itgetsbetter.org Open in urlscan Pro
199.16.173.70 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://itgetsbetter.org/
Effective URL:
https://itgetsbetter.org/
Submission: On December 07 via api (December 7th 2023, 3:38:48 pm UTC) from US — Scanned from DE

Summary HTTP 493 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 54 IPs in 5 countries across 39 domains to perform 493 HTTP transactions. The main IP is 199.16.173.70, located in United States and belongs to AUTOMATTIC, US. The main domain is itgetsbetter.org.
TLS certificate: Issued by R3 on November 27th 2023. Valid for: 3 months.

This is the only time itgetsbetter.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.16.172.188 199.16.172.188	2635 (AUTOMATTIC) (AUTOMATTIC)
9	199.16.173.70 199.16.173.70	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
6	2.17.147.138 2.17.147.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
27	192.0.77.39 192.0.77.39	2635 (AUTOMATTIC) (AUTOMATTIC)
25	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:d57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
25	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2 5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
20	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
30	2606:4700::68... 2606:4700::6812:7c49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	108.156.60.58 108.156.60.58	16509 (AMAZON-02) (AMAZON-02)
4	35.156.2.40 35.156.2.40	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	54.147.159.60 54.147.159.60	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2606:4700:20:... 2606:4700:20::681a:c57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	13.32.27.19 13.32.27.19	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
8	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	46.51.146.14 46.51.146.14	16509 (AMAZON-02) (AMAZON-02)
17	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2.16.238.13 2.16.238.13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2600:9000:244... 2600:9000:2447:3e00:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.191.88 52.222.191.88	16509 (AMAZON-02) (AMAZON-02)
41	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
55	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.50 99.86.4.50	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
3	34.210.21.51 34.210.21.51	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:401... 2a00:1450:4013:c04::5c	15169 (GOOGLE) (GOOGLE)
1	54.76.53.164 54.76.53.164	16509 (AMAZON-02) (AMAZON-02)
36	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
493	54

1 199.16.172.188 (United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

itgetsbetter.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 199.16.173.70 (United States)

ASN2635 (AUTOMATTIC, US)

itgetsbetter.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.17.147.138 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-138.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 192.0.77.39 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

149352635.v2.pressablecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:d57 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.juicer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.juicer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700::6812:7c49 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
give.itgetsbetter.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-58.ams1.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.2.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-2-40.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.159.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-159-60.compute-1.amazonaws.com

secure.gaug.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:c57 (United States)

ASN13335 (CLOUDFLARENET, US)

www.juicer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.juicer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

youtu.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.146.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-146-14.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.238.13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-13.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2447:3e00:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.191.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-191-88.ham50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-50.fra6.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.210.21.51 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-21-51.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4013:c04::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.53.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-53-164.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
100	stripe.com js.stripe.com — Cisco Umbrella Rank: 1282 q.stripe.com — Cisco Umbrella Rank: 7730 m.stripe.com — Cisco Umbrella Rank: 1245 r.stripe.com — Cisco Umbrella Rank: 3529 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5257	1 MB
83	wp.com c0.wp.com — Cisco Umbrella Rank: 8588 stats.wp.com — Cisco Umbrella Rank: 2814 i0.wp.com — Cisco Umbrella Rank: 3858 pixel.wp.com — Cisco Umbrella Rank: 2796	3 MB
52	google.com www.google.com — Cisco Umbrella Rank: 2 translate.google.com — Cisco Umbrella Rank: 1298 pay.google.com — Cisco Umbrella Rank: 2109 play.google.com — Cisco Umbrella Rank: 32	1 MB
31	gstatic.com fonts.gstatic.com www.gstatic.com	616 KB
27	pressablecdn.com 149352635.v2.pressablecdn.com	3 MB
25	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1544 ka-p.fontawesome.com — Cisco Umbrella Rank: 3304	44 KB
25	itgetsbetter.org 1 redirects itgetsbetter.org give.itgetsbetter.org	192 KB
20	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	2 MB
17	w.org s.w.org — Cisco Umbrella Rank: 3043	17 KB
17	juicer.io assets.juicer.io — Cisco Umbrella Rank: 11566 www.juicer.io — Cisco Umbrella Rank: 13089 static.juicer.io — Cisco Umbrella Rank: 25393	1 MB
15	classy.org sdk.classy.org — Cisco Umbrella Rank: 45996 prod-frs.content.classy.org — Cisco Umbrella Rank: 42375 pay.classy.org — Cisco Umbrella Rank: 47051	1 MB
15	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 jnn-pa.googleapis.com — Cisco Umbrella Rank: 203 translate.googleapis.com — Cisco Umbrella Rank: 947	164 KB
8	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 758 tr6.snapchat.com — Cisco Umbrella Rank: 88800	2 KB
7	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248	3 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	149 KB
5	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 5151	141 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2618	9 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	352 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	102 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	127 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1361	16 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	56 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	239 B
2	gaug.es secure.gaug.es — Cisco Umbrella Rank: 28181	4 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	941 B
2	t.co t.co — Cisco Umbrella Rank: 589	576 B
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	30 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 945	35 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	31 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 13515	43 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 857	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 26902	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2266	962 B
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6459	161 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	3 KB
1	youtu.be 1 redirects youtu.be — Cisco Umbrella Rank: 7983	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6765	455 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	254 B
493	39

	Domain	Requested by
51	i0.wp.com	itgetsbetter.org
41	js.stripe.com	cdn.transcend.io js.stripe.com
39	r.stripe.com	js.stripe.com
36	play.google.com	www.gstatic.com
27	149352635.v2.pressablecdn.com	itgetsbetter.org 149352635.v2.pressablecdn.com
25	c0.wp.com	itgetsbetter.org
24	ka-p.fontawesome.com	kit.fontawesome.com itgetsbetter.org
20	www.youtube.com	itgetsbetter.org www.youtube.com c0.wp.com cdn.transcend.io
17	s.w.org	itgetsbetter.org
17	www.gstatic.com	www.youtube.com www.gstatic.com pay.google.com
16	q.stripe.com	itgetsbetter.org
15	give.itgetsbetter.org	sdk.classy.org give.itgetsbetter.org cdn.transcend.io
14	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
13	prod-frs.content.classy.org	give.itgetsbetter.org cdn.transcend.io prod-frs.content.classy.org
12	pay.google.com	js.stripe.com pay.google.com itgetsbetter.org www.gstatic.com
12	www.juicer.io	assets.juicer.io itgetsbetter.org
10	itgetsbetter.org	1 redirects itgetsbetter.org 149352635.v2.pressablecdn.com
8	jnn-pa.googleapis.com	www.youtube.com
7	tr.snapchat.com	sc-static.net itgetsbetter.org
6	fonts.googleapis.com	itgetsbetter.org cdn.transcend.io
6	analytics.tiktok.com	itgetsbetter.org analytics.tiktok.com
5	cdn.transcend.io	give.itgetsbetter.org cdn.transcend.io
5	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com www.youtube.com
4	tags.srv.stackadapt.com	itgetsbetter.org tags.srv.stackadapt.com
4	stats.wp.com	itgetsbetter.org
4	assets.juicer.io	itgetsbetter.org
4	www.googletagmanager.com	itgetsbetter.org www.googletagmanager.com
3	m.stripe.com	m.stripe.network
3	www.google.com	itgetsbetter.org www.youtube.com
3	connect.facebook.net	itgetsbetter.org connect.facebook.net
3	pixel.wp.com	itgetsbetter.org
2	m.stripe.network	js.stripe.com m.stripe.network
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	i.ytimg.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	www.facebook.com	itgetsbetter.org
2	secure.gaug.es	itgetsbetter.org
2	analytics.twitter.com	itgetsbetter.org
2	t.co	itgetsbetter.org
2	static.ads-twitter.com	itgetsbetter.org www.googletagmanager.com
2	sc-static.net	itgetsbetter.org www.googletagmanager.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	code.jquery.com	cdn.transcend.io
1	pay.classy.org	cdn.transcend.io
1	cdn.plaid.com	cdn.transcend.io
1	unpkg.com	cdn.transcend.io
1	htp.tokenex.com	cdn.transcend.io
1	static.cloudflareinsights.com	give.itgetsbetter.org
1	analytics.pangle-ads.com	analytics.tiktok.com
1	static.juicer.io	assets.juicer.io
1	tr6.snapchat.com	sc-static.net
1	content.hotjar.io	script.hotjar.com
1	translate.googleapis.com
1	yt3.ggpht.com	www.youtube.com
1	youtu.be	1 redirects
1	translate.google.com	149352635.v2.pressablecdn.com
1	www.google.de	itgetsbetter.org
1	static.hotjar.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	sdk.classy.org	itgetsbetter.org
1	kit.fontawesome.com	itgetsbetter.org
493	61

This site contains links to these domains. Also see Links.

Domain
give.itgetsbetter.org
youtu.be
www.50states50grants.com
www.facebook.com
www.instagram.com
www.youtube.com
itgetsbetterproject.tumblr.com
www.tiktok.com
www.twitch.tv
www.queenandpapis.com
translate.google.com
wordpress.com
pressable.com
jetpack.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.v2.pressablecdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-02` - `2024-09-01`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-17` - `2024-04-16`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
give.itgetsbetter.org Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-16` - `2024-10-14`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.gaug.es Sectigo RSA Domain Validation Secure Server CA	`2023-03-02` - `2024-04-01`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-01-12`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://itgetsbetter.org/
Frame ID: 58F61CAC6EBBD4CFC5E1622A01A2BEAF
Requests: 245 HTTP requests in this frame

Frame: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
Frame ID: F39FBF3C7DD6B470D8486C996533156A
Requests: 20 HTTP requests in this frame

Frame: https://give.itgetsbetter.org/give/533919/
Frame ID: 00242D34881D95617649121876AC34F6
Requests: 52 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=50f8e197-c76c-447a-9833-230403118d24&u_scsid=3200f2af-935c-4ba9-8eb5-8a8c6cc18b89&u_sclid=2ea20167-363a-4bef-8351-a05a7a5f7f33
Frame ID: D6461DCDC7DA78D2A9ED7F68451914B2
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=d4566af6-6002-4a1a-b903-6200b4a730fc&u_scsid=3200f2af-935c-4ba9-8eb5-8a8c6cc18b89&u_sclid=2ea20167-363a-4bef-8351-a05a7a5f7f33
Frame ID: FC4E72450E2B257032D138FF380E0358
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
Frame ID: D3C33BE2C7F2FFFEB407722454E00DAC
Requests: 15 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1D30AF5B56D840197F6C0A3CC5F03E03
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 6FEC49EAAB592BBD3A278281CD6D8AE4
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 13493E07F1DC6A3CD936A85512C08E4F
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-e5b9447a8f4b01ae3fa8626199b71899.html
Frame ID: D104DE6536D0F74FC6E0B7F0E78A32F3
Requests: 47 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
Frame ID: 48CD3A0A882078D3C41BD52F6BBD9E47
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
Frame ID: C4CEDD2FDB5E9955FD7A4E3C99B1BEE1
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
Frame ID: E1415DE8C4969E1BFD8D6CC45F1EA7B4
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
Frame ID: 2A1EADC776FDEADAE29294B87CA68829
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
Frame ID: CA77EEE73CD4CA2B0B378B1F265871E4
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
Frame ID: 35B6364B45E39872F8553821E7912685
Requests: 7 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 2B35D0328EE2096F31E795300D9E0DA6
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 169F4C6070378FD26DA4F088E0B72C0C
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 9E316E54BA4ED211061DCC3D54F101EE
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

