea7a06a6f"
x-cache: Miss from cloudfront
x-amz-version-id: null
accept-ranges: bytes
content-type: image/svg+xml
content-length: 1037
x-amz-cf-id: iFByPPpOeJ1o4fHPK4Tz2TQpvB4Cfcn9EZCIeMfGbvfpjERjjETMzQ==

GET
H3 200 red_CVSweb.jpg
assets.nationbuilder.com/rainbowpush/pages/61/features/original/ 751 KB
751 KB 525ms
523ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/61/features/original/red_CVSweb.jpg?1657749192
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 304e16ffe23e4f77f64561f8d2994feabfcd336cb44e7918afacc6be962346d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 768584
last-modified: Wed, 13 Jul 2022 21:53:14 GMT
server: cloudflare
etag: "918bf373356791863d74164b91468f18"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17bd9045bf9-FRA
x-amz-cf-id: wiLG7JzS7FAnCOJK5uUdTk-6dZn3Y73p7jk8MZuPqDGVQnrkd5t5ow==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 creatingopportunityconference0_%281%29.jpg
assets.nationbuilder.com/rainbowpush/pages/61/features/original/ 501 KB
502 KB 168ms
155ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/61/features/original/creatingopportunityconference0_%281%29.jpg?1661905571
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 394146fc3d3a719d7604bc12a6e7f756c3c2e3be59bdb4d3b74baafa5032d988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 513438
last-modified: Wed, 31 Aug 2022 00:26:12 GMT
server: cloudflare
etag: "f3b1eba167a745475f39d66377662ab4"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17be91b5bf9-FRA
x-amz-cf-id: ww8Ap5o_OfVSA2KsVWNVPDQ9ZwpS2L9WFaVKNr4z3j2iUZtNdE_cTA==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 Get_Involved2.jpg
assets.nationbuilder.com/rainbowpush/pages/61/features/original/ 332 KB
333 KB 632ms
615ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/61/features/original/Get_Involved2.jpg?1614028043
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0726b737b76c65f63f98f3f85d4b8354475cd32ce68b3dcf5342ff585ac0cb23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 340102
last-modified: Mon, 22 Feb 2021 21:07:25 GMT
server: cloudflare
etag: "6ec4ade740e42458e22d6d73528861da"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c09395bf9-FRA
x-amz-cf-id: x_y-ugtHKVNEeY9MYyRtczIOwz5UQ2-lIv6kgIDtnMdFDZDAMWjPtA==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 book1.jpg
assets.nationbuilder.com/rainbowpush/pages/61/features/original/ 283 KB
283 KB 691ms
674ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/61/features/original/book1.jpg?1603220887
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62148f942fc73c1cb25d16b14a63d1641fb770d01c817c9bdf776d6602a4c615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 289810
last-modified: Tue, 20 Oct 2020 19:08:09 GMT
server: cloudflare
etag: "dceb0c7d3c589a99df71cbc7d1d2690f"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c093a5bf9-FRA
x-amz-cf-id: 1Cj0uRQpky90Lv-cTm2kJXaUXiCW2bHgyaNJ0sej56JReUmfdtXAoQ==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 civil1.jpg
assets.nationbuilder.com/rainbowpush/pages/61/features/original/ 404 KB
405 KB 352ms
336ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/61/features/original/civil1.jpg?1603207989
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 348da1cbbc175da699be746c4e1ce3c53e4d9a6ea280bbd67348097a438ecfb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 413677
last-modified: Tue, 20 Oct 2020 15:33:11 GMT
server: cloudflare
etag: "b7905332cb720d680f6d4dd75e341e40"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c093c5bf9-FRA
x-amz-cf-id: JqapPojKrUv8cndh-kLHROkk3197WHmB9bzcqcy2TlzAQlFnfGcGNQ==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 EduNew.jpg
assets.nationbuilder.com/rainbowpush/pages/61/features/original/ 358 KB
359 KB 752ms
735ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/61/features/original/EduNew.jpg?1603203810
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 526af19e2b2f599951e9306525347b080d3a6d21696e3204c09cc009541c9b34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 98bb66c97d4f153aac116d087b36dc40.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 366854
last-modified: Tue, 20 Oct 2020 14:23:32 GMT
server: cloudflare
etag: "1627c7ea1879f8778591a2c148aa4f3d"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c09415bf9-FRA
x-amz-cf-id: -dTXMxma1mZ2XTr1VhmzoM5XZNDhmgPE8FZXnhkKExPyr1WeEKoyZw==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 Small_B_head5n.jpg
assets.nationbuilder.com/rainbowpush/pages/61/features/original/ 425 KB
426 KB 537ms
520ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/61/features/original/Small_B_head5n.jpg?1603242859
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e113152c16b620ed896e137524a0dac4b288785a30901e6ee93575409e69053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 435259
last-modified: Wed, 21 Oct 2020 01:14:21 GMT
server: cloudflare
etag: "780b2bada581365756ef0dd9528d85d2"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c09425bf9-FRA
x-amz-cf-id: 8Sx2zHFhI6DdCr4VSNwP8CWSP0BAO31KnldMfJXTxM-84lYM_pTHgQ==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 cef.jpg