It Gets Better – The It Gets Better Project exists to uplift, empower, and connect LGBTQ+ youth around the globe.Magnifying GlassClose search results

Page URL History Show full URLs

http://itgetsbetter.org/ HTTP 301
https://itgetsbetter.org/ Page URL

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

493
Requests

99 %
HTTPS

52 %
IPv6

39
Domains

61
Subdomains

54
IPs

5
Countries

15568 kB
Transfer

41623 kB
Size

55
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://give.itgetsbetter.org/campaign/believe-in-better-2023/c534203
Title: Donate

Search URL Search Domain Scan URL

URL: https://youtu.be/FkYumU0Z3bk
Title: https://youtu.be/FkYumU0Z3bk

Search URL Search Domain Scan URL

URL: https://www.50states50grants.com/
Title: 50 States. 50 Grants. 5000 Voices

Search URL Search Domain Scan URL

URL: https://www.facebook.com/itgetsbetterproject/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/itgetsbetter/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/itgetsbetterespanol/
Title: Instagram Es

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/itgetsbetterproject/
Title: YouTube

Search URL Search Domain Scan URL

URL: http://itgetsbetterproject.tumblr.com/
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@itgetsbetter
Title: TikTok

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/itgetsbetter
Title: Twitch

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0bCWj7A3VV/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0F7-zJrXO5/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0ZSdWet-ME/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CzjWaNqR68O/

Search URL Search Domain Scan URL

URL: http://www.queenandpapis.com/
Title: www.queenandpapis.com

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0JfLCTtQCG/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CzgnOQouwUw/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C0IdHQ6oMHS/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CzSX-WIuAwi/

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: https://give.itgetsbetter.org/
Title: Donate

Search URL Search Domain Scan URL

URL: https://wordpress.com/wp/?partner_domain=itgetsbetter.org&utm_source=Automattic&utm_medium=colophon&utm_campaign=Concierge%20Referral&utm_term=itgetsbetter.org
Title: Proudly powered by WordPress.

Search URL Search Domain Scan URL

URL: https://pressable.com/?utm_source=Automattic&utm_medium=rpc&utm_campaign=Concierge%20Referral&utm_term=concierge
Title: Hosted by Pressable.

Search URL Search Domain Scan URL

URL: https://jetpack.com/upgrade/search/?utm_source=poweredby
Title: Search powered by Jetpack

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://itgetsbetter.org/ HTTP 301
https://itgetsbetter.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 198

https://youtu.be/FkYumU0Z3bk?_=1 HTTP 303
https://www.youtube.com/watch?_=1&v=FkYumU0Z3bk&feature=youtu.be

Request Chain 199

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 272

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

493 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
itgetsbetter.org/
Redirect Chain

http://itgetsbetter.org/
https://itgetsbetter.org/

218 KB
37 KB

149ms
120ms

Document
text/html

199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

455683a936fcffe23f3f2a156944b7961c2360b4bf639ef4fbbd1837f12ee969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=273, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:40 GMT
host-header: Pressable
last-modified: Thu, 07 Dec 2023 15:38:13 GMT
link: <https://itgetsbetter.org/wp-json/>; rel="https://api.w.org/" <https://itgetsbetter.org/wp-json/wp/v2/pages/11>; rel="alternate"; type="application/json" <https://wp.me/P9dPda-b>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-ac: 1.ams _atomic_ams BYPASS
x-nananana: Batcache-Hit

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 07 Dec 2023 15:38:40 GMT
Location: https://itgetsbetter.org/
Server: nginx
X-ac: 3.ams _atomic_ams BYPASS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 44ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-696171030

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

221e965e75a81f454afe91be6ed66b036913142ec31b262b564d1966fc6abf07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72455
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Dec 2023 15:38:40 GMT

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 870ms
294ms Script
application/javascript 2.17.147.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BUVFAJTD82FVM3BDSISG
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.138 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c3a4cabd471a1212e12181bc0d101c32f0ac5bc120720f9fa4ee05adadb3ae69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: e46dda7f.481bfd9d
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231207153841A1E18E53E6FC2A6C7B22-1B95D0533693F126-00
x-cache: TCP_MISS from a2-17-147-134.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 118,2.17.147.134
server-timing: cdn-cache; desc=MISS, edge; dur=108, origin; dur=10, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 20231207153841A1E18E53E6FC2A6C7B22
x-cache-remote: TCP_MISS from a23-194-131-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.194.131.38
x-tt-trace-host: 01b7eae1c1537faf133345ddbc40d3932a920d53fd227676a11a98002df784bd906a6dbbdea680d4cf93e36e4ac6fe3309c0e2ae0d53205c404b2b891a88604efcca061bdbd82c19da2f679a644d7e55fcfe22143a05cc1d645510ff95acb6c32731263fd064ab021574f606441e4f1c69
expires: Thu, 07 Dec 2023 15:38:41 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 134ms
23ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6930acce90c269cfadee0a68bb292bc4c52a9c0fe4b63bee4fe72b15fc52cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17590
x-amz-cf-id: U-E64ZVizUyX_QoHE2PMB8Mma1S1SCkm7XzITYFljLY9XiJ-zrReOA==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 291ms
5ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230044-FRA

GET
H2 200 index.css
149352635.v2.pressablecdn.com/wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/ 1 KB
801 B 51ms
14ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css?ver=5.7.2

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7bc3b9fb8a119aa279b4b7ad5c778393eaecef6a8786673601309fc71cb4e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 31 Jul 2023 15:54:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/woocommerce-payments/vendor/woocommerce/subscriptions-core/build/index.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.css
149352635.v2.pressablecdn.com/wp-content/plugins/woocommerce-pre-orders/build/ 1 B
393 B 51ms
14ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/woocommerce-pre-orders/build/index.css?ver=8615f6ce77cd241f630df36faabb09c2

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Thu, 31 Aug 2023 15:55:05 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/plugins/woocommerce-pre-orders/build/index.css>; rel="canonical"
content-length: 1
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.min.css
c0.wp.com/c/6.4.2/wp-includes/css/dist/block-library/ 107 KB
13 KB 24ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Sun, 05 Nov 2023 19:40:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 11 KB
3 KB 47ms
13ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 4 KB
1 KB 47ms
13ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H3 200 igb-blocks.css
149352635.v2.pressablecdn.com/wp-content/mu-plugins/igb-blocks/dist/front/ 1 KB
877 B 23ms
20ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/mu-plugins/igb-blocks/dist/front/igb-blocks.css?ver=1614276094

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ad1a9d38fb19479061ecffb38db571f803ccbb15e0d51d1523ab219ea568d550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Thu, 25 Feb 2021 18:01:34 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/mu-plugins/igb-blocks/dist/front/igb-blocks.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style-coblocks-1.css
149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/ 265 KB
35 KB 23ms
21ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/style-coblocks-1.css?ver=3.1.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

17a408bf3a3aeb1cf6fffe16bfda1126ff1a4d996ea28ea3b85bf5dcc3a6c1aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 17:45:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/coblocks/dist/style-coblocks-1.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style-coblocks-extensions.css
149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/ 2 KB
737 B 50ms
14ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/style-coblocks-extensions.css?ver=3.1.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9c197c685d1cfde9e68e198bd0c023f58202efd10e5991a58aeacb01db67f844

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 17:45:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/coblocks/dist/style-coblocks-extensions.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK 860e0dac-bff9-40af-827d-4437da957c1c
https://itgetsbetter.org/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://itgetsbetter.org/860e0dac-bff9-40af-827d-4437da957c1c
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 link-checker-public.css
149352635.v2.pressablecdn.com/wp-content/plugins/team51-link-checker/public/css/ 98 B
503 B 50ms
15ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/team51-link-checker/public/css/link-checker-public.css?ver=1.0.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 08 Aug 2022 19:46:48 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/plugins/team51-link-checker/public/css/link-checker-public.css>; rel="canonical"
content-length: 98
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 woocommerce-layout.css
c0.wp.com/p/woocommerce/8.3.1/assets/css/ 17 KB
3 KB 25ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.3.1/assets/css/woocommerce-layout.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

50bb7c36ecca26ef05a1d308ca06ca7f60740c7e95d20a8971909303f4fa8657

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Aug 2023 21:45:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H3 200 woocommerce-smallscreen.css
c0.wp.com/p/woocommerce/8.3.1/assets/css/ 7 KB
1 KB 25ms
23ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.3.1/assets/css/woocommerce-smallscreen.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Aug 2023 21:45:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H3 200 woocommerce.css
c0.wp.com/p/woocommerce/8.3.1/assets/css/ 73 KB
9 KB 26ms
24ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.3.1/assets/css/woocommerce.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f7d4c54dc556bce61c6a59150788149f9310dcf3f1deba151612334afd20e726

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Aug 2023 21:45:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H2 200 ez-toc-sticky.min.css
149352635.v2.pressablecdn.com/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
2 KB 51ms
16ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/easy-table-of-contents/assets/css/ez-toc-sticky.min.css?ver=2.0.58

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f27902b2b9390fb8b4b9b4239b762bc52fb4e6e2098d3dfecc1fdb37c9431b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 28 Nov 2023 06:34:49 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/easy-table-of-contents/assets/css/ez-toc-sticky.min.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
553 B 122ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&ver=1.0.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 14:11:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 15:38:41 GMT

GET
H2 200 css
fonts.googleapis.com/ 240 B
305 B 129ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400i&text=1234567890%2C&ver=1.0.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0faac6667b9444d10e4d1d4b3551491e48687f885f612b88379c1c2f8e4f3447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:38:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 15:38:41 GMT

GET
H2 200 style.css
149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/ 301 KB
40 KB 50ms
15ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/style.css?ver=2.0.1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6f362df700f594c70c744881a38ffcaf3863ef11faa6a67db1645a45849b9a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Thu, 29 Jun 2023 08:01:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/themes/itgetsbetter-2017/style.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed.css
assets.juicer.io/ 93 KB
14 KB 54ms
26ms Stylesheet
text/css 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.juicer.io/embed.css?ver=6.4.2
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0d768ee72635105b8b27d02e4e25da58394365a1d60aff2a5181f4044062f3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Tue, 05 Dec 2023 08:58:52 GMT
server: cloudflare
age: 3360
vary: Accept-Encoding, Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701883583&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=%2B1yPcYcPwkXKITLJud08oA0smd9PAGqxyyAX2O2eCGo%3D"}]}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 831ddb6649b32c04-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701883583&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=%2B1yPcYcPwkXKITLJud08oA0smd9PAGqxyyAX2O2eCGo%3D