assets.nationbuilder.com/rainbowpush/pages/72/features/original/ 170 KB
170 KB 831ms
814ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/72/features/original/cef.jpg?1613510000
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b5c633505036c483e497b9602034865d20f057ec508e361669e0f4b8372c825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:14 GMT
via: 1.1 b2e1326b370630a6e99a66735129eb18.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: MRS52-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 173955
last-modified: Tue, 16 Feb 2021 21:13:21 GMT
server: cloudflare
etag: "745a313d1e1f4649ec94581febc1019e"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c09435bf9-FRA
x-amz-cf-id: jyRjkr-lYnPcej9kftmikX3jQHMeyaZ91QDSSg5ch2ecAjVkM53-NA==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 JJhome.jpg
assets.nationbuilder.com/rainbowpush/pages/72/features/original/ 35 KB
36 KB 388ms
372ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/72/features/original/JJhome.jpg?1603242680
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e999044901ad021f59ca62eff7c7bd0000abccc3e40e0743cd6a38dc7f13c646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36209
last-modified: Wed, 21 Oct 2020 01:11:22 GMT
server: cloudflare
etag: "49d449bf9d310856885e574dbacbf5c6"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c09445bf9-FRA
x-amz-cf-id: DDj3N-G7Z-OI_r_cHlbcDBms2pDce0g1nDdte97UhcPJ5aeZBeM4UA==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 peicon.jpg
assets.nationbuilder.com/rainbowpush/pages/72/features/original/ 202 KB
203 KB 493ms
477ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/72/features/original/peicon.jpg?1613506785
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4037f33e31b02905fe72043b861eb58dee8bfcc0411e5c483912c6bf248d15a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 207254
last-modified: Tue, 16 Feb 2021 20:19:47 GMT
server: cloudflare
etag: "23c2a2ae1774494cf1885db6d8417a1e"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c09465bf9-FRA
x-amz-cf-id: qEiQZlMn2e-9Bq-cX3SYkjyXY86iwExvH4Ua6O_Zft6EeB4iJzxuKw==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 bday22b.jpg
assets.nationbuilder.com/rainbowpush/pages/626/features/original/ 73 KB
73 KB 123ms
106ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/626/features/original/bday22b.jpg?1663856476
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fff029ba00017f1808f5b0d0bf8cbbbf8d02dff335ac30632412131c77a7d4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6899
x-amz-server-side-encryption: AES256
cf-ray: 74ecc17c09475bf9-FRA
x-cache: Miss from cloudfront
last-modified: Thu, 22 Sep 2022 14:21:18 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74550
cf-bgj: h2pri
server: cloudflare
etag: "3ee0167f0cf2930588430ac10899c09c"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: Ktv9dOI7VJn7-y6rP0KAqZL7P8CV9AqIl2Obs28nBsgMrdiLv3qnrQ==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 creating_opportunity2.jpg
assets.nationbuilder.com/rainbowpush/pages/595/features/original/ 329 KB
330 KB 855ms
837ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/595/features/original/creating_opportunity2.jpg?1656536638
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4944c0091a0d0f154ce31361b3896f76423dae43b0abb28d3308dc4ccc0b429c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 337157
last-modified: Wed, 29 Jun 2022 21:04:00 GMT
server: cloudflare
etag: "aa61fd466743772bd7256e56d35cec0f"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c09495bf9-FRA
x-amz-cf-id: Q37zDwLXC9W9-QQA26JzWCv19S_X_dctJc7ygzKba-6txhVsBofixg==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 ATL_KHAGALA22v2.jpg
assets.nationbuilder.com/rainbowpush/pages/607/features/original/ 126 KB
127 KB 882ms
867ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/607/features/original/ATL_KHAGALA22v2.jpg?1661953311
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94b8d4361aa901756fbb299de4bcf2b81491d32bcf58105f5db0e093edcdc41c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 129193
last-modified: Wed, 31 Aug 2022 13:41:52 GMT
server: cloudflare
etag: "516b49bdd6e7633cbf65db11c2e64310"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c094a5bf9-FRA
x-amz-cf-id: 320GZa2W52dLaLdizci5TNVcbIMvAV-BPwaF3XkatwtJ1rX7lUCusg==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 Gas_22.jpg
assets.nationbuilder.com/rainbowpush/pages/581/features/original/ 814 KB
814 KB 893ms
877ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/581/features/original/Gas_22.jpg?1660842207
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93eb624c3a2be00e65cec0015c5f01af35955fe120f3fc59b7b8d985d0b8ea41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
cf-ray: 74ecc17c094b5bf9-FRA
x-cache: Hit from cloudfront
last-modified: Thu, 18 Aug 2022 17:03:28 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 833235
cf-bgj: h2pri
server: cloudflare
etag: "84577f4e1a0ed86407d063f897274066"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: q6N38O69HsSnMktqAimNTxT-eisu6UX8pI0-my13RxipL6MTBNTeew==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 0d653847-a0b3-4043-a6f3-2b8666750568--weekly_commentary.jpg
assets.nationbuilder.com/rainbowpush/pages/604/features/original/ 182 KB
182 KB 1079ms
1064ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/604/features/original/0d653847-a0b3-4043-a6f3-2b8666750568--weekly_commentary.jpg?1658412625
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7253fe13bef88a4084330d8adaa7f0be90d7b547707939882a8767dd952f27fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 186377
last-modified: Thu, 21 Jul 2022 14:10:29 GMT
server: cloudflare
etag: "42f43c4b59362bd47a195395407b04cb"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c094c5bf9-FRA
x-amz-cf-id: 4zxuKgaebOs1VEz6PDmZ_w-Y6eEmgBTvcjwcxli50jPDH4KdNJbAcg==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 weekly_commentary.jpg
assets.nationbuilder.com/rainbowpush/pages/584/features/original/ 182 KB
182 KB 391ms
376ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/584/features/original/weekly_commentary.jpg?1656009499
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7253fe13bef88a4084330d8adaa7f0be90d7b547707939882a8767dd952f27fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 186377
last-modified: Thu, 23 Jun 2022 18:38:20 GMT
server: cloudflare
etag: "42f43c4b59362bd47a195395407b04cb"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c094d5bf9-FRA
x-amz-cf-id: 0Zh6qikoORD5NZy8stQPmfCtg4iH5F1Uiu4uRKgXwwB0fJkavJYZHg==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 weekly_commentary.jpg
assets.nationbuilder.com/rainbowpush/pages/583/features/original/ 182 KB
182 KB 1141ms
1126ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/583/features/original/weekly_commentary.jpg?1656009460
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7253fe13bef88a4084330d8adaa7f0be90d7b547707939882a8767dd952f27fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 186377
last-modified: Thu, 23 Jun 2022 18:37:42 GMT
server: cloudflare
etag: "42f43c4b59362bd47a195395407b04cb"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c094f5bf9-FRA
x-amz-cf-id: boJGy43iKFExXmXaNy7L8fQaWV302aQ04rHc9uvalpWku_0ec_ym4Q==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 diversityinc_bw.jpg
assets.nationbuilder.com/rainbowpush/pages/74/features/original/ 48 KB
48 KB 1200ms
1185ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/74/features/original/diversityinc_bw.jpg?1602873220
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd318ae92d886945bd62b80969f8d2cbeedc1f6b4537fdc7f97928915db7b0ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48756
last-modified: Fri, 16 Oct 2020 18:33:41 GMT
server: cloudflare
etag: "cd8492c31f1b2eb56f71381b0c8389bc"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c09505bf9-FRA
x-amz-cf-id: iFTs-tgjobSRJJUgVGRHijded_TLhuXiBcfjfljJ87l1bAxpKhJV4Q==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 iheart_bw.jpg
assets.nationbuilder.com/rainbowpush/pages/74/features/original/ 40 KB
40 KB 1205ms
1191ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/74/features/original/iheart_bw.jpg?1602873282
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c816bb24897b345e9ea0db72888b05864cbe7ddb05425b9a66a71ce07ad65a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40900
last-modified: Fri, 16 Oct 2020 18:34:43 GMT
server: cloudflare
etag: "9628f4b9dd1b1ddf1755d40b83ade987"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c09525bf9-FRA
x-amz-cf-id: 8JHGIm1lCsOJgY2nklg3lL-n-ZUs5wlhnaWFK7m7g3xKSEuEd9lpbQ==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 access_att_bw.jpg
assets.nationbuilder.com/rainbowpush/pages/74/features/original/ 58 KB
59 KB 1211ms
1196ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/74/features/original/access_att_bw.jpg?1602873179
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 747ddfa00135f7b3c7c02093de81d97e7748e96869eac91a03808f56a2ea44a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59861
last-modified: Fri, 16 Oct 2020 18:33:00 GMT
server: cloudflare
etag: "d3e4faccf8ca78a8b4ff9bb851fa30b2"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c09555bf9-FRA
x-amz-cf-id: TVtCllHQy8A1u8e582uAxCCmdfBhndJmVvrs4wP6ILBqQS0GrNfYkQ==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H3 200 FCA_logo_bw.jpg
assets.nationbuilder.com/rainbowpush/pages/74/features/original/ 29 KB
29 KB 394ms
380ms Image
image/jpeg 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/rainbowpush/pages/74/features/original/FCA_logo_bw.jpg?1602873252
Requested by: Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9809307b948c7856b73a566bea89b0d4927ec541a5655f8a9df8dc44ca3fcd36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29482
last-modified: Fri, 16 Oct 2020 18:34:13 GMT
server: cloudflare
etag: "a6d7bba99d91bafa3d751a41c460dc30"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 74ecc17c09575bf9-FRA
x-amz-cf-id: WeFK85zwPSJ0eLurar4-tlIsBkLeEuGkZKliOmRvU-m3rGMIVQEtzA==
expires: Thu, 22 Sep 2022 21:28:13 GMT