GET
H2 200 jetpack.css
149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/css/ 99 KB
19 KB 49ms
15ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/css/jetpack.css?ver=12.9-beta

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6a360e4e3e7c65709b0ffefc54e4f116ea6d8c9909e68ff4578284ebaf07c5f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 04 Dec 2023 06:52:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/jetpack/css/jetpack.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/ 8 KB
3 KB 46ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H2 200 regenerator-runtime.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/ 6 KB
3 KB 45ms
14ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/regenerator-runtime.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 19 Sep 2023 19:30:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/ 112 KB
34 KB 45ms
14ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H2 200 hooks.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/dist/ 5 KB
2 KB 45ms
14ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/dist/hooks.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H2 200 w.js Show response
stats.wp.com/ 11 KB
4 KB 51ms
18ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/w.js?ver=202349
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 585d4af3a08847a4604f8796b4841ebf7eaec7211606cc954f88dc9f27c72b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/11154-1698845937340.7637
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 02 Dec 2024 17:16:14 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/jquery/ 86 KB
29 KB 67ms
36ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/jquery.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/jquery/ 13 KB
5 KB 45ms
15ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H2 200 link-checker-public.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/team51-link-checker/public/js/ 838 B
870 B 49ms
16ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/team51-link-checker/public/js/link-checker-public.js?ver=1.0.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 08 Aug 2022 19:46:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/team51-link-checker/public/js/link-checker-public.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/say-what/assets/build/ 917 B
752 B 68ms
35ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/say-what/assets/build/frontend.js?ver=fd31684c45e4d85aeb4e

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f5d443de6f68d2fa95c8f5493cf7e248b5025615c40333a24c4eda1366626ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 17:46:04 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/say-what/assets/build/frontend.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.blockUI.min.js Show response
c0.wp.com/p/woocommerce/8.3.1/assets/js/jquery-blockui/ 9 KB
4 KB 15ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.3.1/assets/js/jquery-blockui/jquery.blockUI.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 18 Jul 2023 19:53:36 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H3 200 add-to-cart.min.js Show response
c0.wp.com/p/woocommerce/8.3.1/assets/js/frontend/ 3 KB
1 KB 18ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.3.1/assets/js/frontend/add-to-cart.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 18 Jul 2023 19:53:36 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H3 200 js.cookie.min.js Show response
c0.wp.com/p/woocommerce/8.3.1/assets/js/js-cookie/ 2 KB
1 KB 19ms
14ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.3.1/assets/js/js-cookie/js.cookie.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 18 Jul 2023 19:53:36 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H3 200 woocommerce.min.js Show response
c0.wp.com/p/woocommerce/8.3.1/assets/js/frontend/ 2 KB
1 KB 23ms
18ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.3.1/assets/js/frontend/woocommerce.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 18 Jul 2023 19:53:36 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H2 200 i18n.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/dist/ 9 KB
4 KB 45ms
14ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/dist/i18n.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 21 Sep 2023 13:26:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H2 200 i18n-loader.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-assets/build/ 6 KB
3 KB 68ms
35ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-assets/build/i18n-loader.js?minify=true&ver=ee939953aa2115e2ca59

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

236fb88931feead5473c70f542473d5dc064578ffb45ea743414720e2aea3929

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 14 Nov 2023 17:55:08 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-assets/build/i18n-loader.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 s-202349.js Show response
stats.wp.com/ 9 KB
4 KB 20ms
14ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/s-202349.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 067b22759bfd5684834af3dde55a1205bf7af63a1355a77777c5a160bdca9b55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
last-modified: Wed, 01 Nov 2023 13:38:56 GMT
server: nginx
etag: W/"654254f0-25ea"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 03 Dec 2024 00:00:01 GMT

GET
H2 200 dc8c838d72.js Show response
kit.fontawesome.com/ 12 KB
5 KB 456ms
437ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/dc8c838d72.js?ver=6.4.2
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd006c4a7793fe5e665c0536139c5c30e16fbda66ca93b30d1f69e57887c471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 831ddb663f05366c-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F56Wzie4w0yMBUGE2ESh

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
93 KB 36ms
30ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-MBL48JF

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

564c70df47775767816f028ca9cb667c9a643c1da7bc35dbfba417565fa2c0fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95466
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:41 GMT

GET
H2 200 img-home-page-hero-poster.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/ 29 KB
30 KB 16ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/img-home-page-hero-poster.jpg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b09bbc10887550bcc13732c26f52ebf50bb347b310978bf08271e13a34c8b3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 30182
x-nc: HIT ams 8
last-modified: Wed, 25 Oct 2023 03:54:07 GMT
server: nginx
etag: "28fcade63d72b3f8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://itgetsbetter.org/wp-content/uploads/2021/05/img-home-page-hero-poster.jpg>; rel="canonical"
expires: Fri, 24 Oct 2025 15:54:07 GMT

GET
H3 200 igb-logo-10.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/ 3 KB
4 KB 23ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/igb-logo-10.jpg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

c046f278de5092451d72870f6205ba519550a6b5911369b46d9edc2095e304d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3272
x-nc: HIT ams 1
last-modified: Mon, 04 Dec 2023 10:36:06 GMT
server: nginx
etag: "cf6e941e7514591f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://itgetsbetter.org/wp-content/uploads/2021/05/igb-logo-10.jpg>; rel="canonical"
expires: Wed, 03 Dec 2025 22:36:06 GMT

GET
H3 200 igb-logo-mobile-10.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/ 9 KB
10 KB 24ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/igb-logo-mobile-10.jpg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

148f8b31db59c14b3a649f5c3d3ddbd85f061aa23e93418966149aea03afbcf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 9706
x-nc: HIT ams 5
last-modified: Wed, 25 Oct 2023 03:54:07 GMT
server: nginx
etag: "f14d69b7d8fc7159"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://itgetsbetter.org/wp-content/uploads/2021/05/igb-logo-mobile-10.jpg>; rel="canonical"
expires: Fri, 24 Oct 2025 15:54:07 GMT

GET
H2 200 /
itgetsbetter.org/ 13 KB
4 KB 121ms
120ms Stylesheet
text/css 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/?custom-css=f908e700be

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c95a52255502607fbc12722fb5e4e0b3ccdc44c4df9ffd5c17546bbbad547b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nananana: Batcache-Hit
date: Thu, 07 Dec 2023 15:38:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 07 Dec 2023 15:34:58 GMT
server: nginx
x-ac: 1.ams _atomic_ams BYPASS
vary: Accept-Encoding, Cookie
content-type: text/css;charset=utf-8
cache-control: max-age=77, must-revalidate
host-header: Pressable
expires: Fri, 06 Dec 2024 15:34:58 GMT

GET
H2 200 glossary2023.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/03/ 30 KB
30 KB 76ms
43ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/03/glossary2023.jpg?resize=1920%2C798&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8d1b040cdb0d8a3beb3dedf8127c8b3a10f77250044dc1d932f25bf0d5ce469f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 30678
x-nc: HIT ams 2
last-modified: Fri, 19 May 2023 08:21:28 GMT
server: nginx
etag: "81acece84bc6e6d8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/03/glossary2023.jpg>; rel="canonical"
expires: Sun, 18 May 2025 20:21:28 GMT

GET
H2 200 Global-Summit-Header.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/03/ 43 KB
43 KB 51ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/03/Global-Summit-Header.jpg?resize=970%2C354&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6cee9f8dff2aab298eeeb2f8e731080bb832c14c9cf00de583b9e7e1dcce3ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 43740
x-nc: HIT ams 2
last-modified: Mon, 22 May 2023 22:32:09 GMT
server: nginx
etag: "b7acb0a8056ed771"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/03/Global-Summit-Header.jpg>; rel="canonical"
expires: Thu, 22 May 2025 10:32:09 GMT

GET
H2 200 IGB_Donation_Banner-1.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/11/ 479 KB
480 KB 41ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/11/IGB_Donation_Banner-1.png?w=1024&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

28dbf1bfa9461838186542b43adf9dac9666b439de4cc026b2c2416784161bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 490316
x-nc: HIT ams 7
last-modified: Tue, 14 Nov 2023 18:30:53 GMT
server: nginx
etag: "fb3d1ab25e5a3769"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/11/IGB_Donation_Banner-1.png>; rel="canonical"
expires: Fri, 14 Nov 2025 06:30:53 GMT

GET
H2 200 Lesbian_Hayley-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 29 KB
30 KB 15ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Lesbian_Hayley-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

08c4f8203773f0d8c0820bd606e09d4ab1407d995c015a329e8f2ca737e141ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 30188
x-nc: HIT ams 5
last-modified: Tue, 14 Nov 2023 18:30:53 GMT
server: nginx
etag: "7d27f69d0c8dc424"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Lesbian_Hayley-1024x576-1.jpg>; rel="canonical"
expires: Fri, 14 Nov 2025 06:30:53 GMT

GET
H3 200 Gay_Harper-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 44 KB
44 KB 30ms
26ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Gay_Harper-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

f7e1ef3dd67755f224768aca391d7f74bd6c6e943d53f8a5533496f5d79a7d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
x-optim-disabled: true
alt-svc: h3=":443"; ma=86400
content-length: 45064
x-nc: HIT ams 2
last-modified: Fri, 10 Nov 2023 11:32:34 GMT
server: nginx
etag: "85bb44179d8dc39e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Gay_Harper-1024x576-1.jpg>; rel="canonical"
expires: Sun, 09 Nov 2025 23:32:34 GMT

GET
H3 200 BiPan_Still.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/10/ 43 KB
43 KB 24ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/10/BiPan_Still.jpg?resize=1024%2C576&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

20ac027ad49317ebdf76a19e606ccdf892924bdce3996d90af1ed4cabcbe1de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 43678
x-nc: HIT ams 2
last-modified: Wed, 25 Oct 2023 14:11:24 GMT
server: nginx
etag: "65ca68fabba6bd8c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/10/BiPan_Still.jpg>; rel="canonical"
expires: Sat, 25 Oct 2025 02:11:24 GMT

GET
H3 200 trans_FB.00_06_32_22.Still001-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 37 KB
37 KB 32ms
28ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/trans_FB.00_06_32_22.Still001-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

1ae9be0de86ea5204f07a8baa11bb5ba1aa1d6ed4e8cf7d10c8fbd7160661954

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 37944
x-nc: HIT ams 7
last-modified: Tue, 14 Nov 2023 18:30:54 GMT
server: nginx
etag: "8399baab597d2b31"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/trans_FB.00_06_32_22.Still001-1024x576-1.jpg>; rel="canonical"
expires: Fri, 14 Nov 2025 06:30:54 GMT