GET
H2 200 fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 70 KB
71 KB 210ms
78ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: rainbowpush.nationbuilder.com
URL: https://rainbowpush.nationbuilder.com/themes/2/5f90bc7b4764e8db52fb126e/0/attachments/16033212011659036127/default/theme.scss

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rainbowpush.nationbuilder.com/
Origin: https://www.rainbowpush.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632
age: 73371
cdn-proxyver: 1.02
cdn-cachedat: 08/20/2022 02:31:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 204f70299e8e173e730599b7f37e0b71
accept-ranges: bytes
cf-ray: 74ecc17cb8909b9a-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK media.html Show response
cdn.embedly.com/widgets/ Frame E062 394 KB
99 KB 103ms
83ms Document
text/html 104.16.89.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2F6G4l4kVBjU4%3Fwmode%3Dtransparent%26feature%3Doembed&wmode=transparent&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D6G4l4kVBjU4&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2F6G4l4kVBjU4%2Fhqdefault.jpg&key=e23856ccc1f011e0b5e44040d3dc5c07&type=text%2Fhtml&schema=youtube
Requested by: Host: assets.nationbuilder.com
URL: https://assets.nationbuilder.com/assets/liquid/main-8c2eba07eac00048396ca2d93ee8c5910a71fab32d0d2ca58e306ee84c6227bf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4286c5f3881ad1f1a440ec2f5edc94e9021e0b10ecf17993d988e7c7166dec23

Request headers

Referer: https://www.rainbowpush.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: HIT
CF-RAY: 74ecc17cbc1c5b92-FRA
Cache-Control: public, max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 22 Sep 2022 17:28:13 GMT
Expires: Thu, 22 Sep 2022 17:33:13 GMT
Last-Modified: Wed, 02 Jun 2021 21:18:28 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: nWjm+H+6BRgrcEqNa2HLZJMf30112TnCh3Zos8LjGuSK7Hur/aYZOgpwWzymSp5+NWv09x20Cqo=
x-amz-request-id: 6K0G2FWYZ1MKYBG3
x-amz-version-id: w1xN9xNAF5jJWTgJLGIXbs0MDYiJ8DLb

GET
H3 200 slick.woff
cdn.jsdelivr.net/jquery.slick/1.6.0/fonts/ 1 KB
2 KB 145ms
44ms Font
font/woff 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.6.0/fonts/slick.woff

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick-theme.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick-theme.css
Origin: https://www.rainbowpush.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 822772
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1380
etag: W/"564-r5HBLw9Aak+AGus7OYdo/kHY+GQ"
x-served-by: cache-fra19161-FRA
date: Thu, 22 Sep 2022 17:28:13 GMT
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 ajax-loader.gif
cdn.jsdelivr.net/jquery.slick/1.6.0/ 4 KB
4 KB 146ms
46ms Image
image/gif 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.6.0/ajax-loader.gif

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick-theme.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick-theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 2044955
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4178
etag: W/"1052-ehqkNhQ5Y4K7FeX95XTZzc0haY8"
x-served-by: cache-fra19171-FRA, cache-hhn4082-HHN
date: Thu, 22 Sep 2022 17:28:13 GMT
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 313 KB
85 KB 84ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f8bf9fa805ed8cfdd182a4b8458ef5fa

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

87bc7cab125cd8849c9b726f99ae57a3b3bb29a23f499f93373b404dbec61597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rainbowpush.org/
Origin: https://www.rainbowpush.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Q0U0H3a+lzAO+01ZsWhhYg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87332
x-fb-rlafr: 0
x-fb-debug: YCiYhCcTKC2pwAgVLaI3bEcVNk2rJXV5Q8NtSh3XPgaNjBmGmxyZ1cWv4IDQbEQ3yvF9bnJJY/+pWDUzGTACCQ==
x-fb-content-md5: a46e71cd794cb521e1c5a695cf1baf26
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Sep 2022 17:28:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "1fa4ba5ab8385bf5a766c1b490c1bdb5"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 22 Sep 2023 13:39:19 GMT

GET
H2 200 storage.html Show response
0e623270-5d14-46ae-88e9-c8e3419df43d.rlets.com/static/ Frame 1346 2 KB
2 KB 748ms
206ms Document
text/html 44.225.77.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://0e623270-5d14-46ae-88e9-c8e3419df43d.rlets.com/static/storage.html
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/0e6/232/705/d1446ae88e9c8e3419df43d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.225.77.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-225-77-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: eae34d5ef51fe17225dffd44694e7f21986b158e68eb6fa881e150da725c4100

Request headers

Referer: https://www.rainbowpush.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 2025
content-type: text/html
date: Thu, 22 Sep 2022 17:28:14 GMT
last-modified: Wed, 14 Sep 2022 16:39:42 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1035561958&utmhn=www.rainbowpush.org&utme=8(Page%20type)9(Basic)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-99011549-1&cid=1644245094.1663867694&jid=498511424&_v=5.7.2&z=1035561958
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-99011549-1&cid=1644245094.1663867694&jid=498511424&_v=5.7.2&z=1035561958
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-99011549-1&cid=1644245094.1663867694&jid=498511424&_v=5.7.2&z=1035561958&slf_rd=1&random=2848317668

42 B
501 B

225ms
92ms

Image
image/gif

2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-99011549-1&cid=1644245094.1663867694&jid=498511424&_v=5.7.2&z=1035561958&slf_rd=1&random=2848317668

Requested by

Host: www.rainbowpush.org
URL: https://www.rainbowpush.org/

Protocol

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 17:28:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 17:28:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-99011549-1&cid=1644245094.1663867694&jid=498511424&_v=5.7.2&z=1035561958&slf_rd=1&random=2848317668
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.c4bdc17e77719578b594d5555bee90db.html Show response
platform.twitter.com/widgets/ Frame 91FC 320 KB
104 KB 93ms
80ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.rainbowpush.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.rainbowpush.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1889094
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Sep 2022 17:28:13 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:57 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame E062 992 B
2 KB 151ms
63ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.embedly.com
URL: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2F6G4l4kVBjU4%3Fwmode%3Dtransparent%26feature%3Doembed&wmode=transparent&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D6G4l4kVBjU4&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2F6G4l4kVBjU4%2Fhqdefault.jpg&key=e23856ccc1f011e0b5e44040d3dc5c07&type=text%2Fhtml&schema=youtube

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12091a307d42a5b723f50d625cfe7fbd72d62902060f9bcf04f8ce2cd210dbe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.embedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 22 Sep 2022 17:28:14 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 235ms
141ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=126739610711965&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.rainbowpush.org%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f8bf9fa805ed8cfdd182a4b8458ef5fa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rainbowpush.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 5iO6Xwqan8Q+v7Bk67/DWPEBYN3q/Hl65+mreWHIycTY5679zGkE4yCOs6Mzgb8IqFXqgbRV18Ixr8rauVVieA==
fb-s: unknown
date: Thu, 22 Sep 2022 17:28:14 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rainbowpush.org
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 91FC 771 B
608 B 477ms
145ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=095ce50e295c9b50f7f518b95d496050c26e301b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.rainbowpush.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time: 108
date: Thu, 22 Sep 2022 17:28:13 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 17:28:14 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 8dff09e1afa826841617bc55e1aef1dd16b993266082a56228db8c3c4aeb975c
content-length: 327

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/64947e15/www-widgetapi.vflset/ Frame E062 161 KB
52 KB 140ms
38ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64947e15/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be0d1a719a7aa3b6b2c30488567862bda53b0732ceefcbb4aa5dd7c724f3005f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.embedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3762
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53539
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Sep 2023 16:25:32 GMT

GET
H3 200 6G4l4kVBjU4 Show response
www.youtube.com/embed/ Frame A1C0 66 KB
27 KB 108ms
100ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/6G4l4kVBjU4?wmode=transparent&widget_referrer=https%3A%2F%2Fwww.rainbowpush.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96080807da317135fe52cae76e2ac21b5efd0c9cf5dae22993bf119293f1710f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.embedly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 22 Sep 2022 17:28:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/64947e15/ Frame A1C0 358 KB
49 KB 43ms
42ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64947e15/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/6G4l4kVBjU4?wmode=transparent&widget_referrer=https%3A%2F%2Fwww.rainbowpush.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331577f2dea34be78e04f38773004d3e39c3370628d5233108397358a621dc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6G4l4kVBjU4?wmode=transparent&widget_referrer=https%3A%2F%2Fwww.rainbowpush.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 14:48:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 96008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49662
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 14:48:06 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A1C0 15 KB
15 KB 124ms
38ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 195009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 20 Sep 2023 11:18:05 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/64947e15/www-embed-player.vflset/ Frame A1C0 309 KB
96 KB 62ms
59ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6G4l4kVBjU4?wmode=transparent&widget_referrer=https%3A%2F%2Fwww.rainbowpush.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 14:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97978
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 14:48:17 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/ Frame A1C0 2 MB
577 KB 76ms
73ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcfcc890d38af598070d6334e94089f8884f4c5ebb4a400d1f4ac303b503c8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6G4l4kVBjU4?wmode=transparent&widget_referrer=https%3A%2F%2Fwww.rainbowpush.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 14:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 591011
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 14:48:21 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/64947e15/fetch-polyfill.vflset/ Frame A1C0 9 KB
3 KB 86ms
83ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64947e15/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6G4l4kVBjU4?wmode=transparent&widget_referrer=https%3A%2F%2Fwww.rainbowpush.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 14:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 14:48:17 GMT

GET
H2 200 originCountry Show response
capture-api.reachlocalservices.com/ 35 B
554 B 475ms
475ms XHR
application/json 18.64.103.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/0e6/232/705/d1446ae88e9c8e3419df43d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-30.txl50.r.cloudfront.net
Software: /
Resource Hash: 2b343b21215fef87f4079b62256d4bc29f0697202fa85141731716654c303745

Request headers

Referer: https://www.rainbowpush.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 22 Sep 2022 17:28:15 GMT
via: 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P3
x-amzn-requestid: e5064615-c9c0-4a11-803c-19958617655e
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-632c9b2f-1d8c70ca616b80c077ec542a;Sampled=0
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-amz-apigw-id: Y30vdHHPPHcFbpg=
content-length: 35
x-amz-cf-id: 0FS3C4iWQePsrkVGE49GekpCqvQYN9PsGaAXlHoHRLaSNPoI-e086A==
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With