GET
H3 200 Queer_Blair-Imani-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 58 KB
59 KB 33ms
30ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Queer_Blair-Imani-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9e8189a6b9d88051b90735e02168330e7faecb461157e686314ab82c29a18cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
x-optim-disabled: true
alt-svc: h3=":443"; ma=86400
content-length: 59692
x-nc: HIT ams 3
last-modified: Fri, 10 Nov 2023 11:32:34 GMT
server: nginx
etag: "892eaa1927497487"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Queer_Blair-Imani-1024x576-1.jpg>; rel="canonical"
expires: Sun, 09 Nov 2025 23:32:34 GMT

GET
H3 200 Nonbinary_Jerwin-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 27 KB
28 KB 35ms
32ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Nonbinary_Jerwin-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

2b3f86a5519461bf7afb2a8587e94830b00edecb94fb1c1cb0ae0b4e897f0ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 28038
x-nc: HIT ams 1
last-modified: Mon, 04 Dec 2023 10:58:41 GMT
server: nginx
etag: "8b6a44827a924cc5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Nonbinary_Jerwin-1024x576-1.jpg>; rel="canonical"
expires: Wed, 03 Dec 2025 22:58:41 GMT

GET
H3 200 Global-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 22 KB
22 KB 39ms
35ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Global-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

03d27c71ce9e1f4da7c9948f62f6e43900a6377b66879400d0f9587218326124

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 22308
x-nc: HIT ams 8
last-modified: Tue, 14 Nov 2023 18:30:53 GMT
server: nginx
etag: "009fd13c2f3b67d3"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Global-1024x576-1.jpg>; rel="canonical"
expires: Fri, 14 Nov 2025 06:30:53 GMT

GET
H3 200 Celebs_Kelly-Clarkson-1024x576-1.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 80 KB
80 KB 39ms
36ms Image
image/jpeg 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Celebs_Kelly-Clarkson-1024x576-1.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9af605dd32012adeaec6aec9d2d15ff3f2b86db9b724977d1e2396a29f0462c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
x-optim-disabled: true
alt-svc: h3=":443"; ma=86400
content-length: 81479
x-nc: HIT ams 5
last-modified: Fri, 10 Nov 2023 11:32:34 GMT
server: nginx
etag: "591cbbebf03b6dee"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Celebs_Kelly-Clarkson-1024x576-1.jpg>; rel="canonical"
expires: Sun, 09 Nov 2025 23:32:34 GMT

GET
H3 200 Webseries_Activism-1024x576-1.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 498 KB
499 KB 44ms
41ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/Webseries_Activism-1024x576-1.png?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b0665a16f0f78a80f527b00fe5463d469e79d1288a7389b19a0452596c9c9749

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
x-optim-disabled: true
alt-svc: h3=":443"; ma=86400
content-length: 510150
x-nc: HIT ams 6
last-modified: Fri, 10 Nov 2023 11:32:35 GMT
server: nginx
etag: "60b20eea60b12dc5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/Webseries_Activism-1024x576-1.png>; rel="canonical"
expires: Sun, 09 Nov 2025 23:32:35 GMT

GET
H3 200 Screenshot-2023-11-20-at-11.59.44-AM.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/11/ 713 KB
713 KB 47ms
43ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/11/Screenshot-2023-11-20-at-11.59.44-AM.png?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b0627e3c20e0eaac0d740514ee496d5cb00597819f9b70e211d93d7c398ec410

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 730074
x-nc: HIT ams 7
last-modified: Tue, 21 Nov 2023 18:49:28 GMT
server: nginx
etag: "820eedcfc96f04dd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/11/Screenshot-2023-11-20-at-11.59.44-AM.png>; rel="canonical"
expires: Fri, 21 Nov 2025 06:49:28 GMT

GET
H3 200 SquareBrian.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/12/ 101 KB
101 KB 1100ms
1096ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/12/SquareBrian.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0e459102d172831a8eeb317d128fa35e0a749f9a6406a8a4f360f47ed6a82878

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 103156
x-nc: MISS ams 4
last-modified: Thu, 07 Dec 2023 15:38:42 GMT
server: nginx
etag: "9b5d85596ec7f94b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/12/SquareBrian.jpg>; rel="canonical"
expires: Sun, 07 Dec 2025 03:38:42 GMT

GET
H3 200 Screenshot-2023-12-05-at-11.53.54-AM.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/12/ 188 KB
188 KB 45ms
42ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/12/Screenshot-2023-12-05-at-11.53.54-AM.png?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

06d9c9326c7fa24c99554f45c49585782e6f1207e942cd8afdb71422ff2d59ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 192196
x-nc: HIT ams 6
last-modified: Tue, 05 Dec 2023 20:50:15 GMT
server: nginx
etag: "89630509ec96b3aa"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/12/Screenshot-2023-12-05-at-11.53.54-AM.png>; rel="canonical"
expires: Fri, 05 Dec 2025 08:50:15 GMT

GET
H3 200 YVQuote_Aidan-1-scaled.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/11/ 163 KB
163 KB 46ms
42ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2023/11/YVQuote_Aidan-1-scaled.jpg?ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9dfd0be145d5d7726152610afc493658321b21de177435273d7a49ed4449040c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 166962
x-nc: HIT ams 2
last-modified: Thu, 30 Nov 2023 23:45:36 GMT
server: nginx
etag: "06e4bd6b4d7d4fc7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2023/11/YVQuote_Aidan-1-scaled.jpg>; rel="canonical"
expires: Sun, 30 Nov 2025 11:45:36 GMT

GET
H2 200 embed.js Show response
assets.juicer.io/ 630 KB
139 KB 32ms
31ms Script
application/javascript 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.juicer.io/embed.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11de36c54879d13a91383ea5803810995b5cf96400b59db98143093025227b1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Tue, 05 Dec 2023 08:58:52 GMT
server: cloudflare
age: 1756
vary: Accept-Encoding, Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701768313&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=sG0J94vUHJ%2BXg7STn%2BwmJ%2F0jRzE9nY8MbXpXVdPeQ2s%3D"}]}
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 831ddb66fa7e2c04-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701768313&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=sG0J94vUHJ%2BXg7STn%2BwmJ%2F0jRzE9nY8MbXpXVdPeQ2s%3D

GET
H2 200 embed.css
assets.juicer.io/ 93 KB
14 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.juicer.io/embed.css
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0d768ee72635105b8b27d02e4e25da58394365a1d60aff2a5181f4044062f3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Tue, 05 Dec 2023 08:58:52 GMT
server: cloudflare
age: 376
vary: Accept-Encoding, Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701769225&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=p%2BEOsuntzelIhx0VtzFhlR6d%2BhmdapesDsFsdeJO%2BCk%3D"}]}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 831ddb66fa802c04-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701769225&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=p%2BEOsuntzelIhx0VtzFhlR6d%2BhmdapesDsFsdeJO%2BCk%3D

GET
H2 200 image-cdn.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 701 B
789 B 13ms
13ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 08 May 2023 16:57:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 url.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/dist/ 9 KB
4 KB 13ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/dist/url.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

65f976cffe2202ce71f130a2a4496ca28762a5323229d71ae014d1205c4ffdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 26 Sep 2023 14:23:26 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H2 200 jp-search.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 7 KB
4 KB 13ms
13ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=156632ec530008abc8ff

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8cc972b71226ec94578a47c204f06ca46f34494ef1f70acc44a27aa5b5e2d80f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 3.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 04 Dec 2023 06:52:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frontend-checkout.min.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/woocommerce-table-rate-shipping/assets/js/ 190 B
601 B 13ms
13ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/woocommerce-table-rate-shipping/assets/js/frontend-checkout.min.js?ver=3.1.2

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7a98cfd53fb371872ceef03beaed46b74a7e02d44caa34bab76913cccf0249bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 15:54:43 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/plugins/woocommerce-table-rate-shipping/assets/js/frontend-checkout.min.js>; rel="canonical"
content-length: 190
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 coblocks-animation.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/js/ 407 B
798 B 13ms
13ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=3.1.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2f167ae1780938fa19464993733924d0d078d5f5ce7955a596a55c210cb36cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 17:45:42 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/plugins/coblocks/dist/js/coblocks-animation.js>; rel="canonical"
content-length: 407
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tiny-swiper.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/js/vendors/ 10 KB
5 KB 13ms
13ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/js/vendors/tiny-swiper.js?ver=3.1.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bfd761a9c6e6c5c0f50a303e473b15669ed19851fb18b331008b281c9fd0caa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 17:45:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/coblocks/dist/js/vendors/tiny-swiper.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 coblocks-tinyswiper-initializer.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/js/ 14 KB
6 KB 13ms
13ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/js/coblocks-tinyswiper-initializer.js?ver=3.1.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3f7af01f4d8414f9dfe9e2dc0f693ad62b3081e7a345aee612114e4c4aebcd2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 17:45:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/coblocks/dist/js/coblocks-tinyswiper-initializer.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jetpack-carousel.min.js Show response
149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/_inc/build/carousel/ 24 KB
8 KB 13ms
13ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=12.9-beta

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0200bc38d986631f9cc4680084d7d263ccf17fa4a3c627b26ff347e0cfcf1d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 30 May 2023 17:03:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 index.js Show response
149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/assets/dist/js/ 133 KB
35 KB 13ms
13ms Script
application/javascript 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/assets/dist/js/index.js?ver=2.0.1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f4125873a800fd8df636016b1d34e0af85e54abb5a1a06e26360e8f2af1d2eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 27 Sep 2023 17:16:37 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/themes/itgetsbetter-2017/assets/dist/js/index.js>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed-no-jquery.js Show response
assets.juicer.io/ 533 KB
106 KB 27ms
27ms Script
application/javascript 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.juicer.io/embed-no-jquery.js?ver=6.4.2
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab92807379feb9a2b4600eb7903373d523c4c025d9d8a81a138e68be3e7708f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Tue, 05 Dec 2023 08:58:52 GMT
server: cloudflare
age: 3360
vary: Accept-Encoding, Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701883556&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=HyLx%2BTAxKDjr%2F35Aiz6g%2BIVigyzOD5VOMlZQ9LhPJWs%3D"}]}
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 831ddb679b342c04-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701883556&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=HyLx%2BTAxKDjr%2F35Aiz6g%2BIVigyzOD5VOMlZQ9LhPJWs%3D

GET
H2 200 e-202349.js Show response
stats.wp.com/ 7 KB
3 KB 19ms
15ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202349.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1695421998473.3982
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 01 Dec 2024 22:19:03 GMT

GET
H3 200 mediaelement-and-player.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 154 KB
35 KB 14ms
14ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/mediaelement-and-player.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 29 Sep 2022 14:21:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H3 200 mediaelement-migrate.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 1 KB
820 B 13ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/mediaelement-migrate.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H3 200 wp-mediaelement.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/ 1 KB
795 B 14ms
13ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/wp-mediaelement.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 07 Feb 2023 16:00:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H3 200 vimeo.min.js Show response
c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/renderers/ 6 KB
2 KB 14ms
14ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/renderers/vimeo.min.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/696171030/ 3 KB
2 KB 151ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696171030/?random=1701963521012&cv=11&fst=1701963521012&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fitgetsbetter.org%2F&hn=www.googleadservices.com&frm=0&tiba=It%20Gets%20Better%20%E2%80%93%20The%20It%20Gets%20Better%20Project%20exists%20to%20uplift%2C%20empower%2C%20and%20connect%20LGBTQ%2B%20youth%20around%20the%20globe.&auid=1810209364.1701963521&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-696171030

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9622494307eaef76c0eb581738c0c85734b027104ca3c5a115db712e3a1c617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1319
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 19ms
14ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.3992120137473236
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 15:38:41 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 pro-v4-shims.min.js Show response
ka-p.fontawesome.com/releases/v6.5.1/js/ 27 KB
8 KB 137ms
27ms Fetch
application/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/js/pro-v4-shims.min.js?token=dc8c838d72
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/dc8c838d72.js?ver=6.4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b06bb41004d7fcd9051c499749c319244ffdacf890af122d1b9be2f413fb43ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:54 GMT
server: cloudflare
age: 560764
etag: "6568c5a2-1df2"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 831ddb69b8b03764-FRA
content-length: 7666

GET
H2 200 pro.min.js Show response
ka-p.fontawesome.com/releases/v6.5.1/js/ 60 KB
17 KB 138ms
28ms Fetch
application/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/js/pro.min.js?token=dc8c838d72
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/dc8c838d72.js?ver=6.4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e1f1cd3369c758e19b92899eac17de20750b6888d0600673811208162dab08d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:54 GMT
server: cloudflare
age: 560764
etag: "6568c5a2-4583"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 831ddb69b8b13764-FRA
content-length: 17795

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
93 KB 28ms
24ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-MBL48JF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-696171030

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe3e8011fccc8d506f24b6160c6663c8ec1933f732454ad3e2aa45bb06164c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95549
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:41 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 112ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Dec 2023 15:38:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 40gQNrQtp9xjOsMJUUTQJlP0s89S8RZ70SJTGx/VW9lyjOa0SIStpgGEzheg39dzRbAORloRSvaPeioPwpPO1Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 280 KB
94 KB 31ms
28ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5QWJNP

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f508fafed8937fa0e8c9d797493ae41e0a31896903f6215397dcfba20df8d2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96256
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Dec 2023 15:38:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 465 B
763 B 125ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Annie+Use+Your+Telescope&display=swap

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/?custom-css=f908e700be

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9307bfc8d9261402d1e44aa45a4ab1e133dabe80c84172fa4cc2d23acaa4487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:38:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 15:38:41 GMT

GET
H2 200 bwkUX98fktI Show response
www.youtube.com/embed/ Frame F39F 92 KB
41 KB 72ms
47ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe21e04ab5ce0d9750ea23a0d16a44f6a2673e95da64a7ab56af4b119ed775d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 15:38:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET IGB_Video_Faces_compressed.mp4
itgetsbetter.org/wp-content/uploads/2021/05/ 0
0

GET
H3 200 igb-blocks.css
149352635.v2.pressablecdn.com/wp-content/mu-plugins/igb-blocks/dist/front/ 1 KB
877 B 15ms
15ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/mu-plugins/igb-blocks/dist/front/igb-blocks.css?ver=1614276094

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ad1a9d38fb19479061ecffb38db571f803ccbb15e0d51d1523ab219ea568d550

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Thu, 25 Feb 2021 18:01:34 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/mu-plugins/igb-blocks/dist/front/igb-blocks.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style-coblocks-1.css
149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/ 265 KB
35 KB 18ms
18ms Stylesheet
text/css 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://149352635.v2.pressablecdn.com/wp-content/plugins/coblocks/dist/style-coblocks-1.css?ver=3.1.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

17a408bf3a3aeb1cf6fffe16bfda1126ff1a4d996ea28ea3b85bf5dcc3a6c1aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 09 Aug 2023 17:45:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
link: <http://itgetsbetter.org/wp-content/plugins/coblocks/dist/style-coblocks-1.css>; rel="canonical"
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.min.css
c0.wp.com/c/6.4.2/wp-includes/css/dist/block-library/ 107 KB
13 KB 19ms
19ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.2/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Sun, 05 Nov 2023 19:40:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H3 200 woocommerce-layout.css
c0.wp.com/p/woocommerce/8.3.1/assets/css/ 17 KB
3 KB 20ms
20ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.3.1/assets/css/woocommerce-layout.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

50bb7c36ecca26ef05a1d308ca06ca7f60740c7e95d20a8971909303f4fa8657

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Aug 2023 21:45:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
H3 200 woocommerce.css
c0.wp.com/p/woocommerce/8.3.1/assets/css/ 73 KB
9 KB 21ms
21ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/8.3.1/assets/css/woocommerce.css

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f7d4c54dc556bce61c6a59150788149f9310dcf3f1deba151612334afd20e726

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Aug 2023 21:45:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Fri, 06 Dec 2024 15:38:41 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Screenshot-2023-11-20-at-11.59.44-AM.png
149352635.v2.pressablecdn.com/wp-content/uploads/2023/11/ 1 MB
1 MB 13ms
13ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149352635.v2.pressablecdn.com/wp-content/uploads/2023/11/Screenshot-2023-11-20-at-11.59.44-AM.png

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

09de594226b72397977af42907bcac46d6248ba806bd88d22bc93733325b1541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Mon, 20 Nov 2023 20:04:13 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/uploads/2023/11/Screenshot-2023-11-20-at-11.59.44-AM.png>; rel="canonical"
content-length: 1539731
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:38:41 GMT

GET
H3 200 SquareBrian.jpg
149352635.v2.pressablecdn.com/wp-content/uploads/2023/12/ 326 KB
327 KB 706ms
705ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149352635.v2.pressablecdn.com/wp-content/uploads/2023/12/SquareBrian.jpg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

006a2b313915b4c2dd538d1316e935ba593bdb7793a21a493b05de60473769c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: MISS ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 06 Dec 2023 00:06:55 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/uploads/2023/12/SquareBrian.jpg>; rel="canonical"
content-length: 334125
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:38:42 GMT

GET
H3 200 Screenshot-2023-12-05-at-11.53.54-AM.png
149352635.v2.pressablecdn.com/wp-content/uploads/2023/12/ 406 KB
407 KB 15ms
14ms Image
image/png 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149352635.v2.pressablecdn.com/wp-content/uploads/2023/12/Screenshot-2023-12-05-at-11.53.54-AM.png

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3f631e6316191fa33655184b7eb8fe3a9941ee26fbbec21b1930349e2a70b9d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Tue, 05 Dec 2023 20:02:58 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/uploads/2023/12/Screenshot-2023-12-05-at-11.53.54-AM.png>; rel="canonical"
content-length: 416006
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:38:41 GMT

GET
H3 200 YVQuote_Aidan-1-scaled.jpg
149352635.v2.pressablecdn.com/wp-content/uploads/2023/11/ 384 KB
384 KB 15ms
15ms Image
image/jpeg 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149352635.v2.pressablecdn.com/wp-content/uploads/2023/11/YVQuote_Aidan-1-scaled.jpg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1d66faeabf6383070334c56c65ef313ab9b34efe18bd37c54696673484fb16c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Thu, 30 Nov 2023 20:48:15 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/uploads/2023/11/YVQuote_Aidan-1-scaled.jpg>; rel="canonical"
content-length: 393004
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:38:41 GMT

GET
H3 200 img-home-page-hero-poster.jpg
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/ 29 KB
30 KB 14ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/img-home-page-hero-poster.jpg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b09bbc10887550bcc13732c26f52ebf50bb347b310978bf08271e13a34c8b3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 30182
x-nc: HIT ams 8
last-modified: Wed, 25 Oct 2023 03:54:07 GMT
server: nginx
etag: "28fcade63d72b3f8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://itgetsbetter.org/wp-content/uploads/2021/05/img-home-page-hero-poster.jpg>; rel="canonical"
expires: Fri, 24 Oct 2025 15:54:07 GMT

GET
H2 200 embedded-giving.js Show response
sdk.classy.org/ 42 KB
11 KB 82ms
54ms Script
text/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.classy.org/embedded-giving.js

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d29c47cfca29cefed6235ec9d67a6f4a1b1d75945d8421c4d83e94a86a5cd12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 284
x-amz-request-id: 7TC35QVQKJZH1QQF
x-amz-server-side-encryption: AES256
x-amz-id-2: X6V33FJaQdH+d/+KYRVxPwXWe2wbfPBu1a+uNEAsNI4S6fXub/hkpEyo2a/qYHDduIrG2NShrGs=
last-modified: Tue, 05 Dec 2023 21:22:21 GMT
cf-bgj: minify
server: cloudflare
etag: W/"93b77ac36462bee368eb72eab07cb607"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60, s-maxage=900, stale-while-revalidate=60
cf-ray: 831ddb6a2c3b3735-FRA

GET
H2 200 w.js Show response
stats.wp.com/ 11 KB
4 KB 13ms
13ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/w.js?ver=202349
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 585d4af3a08847a4604f8796b4841ebf7eaec7211606cc954f88dc9f27c72b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/11154-1698845937340.7637
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 02 Dec 2024 17:16:14 GMT

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 icon-arrow-down-white.svg
149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/assets/dist/images/ 190 B
588 B 22ms
22ms Image
image/svg+xml 192.0.77.39
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/assets/dist/images/icon-arrow-down-white.svg

Requested by

Host: 149352635.v2.pressablecdn.com
URL: https://149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/style.css?ver=2.0.1

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.39 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

498a873a8912a66c10eddf5fb07274c747847eaa3e8e3fb1a14daba3425a980c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/style.css?ver=2.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:41 GMT
x-ac: 2.ams _atomic_ams BYPASS
strict-transport-security: max-age=15552000
last-modified: Wed, 01 Mar 2023 11:30:20 GMT
server: nginx
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <http://itgetsbetter.org/wp-content/themes/itgetsbetter-2017/assets/dist/images/icon-arrow-down-white.svg>; rel="canonical"
content-length: 190
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Dec 2023 15:38:41 GMT

GET
H3 200 American-Eagle_366_white.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 2 KB
2 KB 17ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/American-Eagle_366_white.png?resize=366%2C26&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9cb482e4bbe7ddb2e5c64230d4bf9e90f5b0b41ad1c503a7c888ecff4b72fb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2130
x-nc: HIT ams 8
last-modified: Wed, 06 Dec 2023 10:04:28 GMT
server: nginx
etag: "9a923c4643400942"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/American-Eagle_366_white.png>; rel="canonical"
expires: Fri, 05 Dec 2025 22:04:28 GMT

GET
H3 200 aerie-1.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 7 KB
8 KB 18ms
14ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/aerie-1.png?resize=735%2C466&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

af5147e593f6a8dc6f6329c4fcbe2f8f512662d1afaf26bc2a3422643bb3f71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 7358
x-nc: HIT ams 1
last-modified: Mon, 04 Dec 2023 10:58:51 GMT
server: nginx
etag: "6c6b33796b95fcf1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/aerie-1.png>; rel="canonical"
expires: Wed, 03 Dec 2025 22:58:51 GMT