OPTIONS
H2 200 originCountry
capture-api.reachlocalservices.com/ Frame 0
0 566ms
462ms Preflight
application/json 18.64.103.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-30.txl50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.rainbowpush.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 22 Sep 2022 17:28:15 GMT
via: 1.1 59f8f1060194dd517bfadeea0eee2a32.cloudfront.net (CloudFront)
x-amz-apigw-id: Y30vZGQbPHcFcyg=
x-amz-cf-id: 3vEvxZb-YvgmVkYCx8_5s6V7ieBhrz7Ycu2_2aa4iqh9EsSHubXOxg==
x-amz-cf-pop: TXL50-P3
x-amzn-requestid: aa520bd5-891f-4491-bdc2-c4814c2276d6
x-cache: Miss from cloudfront

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame A1C0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

123ms
46ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce48253f3dbbb8cf0b3b7e490b70ebd1b013412a0188c38c7c1579621dadcf27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 22 Sep 2022 17:28:14 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A1C0 29 B
588 B 197ms
55ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:13:41 GMT
x-content-type-options: nosniff
age: 874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Sep 2022 17:28:41 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 203ms
73ms Preflight
text/html 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 22 Sep 2022 17:28:15 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A1C0 66 KB
30 KB 186ms
82ms XHR
application/json+protobuf 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

678dfc1a4d6f7782c8222c5ccb4a23e3da8411bc02b40ff5ada576980dcd715c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 22 Sep 2022 17:28:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 31020
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/ Frame A1C0 118 KB
36 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e18c273d7ef0826878f4159bf2b9809263e0765ca2d28c6955e9f62726ca1da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6G4l4kVBjU4?wmode=transparent&widget_referrer=https%3A%2F%2Fwww.rainbowpush.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 14:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37182
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 14:48:21 GMT

GET
H3 200 0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js Show response
www.google.com/js/th/ Frame A1C0 36 KB
14 KB 121ms
42ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10d2c3da4dfdbb2a4555d2a06b608edc989792264a46e02175cd575d019123b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 11:03:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14308
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 11:03:02 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/ Frame A1C0 30 KB
9 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516eadac5b177c303c3f7f4d4c67a5584125ec3050906d4707ccabc2a32bddfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6G4l4kVBjU4?wmode=transparent&widget_referrer=https%3A%2F%2Fwww.rainbowpush.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 14:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9374
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 00:22:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Sep 2023 14:48:31 GMT

GET
DATA 200
OK truncated
/ Frame A1C0 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-E_u5dgbCmYhkENav8oasB6Q9mm99UmdzFGeDR9Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A1C0 2 KB
2 KB 220ms
76ms Image
image/jpeg 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-E_u5dgbCmYhkENav8oasB6Q9mm99UmdzFGeDR9Q=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f04ee915632f8dbf67d2c120b2f1f9b03746c1560239158089e680375bfcee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1569
x-xss-protection: 0
server: fife
etag: "va0"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 19 Sep 2022 12:33:57 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/6G4l4kVBjU4/ Frame A1C0 42 KB
42 KB 247ms
103ms Image
image/webp 2a00:1450:400d:80c::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/6G4l4kVBjU4/sddefault.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5497e6edb2e9c2eded1a264877d60b1afc4f0493065e555fae51de7cdc5495e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:15 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42600
x-xss-protection: 0
server: sffe
etag: "1601500744"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 22 Sep 2022 19:28:15 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A1C0 4 KB
3 KB 278ms
58ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 17:28:15 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame A1C0 0
10 B 37ms
37ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?MjvocA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/6G4l4kVBjU4?wmode=transparent&widget_referrer=https%3A%2F%2Fwww.rainbowpush.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/6G4l4kVBjU4?wmode=transparent&widget_referrer=https%3A%2F%2Fwww.rainbowpush.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 17:28:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/105/ Frame A1C0 52 KB
15 KB 120ms
44ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/105/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 13:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 15:05:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 23 Sep 2022 13:15:59 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A1C0 90 B
134 B 75ms
75ms XHR
application/json+protobuf 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f6da7a6185f6d04229973fcfff6c535512910cecb0e7ea5d2f89de94674598a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 22 Sep 2022 17:28:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 72ms
72ms Preflight
text/html 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 22 Sep 2022 17:28:15 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
77 B 75ms
75ms XHR
text/plain 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rainbowpush.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: application/json

Response headers

date: Thu, 22 Sep 2022 17:28:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.rainbowpush.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 74ecc1899a7691f6-FRA
vary: Origin