GET
H3 200 TikTok-White-126_30.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/09/ 1 KB
2 KB 19ms
15ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/09/TikTok-White-126_30.png?resize=126%2C30&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

1eb63ab6ef15987ab229241ca2fd8da090d9a7d1ee5406fe8118d0acaf9fa386

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1290
x-nc: HIT ams 3
last-modified: Wed, 25 Oct 2023 21:37:21 GMT
server: nginx
etag: "09c54d0589a3f7eb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/09/TikTok-White-126_30.png>; rel="canonical"
expires: Sat, 25 Oct 2025 09:37:21 GMT

GET
H3 200 HAF-Logo-Horizontal-2.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 21 KB
21 KB 20ms
16ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/HAF-Logo-Horizontal-2.png?resize=824%2C440&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

4b7b9c0ddaab33312029946c1a9d7a5fa088e1fcf114cf573721519470b7df47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 21434
x-nc: HIT ams 1
last-modified: Wed, 25 Oct 2023 21:37:22 GMT
server: nginx
etag: "dfcebc31a427102e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/HAF-Logo-Horizontal-2.png>; rel="canonical"
expires: Sat, 25 Oct 2025 09:37:22 GMT

GET
H3 200 Bath-Body-Works-Emblem.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 19 KB
19 KB 23ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Bath-Body-Works-Emblem.png?resize=900%2C506&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

78d82b67110e48b2e2c570a0d3fa10db72edc69e1c42ab271a5b0c8d59f3edf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 19386
x-nc: HIT ams 8
last-modified: Sun, 08 Oct 2023 13:46:34 GMT
server: nginx
etag: "e780462d7fd85548"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Bath-Body-Works-Emblem.png>; rel="canonical"
expires: Wed, 08 Oct 2025 01:46:34 GMT

GET
H3 200 pg-1.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 27 KB
27 KB 24ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/pg-1.png?resize=838%2C791&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a6914ac53aa3855febfe548abb43a66d1df9e1272656c8c378074e0680de2398

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 27406
x-nc: HIT ams 8
last-modified: Wed, 25 Oct 2023 21:37:22 GMT
server: nginx
etag: "097d9322bedec357"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/pg-1.png>; rel="canonical"
expires: Sat, 25 Oct 2025 09:37:22 GMT

GET
H3 200 TBF_HorCenter_FullColor.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 19 KB
19 KB 26ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/TBF_HorCenter_FullColor.png?resize=900%2C358&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

42b35aef6cb136d6e11834fb43089610eb13bb7ce0323547d559679615db9c4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 19236
x-nc: HIT ams 4
last-modified: Wed, 25 Oct 2023 21:37:22 GMT
server: nginx
etag: "435c05590eff2662"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/TBF_HorCenter_FullColor.png>; rel="canonical"
expires: Sat, 25 Oct 2025 09:37:22 GMT

GET
H3 200 converse.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 6 KB
6 KB 26ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/converse.png?resize=1074%2C434&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

24c50da5304d6ce8ec81d988c926f3ebd7dc438489952772052a7c152dcf8756

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5832
x-nc: HIT ams 5
last-modified: Sun, 08 Oct 2023 13:46:34 GMT
server: nginx
etag: "8c52232380c70128"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/converse.png>; rel="canonical"
expires: Wed, 08 Oct 2025 01:46:34 GMT

GET
H3 200 ardene-logo-vector.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 3 KB
4 KB 28ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ardene-logo-vector.png?resize=900%2C500&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

5834b33dd181a3cf8d3fd6623b1316bb7a8674ce7327bd5700d2f2d46e01a3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 3362
x-nc: HIT ams 1
last-modified: Wed, 06 Dec 2023 10:04:29 GMT
server: nginx
etag: "baa71e536c673163"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/ardene-logo-vector.png>; rel="canonical"
expires: Fri, 05 Dec 2025 22:04:29 GMT

GET
H3 200 Banter.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 27 KB
27 KB 29ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Banter.png?resize=2382%2C977&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

3ba5387729ccfe1bd125870a2d0d64d7db0b71e7c16403c9700a88b7c5ab344c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 27750
x-nc: HIT ams 3
last-modified: Sun, 15 Oct 2023 10:27:08 GMT
server: nginx
etag: "a1b1ca0984a919c9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Banter.png>; rel="canonical"
expires: Tue, 14 Oct 2025 22:27:08 GMT

GET
H3 200 Bungie-white-01.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/ 83 KB
84 KB 30ms
27ms Image
image/png 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/Bungie-white-01.png?resize=7200%2C2581&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9e9eace97f5f8cf4982c875c3cac72f504b1620e0b86d8bec2bf0cb511e05c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
x-bytes-saved: 88408
alt-svc: h3=":443"; ma=86400
content-length: 85460
x-nc: HIT ams 7
last-modified: Fri, 20 Oct 2023 13:53:05 GMT
server: nginx
etag: "001d45594fd905ee"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/06/Bungie-white-01.png>; rel="canonical"
expires: Mon, 20 Oct 2025 01:53:05 GMT

GET
H3 200 Funko-White-01.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/ 111 KB
111 KB 32ms
28ms Image
image/png 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/Funko-White-01.png?resize=7200%2C3037&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

95e877a86db1f072d5039946c2ff76ea5848d155a6d98df2b34ade6579572e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
x-bytes-saved: 126791
alt-svc: h3=":443"; ma=86400
content-length: 113512
x-nc: HIT ams 5
last-modified: Sun, 15 Oct 2023 10:27:13 GMT
server: nginx
etag: "1eaa80195cc31b69"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/06/Funko-White-01.png>; rel="canonical"
expires: Tue, 14 Oct 2025 22:27:13 GMT

GET
H3 200 Hulu-Green-digital.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 2 KB
2 KB 48ms
45ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Hulu-Green-digital.png?resize=1345%2C541&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

4e13d3bd6eb7dc170086f2a756b912a19b009df9d47aef62d0ed5b60a60a93f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2132
x-nc: HIT ams 8
last-modified: Sun, 15 Oct 2023 10:27:08 GMT
server: nginx
etag: "458138fd0775b72a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Hulu-Green-digital.png>; rel="canonical"
expires: Tue, 14 Oct 2025 22:27:08 GMT

GET
H3 200 Oribe-White-01.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/ 92 KB
92 KB 50ms
46ms Image
image/png 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/Oribe-White-01.png?resize=7200%2C2719&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

f70f8ae9e901910b342fc2ffeb47668d9f504e4e26a68279d02c72c84035bee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
x-bytes-saved: 78633
alt-svc: h3=":443"; ma=86400
content-length: 94192
x-nc: HIT ams 7
last-modified: Wed, 25 Oct 2023 21:37:29 GMT
server: nginx
etag: "ef8c058b16f1213e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/06/Oribe-White-01.png>; rel="canonical"
expires: Sat, 25 Oct 2025 09:37:29 GMT

GET
H3 200 Zenni.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 6 KB
6 KB 49ms
46ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Zenni.png?resize=1200%2C627&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

67f7b9d565e432a272c8a087cef5d5bd71a41c4979b2cba3b1e1b8dbe3566388

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5770
x-nc: HIT ams 1
last-modified: Mon, 04 Dec 2023 10:58:51 GMT
server: nginx
etag: "a7cdcf4539d70e7b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Zenni.png>; rel="canonical"
expires: Wed, 03 Dec 2025 22:58:51 GMT

GET
H3 200 lillypulitzer.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 9 KB
9 KB 56ms
53ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/lillypulitzer.png?resize=658%2C313&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6d3401e57ca271a7ea8fbba27bc7580c9ac443178ee71976ecdd32db9b517b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8910
x-nc: HIT ams 7
last-modified: Wed, 25 Oct 2023 21:37:23 GMT
server: nginx
etag: "d458fb69536ba7d6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/lillypulitzer.png>; rel="canonical"
expires: Sat, 25 Oct 2025 09:37:23 GMT

GET
H3 200 e-l-f.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 5 KB
6 KB 57ms
53ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/e-l-f.png?resize=885%2C609&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8cbb165442212630f1ef3fef9321e086db9d58150abeca635dbe767e1f367bed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 5558
x-nc: HIT ams 3
last-modified: Sun, 08 Oct 2023 13:46:34 GMT
server: nginx
etag: "82263767b3cf0cbc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/e-l-f.png>; rel="canonical"
expires: Wed, 08 Oct 2025 01:46:34 GMT

GET
H3 200 traillerparkgrouop.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 6 KB
7 KB 60ms
57ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/traillerparkgrouop.png?resize=600%2C300&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

4abf322e82c1e642eb0ee166a8dca80581b098c4b6ce21b29610c272e0a20440

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 6494
x-nc: HIT ams 4
last-modified: Wed, 25 Oct 2023 21:37:23 GMT
server: nginx
etag: "1c0ac32ec4353d43"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/traillerparkgrouop.png>; rel="canonical"
expires: Sat, 25 Oct 2025 09:37:23 GMT

GET
H3 200 Disney-Theatrical-Group.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 45 KB
45 KB 62ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Disney-Theatrical-Group.png?resize=1200%2C1244&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

db7fb0d2d815f32f28ec22cb27abc0ed6bda4f64f1f4f975d04f5157df92176f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 45582
x-nc: HIT ams 8
last-modified: Sun, 08 Oct 2023 13:46:34 GMT
server: nginx
etag: "bfb3917aa51a5eb1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Disney-Theatrical-Group.png>; rel="canonical"
expires: Wed, 08 Oct 2025 01:46:34 GMT

GET
H3 200 statefarmcompaniesfoundation.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 8 KB
9 KB 64ms
61ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/statefarmcompaniesfoundation.png?resize=600%2C300&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

c4f3e54234d954492686d0c340031058d44f93a5dc2b75d565a40c08da36ce1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 8580
x-nc: HIT ams 5
last-modified: Wed, 25 Oct 2023 21:37:23 GMT
server: nginx
etag: "93096cb6e217c466"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/statefarmcompaniesfoundation.png>; rel="canonical"
expires: Sat, 25 Oct 2025 09:37:23 GMT

GET
H3 200 ChapStick-Logo.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 14 KB
15 KB 61ms
58ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ChapStick-Logo.png?resize=900%2C563&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9ed9e6f1a0e7db46c951859be33131dee436a1e0405021ddf76a814f23b8a3eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 14728
x-nc: HIT ams 7
last-modified: Fri, 20 Oct 2023 13:53:02 GMT
server: nginx
etag: "6930dc939dfe20b9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/ChapStick-Logo.png>; rel="canonical"
expires: Mon, 20 Oct 2025 01:53:02 GMT

GET
H3 200 Gant-white-01.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/ 30 KB
31 KB 69ms
66ms Image
image/png 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/06/Gant-white-01.png?resize=6101%2C1547&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

15794828b4a570d8200f86adc3c07657f6939022d2120f31ba031de2af5421db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
x-bytes-saved: 43436
alt-svc: h3=":443"; ma=86400
content-length: 30953
x-nc: HIT ams 5
last-modified: Sun, 15 Oct 2023 10:27:11 GMT
server: nginx
etag: "efb0617604411984"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/06/Gant-white-01.png>; rel="canonical"
expires: Tue, 14 Oct 2025 22:27:11 GMT

GET
H3 200 Salt-Lime_Logo_White-350w.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 16 KB
16 KB 64ms
61ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Salt-Lime_Logo_White-350w.png?resize=350%2C154&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8a7e706df924c35378447275d51e61208da84b4280763fed7da27cc70934ffed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 15964
x-nc: HIT ams 4
last-modified: Wed, 25 Oct 2023 21:37:23 GMT
server: nginx
etag: "0f207ba95f7c6168"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Salt-Lime_Logo_White-350w.png>; rel="canonical"
expires: Sat, 25 Oct 2025 09:37:23 GMT

GET
H3 200 Redken-2021-Logo-WH.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/10/ 24 KB
24 KB 66ms
63ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/10/Redken-2021-Logo-WH.png?resize=3807%2C1009&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

79ea29e7ff6a116e3c2d983d73f94e30798465011dcf5a2bb2814303374a98ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 24112
x-nc: HIT ams 2
last-modified: Sun, 15 Oct 2023 10:27:08 GMT
server: nginx
etag: "80519e41471c14be"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/10/Redken-2021-Logo-WH.png>; rel="canonical"
expires: Tue, 14 Oct 2025 22:27:08 GMT

GET
H3 200 Stuart-Weitzman-Logo.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 5 KB
5 KB 67ms
65ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Stuart-Weitzman-Logo.png?resize=768%2C432&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

dce7ee62a2ea6b9e01fbcb1f19f85cab2135c849a5486a9d3dfcf972b00b9608

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4864
x-nc: HIT ams 3
last-modified: Wed, 06 Dec 2023 10:04:29 GMT
server: nginx
etag: "4d142bde6d6a5a7f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Stuart-Weitzman-Logo.png>; rel="canonical"
expires: Fri, 05 Dec 2025 22:04:29 GMT

GET
H3 200 The-Rona-Jaffe-Foundation-White.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 3 KB
3 KB 68ms
66ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/The-Rona-Jaffe-Foundation-White.png?resize=80%2C84&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

1e7a05373bc70f979b6088dd3276576750a581d5781be7f31a3ab5f4996c8337

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2724
x-nc: HIT ams 6
last-modified: Wed, 06 Dec 2023 10:04:29 GMT
server: nginx
etag: "2ff0642c0123b381"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/The-Rona-Jaffe-Foundation-White.png>; rel="canonical"
expires: Fri, 05 Dec 2025 22:04:29 GMT

GET
H3 200 Zumba-Fitness.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/ 24 KB
24 KB 71ms
68ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2022/09/Zumba-Fitness.png?resize=768%2C461&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

15b357c8dfc2123fbf442f29510439ebce7bea5a0dc07c9070b52b876308717d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 24392
x-nc: HIT ams 6
last-modified: Sun, 08 Oct 2023 13:46:34 GMT
server: nginx
etag: "e4848d2b178ad64d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2022/09/Zumba-Fitness.png>; rel="canonical"
expires: Wed, 08 Oct 2025 01:46:34 GMT

GET
H3 200 automattic-white.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 1 KB
1 KB 72ms
69ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/automattic-white.png?resize=150%2C12&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8647f9026e0186ab195a4083d72ea20202f521addd8cc5e92a6bd63ef5a6ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1044
x-nc: HIT ams 8
last-modified: Sun, 15 Oct 2023 10:27:08 GMT
server: nginx
etag: "70bec4a1c7307025"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/automattic-white.png>; rel="canonical"
expires: Tue, 14 Oct 2025 22:27:08 GMT

GET
H3 200 google.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 2 KB
3 KB 72ms
70ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/google.png?resize=150%2C47&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9d3088f0e066ab2912fe6d564317ca73543f2262d5ae4a109e89e4720db94715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2324
x-nc: HIT ams 4
last-modified: Mon, 20 Nov 2023 09:48:08 GMT
server: nginx
etag: "98aeb7891f84bac7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/google.png>; rel="canonical"
expires: Wed, 19 Nov 2025 21:48:08 GMT

GET
H3 200 team-one.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/ 2 KB
2 KB 73ms
71ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/02/team-one.png?resize=150%2C35&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

56f2e68e3eeb4dea9fdf0f3b46b778785fab56fb7844c0c1a626c14299804386

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 1672
x-nc: HIT ams 4
last-modified: Mon, 20 Nov 2023 09:48:08 GMT
server: nginx
etag: "5a4b261edf6fe684"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/02/team-one.png>; rel="canonical"
expires: Wed, 19 Nov 2025 21:48:08 GMT

GET
H3 200 Full-Color-Stacked-IGBP-RGB.png
i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/10/ 10 KB
11 KB 74ms
71ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/10/Full-Color-Stacked-IGBP-RGB.png?resize=300%2C182&ssl=1

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

845c5e6839712db80395f4b9d6e7d1298fba2d769c1cd20a5e1c89b489dcc754

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 10644
x-nc: HIT ams 7
last-modified: Fri, 27 Oct 2023 13:51:14 GMT
server: nginx
etag: "e891bed820f4b31f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://itgetsbetter.org/wp-content/uploads/2021/10/Full-Color-Stacked-IGBP-RGB.png>; rel="canonical"
expires: Mon, 27 Oct 2025 01:51:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
553 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&ver=1.0.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 14:11:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 15:38:41 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 59ms
9ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Y69L8SW4D9&gtm=45Pe3bt0v9104262636&_p=1701963520956&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=1231555188.1701963522&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701963521&sct=1&seg=0&dl=https%3A%2F%2Fitgetsbetter.org%2F&dt=It%20Gets%20Better%20%E2%80%93%20The%20It%20Gets%20Better%20Project%20exists%20to%20uplift%2C%20empower%2C%20and%20connect%20LGBTQ%2B%20youth%20around%20the%20globe.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=931
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-MBL48JF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:38:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://itgetsbetter.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 716750585601397 Show response
connect.facebook.net/signals/config/ 140 KB
37 KB 65ms
64ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/716750585601397?v=2.9.138&r=stable&domain=itgetsbetter.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5015b2e49faca5b3b14c98d2a3745aa664eca6b7d79822ffb3d21cbb92381538

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Dec 2023 15:38:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: cHZtJIYjbI9PQrFxZ1Uf0XarM/I9Jd1q+bH4fdF+7YATc7AYEP5y2QvrkSk7GjwUxnj7PiBCJA6+IHdA44ocpg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 240 B
255 B 21ms
19ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Baskerville%3A400i&text=1234567890%2C&ver=1.0.0

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0faac6667b9444d10e4d1d4b3551491e48687f885f612b88379c1c2f8e4f3447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:38:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 15:38:41 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/31e0b6d9/ Frame F39F 378 KB
48 KB 18ms
5ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48920
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 15:24:40 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/ Frame F39F 52 KB
16 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f21a803f0b7f63109cd608bfbe9769a3dc2e2a17c8e885826529d3981d15d313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 14:31:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16506
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 14:31:07 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/ Frame F39F 321 KB
96 KB 22ms
9ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 14:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98499
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 14:50:05 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/ Frame F39F 2 MB
766 KB 24ms
11ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc70bebc8a0e4ae5b13a5f8409693a3e88aa4b4415a75f632f11d0f0c423457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 13:09:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 784263
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 13:09:49 GMT

GET
H2 200 hotjar-2965374.js Show response
static.hotjar.com/c/ 10 KB
5 KB 199ms
53ms Script
application/javascript 108.156.60.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2965374.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5QWJNP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.60.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-60-58.ams1.r.cloudfront.net

Software

Resource Hash

52e7f4e3a17126da79220e405c9530796e8be381f1ccf692d40040a7cd0638d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:41 GMT
via: 1.1 acc5f68eb88a8e6d59815a0246ec23f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
etag: W/c5a98f1c3848dc2df97003d7d5020253
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: qwx-_WkKKnwEEY2ZkELjxXUKsxpUrWK-0RKg957_mwwaScASRfMlOQ==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 10ms
9ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5QWJNP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230044-FRA

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 24ms
24ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N5QWJNP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6930acce90c269cfadee0a68bb292bc4c52a9c0fe4b63bee4fe72b15fc52cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17590
x-amz-cf-id: EUft3BnBCBYl4f7H2hDHz4j6TIQCx92u1sTBrZodt73gVsEWZTP6Dw==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 278ms
278ms Script
application/javascript 2.17.147.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=BUVFAJTD82FVM3BDSISG&lib=ttq
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.138 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 15bbd333ee2e5c38f955a867a2097169e48152a2a336af7203f4f88bc002d348

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 1a0d1b13.481bfe50
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231207153841CB53DDC5E6CF508BF3B9-325088DF8FA695E6-00
x-cache: TCP_MISS from a2-17-147-134.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 104,2.17.147.134
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=6, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20231207153841CB53DDC5E6CF508BF3B9
x-cache-remote: TCP_MISS from a184-28-17-143.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,184.28.17.143
x-tt-trace-host: 01b7eae1c1537faf133345ddbc40d3932a41f494d2eb2713cb91190d0e8cd34ded6b4b7d072ae00aa630cc1e34e7441c91229e786201dd8f9800c12002ea23a25900611faad53e413cbbb91d1111f8c16710a3c35b8fa0bc0da9afccdac2231278f772f7cec98e63c23d7f3ad815df2ddb
expires: Thu, 07 Dec 2023 15:38:42 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 18 KB
7 KB 235ms
98ms Script
text/javascript 35.156.2.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.156.2.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-2-40.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 07e0c303e819263d40643137625f64cd6697153539d57329683a7fca47edcc17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 15:38:41 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 /
www.google.com/pagead/1p-user-list/696171030/ 42 B
455 B 145ms
17ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/696171030/?random=1701963521012&cv=11&fst=1701961200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fitgetsbetter.org%2F&frm=0&tiba=It%20Gets%20Better%20%E2%80%93%20The%20It%20Gets%20Better%20Project%20exists%20to%20uplift%2C%20empower%2C%20and%20connect%20LGBTQ%2B%20youth%20around%20the%20globe.&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN_3oRjpDozD8thh09dhXti0KabvvB_Q&random=593262544&rmt_tld=0&ipr=y

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:38:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/696171030/ 42 B
455 B 148ms
21ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/696171030/?random=1701963521012&cv=11&fst=1701961200000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fitgetsbetter.org%2F&frm=0&tiba=It%20Gets%20Better%20%E2%80%93%20The%20It%20Gets%20Better%20Project%20exists%20to%20uplift%2C%20empower%2C%20and%20connect%20LGBTQ%2B%20youth%20around%20the%20globe.&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN_3oRjpDozD8thh09dhXti0KabvvB_Q&random=593262544&rmt_tld=1&ipr=y