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 131ms
39ms Preflight
text/plain 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.rainbowpush.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.rainbowpush.org
access-control-max-age: 86400
cf-ray: 74ecc1895a3191f6-FRA
content-encoding: gzip
content-type: text/plain
date: Thu, 22 Sep 2022 17:28:15 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A1C0 28 B
54 B 54ms
53ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Goog-Request-Time: 1663867697454
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6G4l4kVBjU4?wmode=transparent&widget_referrer=https%3A%2F%2Fwww.rainbowpush.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
X-YouTube-Client-Version: 1.20220920.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtoczVnUEdYOVU2USiutrKZBg%3D%3D
X-YouTube-Ad-Signals: dt=1663867694684&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C555%2C312&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 22 Sep 2022 17:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 22 Sep 2022 17:28:17 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A1C0 28 B
54 B 50ms
49ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/64947e15/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Goog-Request-Time: 1663867697590
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/6G4l4kVBjU4?wmode=transparent&widget_referrer=https%3A%2F%2Fwww.rainbowpush.org%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
X-YouTube-Client-Version: 1.20220920.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtoczVnUEdYOVU2USiutrKZBg%3D%3D
X-YouTube-Ad-Signals: dt=1663867694684&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C555%2C312&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 22 Sep 2022 17:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 22 Sep 2022 17:28:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.embedly.com
URL: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2F6G4l4kVBjU4%3Fwmode%3Dtransparent%26feature%3Doembed&wmode=transparent&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D6G4l4kVBjU4&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2F6G4l4kVBjU4%2Fhqdefault.jpg&key=e23856ccc1f011e0b5e44040d3dc5c07&type=text%2Fhtml&schema=youtube

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.rainbowpush.org/	1969-12-31 23:59:59	Name: _nbuild_token Value: W4gjhb9DjZPV6z8Pij0HsjzF%2Flzo7HhZdgXKOvph03U%3D
www.rainbowpush.org/	1970-01-20 15:47:07	Name: __utma Value: 1.1644245094.1663867694.1663867694.1663867694.1
www.rainbowpush.org/	1969-12-31 23:59:59	Name: __utmc Value: 1
www.rainbowpush.org/	1970-01-20 10:33:55	Name: __utmz Value: 1.1663867694.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
www.rainbowpush.org/	1970-01-20 06:11:08	Name: __utmt Value: 1
www.rainbowpush.org/	1970-01-20 06:11:09	Name: __utmb Value: 1.1.10.1663867694
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: FhhaG-7QziE
.youtube.com/	1970-01-20 10:30:19	Name: VISITOR_INFO1_LIVE Value: hs5gPGX9U6Q
0e623270-5d14-46ae-88e9-c8e3419df43d.rlets.com/	1970-01-20 06:12:34	Name: test Value: test

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.rainbowpush.org/(Line 997) Message: Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors rainbowpush.nationbuilder.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0e623270-5d14-46ae-88e9-c8e3419df43d.rlets.com
ajax.googleapis.com
assets.nationbuilder.com
capture-api.reachlocalservices.com
cdn.embedly.com
cdn.jsdelivr.net
cdn.rlets.com
cloudflareinsights.com
connect.facebook.net
d3n8a8pro7vhmx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
netdna.bootstrapcdn.com
platform.twitter.com
rainbowpush.nationbuilder.com
rainbowpush.org
ssl.google-analytics.com
static.cloudflareinsights.com
static.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
www.facebook.com
www.google.com
www.google.de
www.gstatic.com
www.rainbowpush.org
www.youtube.com
yt3.ggpht.com
cdn.embedly.com
104.16.89.50
104.244.42.8
18.64.103.30
18.66.15.92
2600:9000:223e:2000:6:9a19:88c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:3032::6815:1527
2606:4700:440e::6812:2fe6
2606:4700:7::a29f:802d
2606:4700:7::a29f:8a2c
2606:4700::6812:acf
2a00:1450:4001:806::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2003
2a00:1450:4001:813::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9b
2a00:1450:400d:804::2003
2a00:1450:400d:805::200a
2a00:1450:400d:806::2008
2a00:1450:400d:80a::2006
2a00:1450:400d:80c::2016
2a00:1450:400d:80e::2001
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::485
44.225.77.75
0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7
0726b737b76c65f63f98f3f85d4b8354475cd32ce68b3dcf5342ff585ac0cb23
0f6da7a6185f6d04229973fcfff6c535512910cecb0e7ea5d2f89de94674598a
12091a307d42a5b723f50d625cfe7fbd72d62902060f9bcf04f8ce2cd210dbe8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2b343b21215fef87f4079b62256d4bc29f0697202fa85141731716654c303745
2b5c633505036c483e497b9602034865d20f057ec508e361669e0f4b8372c825
304e16ffe23e4f77f64561f8d2994feabfcd336cb44e7918afacc6be962346d1
331577f2dea34be78e04f38773004d3e39c3370628d5233108397358a621dc51
348da1cbbc175da699be746c4e1ce3c53e4d9a6ea280bbd67348097a438ecfb9
370c49c5ba241c54b36196c644394dd9f91554a875ab4dbfae6549ca7088dee3
394146fc3d3a719d7604bc12a6e7f756c3c2e3be59bdb4d3b74baafa5032d988
3ad7a8d629b540b7864d55097a0271e6d61b211e7538959f590f490d5300534a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4037f33e31b02905fe72043b861eb58dee8bfcc0411e5c483912c6bf248d15a2
41ab731b25c3f7e4f6cc350774a28353c667e79774622a915f8b16b7897ecc4f
4286c5f3881ad1f1a440ec2f5edc94e9021e0b10ecf17993d988e7c7166dec23
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
4944c0091a0d0f154ce31361b3896f76423dae43b0abb28d3308dc4ccc0b429c
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
516eadac5b177c303c3f7f4d4c67a5584125ec3050906d4707ccabc2a32bddfc
526af19e2b2f599951e9306525347b080d3a6d21696e3204c09cc009541c9b34
53ba6e49ea8e838495e817f4a8f410a426f8083bfe560ea623823985b1a005cc
5497e6edb2e9c2eded1a264877d60b1afc4f0493065e555fae51de7cdc5495e0
5d63e87fe01ec1496983e6c9d8ad7843bf0a93cf9adddec2cb7bdf3de62e7b66
5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3
62148f942fc73c1cb25d16b14a63d1641fb770d01c817c9bdf776d6602a4c615
678dfc1a4d6f7782c8222c5ccb4a23e3da8411bc02b40ff5ada576980dcd715c
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b986cc934432b19f05b4a2f0d0f5fbeb96cf698b545465df15cf53c35ecd196
6c816bb24897b345e9ea0db72888b05864cbe7ddb05425b9a66a71ce07ad65a8
6f04ee915632f8dbf67d2c120b2f1f9b03746c1560239158089e680375bfcee2
7253fe13bef88a4084330d8adaa7f0be90d7b547707939882a8767dd952f27fe
747ddfa00135f7b3c7c02093de81d97e7748e96869eac91a03808f56a2ea44a2
76e0d0c7068297c98819e2311c466299bd6ffccdf7f96590385a23c3ca701627
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7b6aad0ae538ad0507d03d60a3dea15c9dae8fd1b1269593731cbb84004aa560
7b709765886f900bddeee79f8b324e02513cce78270aec88efbd568ed2cf4459
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e113152c16b620ed896e137524a0dac4b288785a30901e6ee93575409e69053
7fff029ba00017f1808f5b0d0bf8cbbbf8d02dff335ac30632412131c77a7d4d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87bc7cab125cd8849c9b726f99ae57a3b3bb29a23f499f93373b404dbec61597
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c2eba07eac00048396ca2d93ee8c5910a71fab32d0d2ca58e306ee84c6227bf
8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26
93eb624c3a2be00e65cec0015c5f01af35955fe120f3fc59b7b8d985d0b8ea41
94b8d4361aa901756fbb299de4bcf2b81491d32bcf58105f5db0e093edcdc41c
96080807da317135fe52cae76e2ac21b5efd0c9cf5dae22993bf119293f1710f
9809307b948c7856b73a566bea89b0d4927ec541a5655f8a9df8dc44ca3fcd36
a44e537eb0dfe0dfdb3a7ab134b25790c6f99e33436bf603e879598ec164a9fd
ad2b369a9fad37f4d0c2bd23746d9c4b8be3cbba24baf781f25a853246875fe3
afd4cb8734a76f96f5097a424ed61c3c3354d9f9472cc52b6d1513ee749d49ec
bc4a90e5c0f890d1f8668b26236db8f1d35448714f9812270008613d7b0ad0d2
bcfcc890d38af598070d6334e94089f8884f4c5ebb4a400d1f4ac303b503c8c8
be0d1a719a7aa3b6b2c30488567862bda53b0732ceefcbb4aa5dd7c724f3005f
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c21ea2a0ec1a9c48686c58d481b308e247fa9f747d2208099ce598ef823e555c
cd318ae92d886945bd62b80969f8d2cbeedc1f6b4537fdc7f97928915db7b0ff
ce48253f3dbbb8cf0b3b7e490b70ebd1b013412a0188c38c7c1579621dadcf27
d10d2c3da4dfdbb2a4555d2a06b608edc989792264a46e02175cd575d019123b
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
db3d79f3ac1178f00b5f1c66858c99b69b25f4073f19eccdedc77fd891eb3654
de014d1f86a764310472f8c63e785f3e87cca41164015ce554a6c22ddcf1b5d8
e18c273d7ef0826878f4159bf2b9809263e0765ca2d28c6955e9f62726ca1da1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e999044901ad021f59ca62eff7c7bd0000abccc3e40e0743cd6a38dc7f13c646
ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15
eae34d5ef51fe17225dffd44694e7f21986b158e68eb6fa881e150da725c4100
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

www.rainbowpush.org Open in urlscan Pro 2606:4700:7::a29f:8a2c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

97 %HTTPS

83 %IPv6

21 Domains

31 Subdomains

28 IPs

5 Countries

7447 kBTransfer

12892 kBSize

9 Cookies

11 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rainbowpush.org Open in urlscan Pro
2606:4700:7::a29f:8a2c Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

97 %
HTTPS

83 %
IPv6

21
Domains

31
Subdomains

28
IPs

5
Countries

7447 kB
Transfer

12892 kB
Size

9
Cookies

87 HTTP transactions
1 data transactions