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:38:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F39F 15 KB
15 KB 129ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 576705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F39F 15 KB
16 KB 127ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 67034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:01:27 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 132ms
15ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:33:17 GMT
x-content-type-options: nosniff
age: 504324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 19:33:17 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 130ms
13ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 07:55:06 GMT
x-content-type-options: nosniff
age: 200615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 07:55:06 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 13ms
13ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.16242186005808024
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 15:38:41 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 / Show response
give.itgetsbetter.org/give/533919/ Frame 0024 98 KB
30 KB 950ms
887ms Document
text/html 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/give/533919/

Requested by

Host: sdk.classy.org
URL: https://sdk.classy.org/embedded-giving.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f324bb9f291d65c0864e28df2f87444f27e995e75eb4d91dc4b0ba3182c82463

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://itgetsbetter.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 831ddb6c3ffe4d59-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://itgetsbetter.org;
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 15:38:42 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adsct
t.co/i/ 43 B
377 B 166ms
121ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=5&eci=2&event_id=fe1d2a2e-a5a4-4314-8dc6-f399885fa353&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e40d0910-5ae5-4d52-9d1a-9e65a083f70a&tw_document_href=https%3A%2F%2Fitgetsbetter.org%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4zya&type=javascript&version=2.3.29

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 07 Dec 2023 15:38:41 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 7514baccf5557d47
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f5c4b67aa09df411b87ba86a83379d872e3fe55bb28038fb9e1efc63e5814e9f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
216 B 257ms
213ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=5&eci=2&event_id=fe1d2a2e-a5a4-4314-8dc6-f399885fa353&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e40d0910-5ae5-4d52-9d1a-9e65a083f70a&tw_document_href=https%3A%2F%2Fitgetsbetter.org%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4zya&type=javascript&version=2.3.29

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time: 194
date: Thu, 07 Dec 2023 15:38:41 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 572d4772824c5140
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 68b42d87496bc2565be92578db0ffc6e39260a96357a2d5957e997fc993c2740
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
199 B 167ms
123ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=53547b27-4209-410b-a281-e6a801eeb9db&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e40d0910-5ae5-4d52-9d1a-9e65a083f70a&tw_document_href=https%3A%2F%2Fitgetsbetter.org%2F&tw_iframe_status=0&txn_id=o4zya&type=javascript&version=2.3.29

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 07 Dec 2023 15:38:41 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 78d64a39dbb5e1f3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f5c4b67aa09df411b87ba86a83379d872e3fe55bb28038fb9e1efc63e5814e9f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 170ms
126ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=5&eci=3&event=%7B%7D&event_id=53547b27-4209-410b-a281-e6a801eeb9db&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e40d0910-5ae5-4d52-9d1a-9e65a083f70a&tw_document_href=https%3A%2F%2Fitgetsbetter.org%2F&tw_iframe_status=0&txn_id=o4zya&type=javascript&version=2.3.29

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time: 105
date: Thu, 07 Dec 2023 15:38:41 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 5ba195d5e849873f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 68b42d87496bc2565be92578db0ffc6e39260a96357a2d5957e997fc993c2740
content-length: 43

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 13ms
13ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=136282148&post=11&tz=-8&srv=itgetsbetter.org&hp=atomic&ac=3&amp=0&j=1%3A12.9-beta&host=itgetsbetter.org&ref=&rand=0.5864935177085189
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 15:38:41 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H/1.1 200
OK track.js Show response
secure.gaug.es/ 4 KB
4 KB 414ms
94ms Script
application/javascript 54.147.159.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gaug.es/track.js
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.159.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-159-60.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 15:38:42 GMT
Last-Modified: Tue, 10 Oct 2023 07:12:49 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6524f971-ef5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3829

GET
H3 200 1725067124456859 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 85ms
84ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1725067124456859?v=2.9.138&r=stable&domain=itgetsbetter.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73281b24dd9dd9527401232b1e1a979fa3918e5e2d1611eca4991ad9bd989cdf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Dec 2023 15:38:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8Jb7HwZrmpy/LN72shaSMQdZo2vlAtoqpd19QsTCbGvHkwfEFCqH6Z3TjqKPSA2GIE6e4nVNH0Vk5qGrQBYfTA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 31ms
6ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=716750585601397&ev=PageView&dl=https%3A%2F%2Fitgetsbetter.org%2F&rl=&if=false&ts=1701963521865&cd[source]=woocommerce&cd[version]=8.3.1&cd[pluginVersion]=3.1.5&sw=1600&sh=1200&v=2.9.138&r=stable&a=woocommerce-8.3.1-3.1.5&ec=0&o=4126&fbp=fb.1.1701963521864.937799120&cs_est=true&ler=empty&it=1701963521690&coo=false&rqm=GET

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Dec 2023 15:38:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 200 itgetsbetter
www.juicer.io/api/feeds/ Frame 0
0 408ms
375ms Preflight 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.juicer.io/api/feeds/itgetsbetter?per=8&page=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-juicer-referrer
Access-Control-Request-Method: GET
Origin: https://itgetsbetter.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: x-juicer-referrer
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 831ddb6bfd632baf-FRA
content-length: 0
date: Thu, 07 Dec 2023 15:38:42 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701963522&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Y5WcFCdVnNhYSAGyBZ4l1JGgA6Dgey08z1qqnMLD5fQ%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701963522&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Y5WcFCdVnNhYSAGyBZ4l1JGgA6Dgey08z1qqnMLD5fQ%3D
server: cloudflare
via: 1.1 vegur

GET
H2 200 wp-emoji-release.min.js Show response
itgetsbetter.org/wp-includes/js/ 18 KB
5 KB 115ms
115ms Script
application/javascript 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: nginx
x-ac: 1.ams _atomic_ams BYPASS
etag: W/"63db0985-4904"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 itgetsbetter Show response
www.juicer.io/api/feeds/ 19 KB
5 KB 129ms
128ms XHR
application/json 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.juicer.io/api/feeds/itgetsbetter?per=8&page=1

Requested by

Host: assets.juicer.io
URL: https://assets.juicer.io/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c460e6629af9a07c3df00d23ec7dba444f1b4506041488b939ff409683d08bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Juicer-Referrer: https://itgetsbetter.org/

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701702632&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=nKEEJTcQoallsqQx%2FRakGf2D%2FUwhmQoXwZ6ebKGDh2M%3D
x-request-id: 80c460a9-d76d-44cd-ae18-e7c8d04bbe45
x-runtime: 0.035289
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 15:00:49 GMT
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701702632&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=nKEEJTcQoallsqQx%2FRakGf2D%2FUwhmQoXwZ6ebKGDh2M%3D"}]}
access-control-expose-headers
x-frame-options: SAMEORIGIN
cache-control: max-age=300, public, stale-while-revalidate=30, stale-if-error=86400
vary: Accept-Encoding, Origin
cf-ray: 831ddb6e58422baf-FRA

GET
H3 200 player_api Show response
www.youtube.com/ 993 B
519 B 30ms
29ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/mediaelement-and-player.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a63f486f5b05184dc0708669c9c1823de00295dd74b090557b77268118ecc0dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 07 Dec 2023 15:38:41 GMT

GET
H2 200 jp-search.defaultVendors.js Show response
itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 74 KB
24 KB 119ms
119ms Script
application/javascript 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.defaultVendors.js?minify=false&ver=bacda5cac07fa74fbb11

Requested by

Host: 149352635.v2.pressablecdn.com
URL: https://149352635.v2.pressablecdn.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.js?minify=false&ver=156632ec530008abc8ff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d715d803774712817e0843a429bdee439b10a425f9426b02743691fd225da8ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 14 Nov 2023 17:55:08 GMT
server: nginx
x-ac: 1.ams _atomic_ams BYPASS
etag: W/"6553b47c-1268a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jp-search.chunk-main-payload.css
itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 36 KB
5 KB 113ms
112ms Stylesheet
text/css 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.css?minify=false&ver=41670287183d4ae26824

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b400236e532466354be554a16cddd1ab9231066ac4730382df1dbbd08a395e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 04 Dec 2023 06:52:30 GMT
server: nginx
x-ac: 1.ams _atomic_ams BYPASS
etag: W/"656d772e-8fb9"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jp-search.chunk-main-payload.js Show response
itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/ 74 KB
20 KB 119ms
119ms Script
application/javascript 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/build/instant-search/jp-search.chunk-main-payload.js?minify=false&ver=3cd7808e83e2f837f713

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e7cc3ea52e6a5e1ea3e0938fb9df73529604f82147154f3f4d69e6b580bbac02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 14 Nov 2023 17:55:08 GMT
server: nginx
x-ac: 1.ams _atomic_ams BYPASS
etag: W/"6553b47c-127ac"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 caret-left.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 507 B
446 B 23ms
17ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/caret-left.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cece2ee9c97d9ef7bce2fb6aff036dee86bcdbd437b8869a278136ed87f4c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:36 GMT
server: cloudflare
age: 560763
etag: W/"6568c5cc-1fb"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb633764-FRA

GET
H2 200 salad.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 980 B
669 B 43ms
38ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/salad.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3570bfba53e8d72faa85cc930f04176d45ea79d7b36d8130623d5afd30c27075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:37 GMT
server: cloudflare
age: 560763
etag: W/"6568c609-3d4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb643764-FRA

GET
H2 200 atom-simple.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
843 B 31ms
26ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/atom-simple.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2f94f7fbc53e6454a3781287a15449eaa44e64a98a238a9be67410bc2c3afc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:26 GMT
server: cloudflare
age: 560763
etag: W/"6568c5c2-5c6"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb653764-FRA

GET
H2 200 graduation-cap.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
790 B 24ms
19ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/graduation-cap.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd285e85a0833012cd1a4904d7736227f2f26884e84c653718678178c8f7a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:01 GMT
server: cloudflare
age: 560763
etag: W/"6568c5e5-4c1"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb6a3764-FRA

GET
H2 200 books.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
689 B 28ms
23ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/books.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708518c451d33d2ce773ac15b38bd20f1c14a426311d8e3b2aec07df38697c43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:30 GMT
server: cloudflare
age: 560763
etag: W/"6568c5c6-446"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb6b3764-FRA

GET
H2 200 person-sign.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
695 B 25ms
20ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/person-sign.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8646d8ecf9f4c7fe7cd30e29db092aa9cf2781a5c4eea7a4f10f41024176a62c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:26 GMT
server: cloudflare
age: 560763
etag: W/"6568c5fe-44f"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb6c3764-FRA

GET
H2 200 whistle.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
717 B 26ms
22ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/whistle.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22808b48a5290f2910aaa66a123440621dc67427728ab22518c8e136c3d7be85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:29:35 GMT
server: cloudflare
age: 560763
etag: W/"6568c67f-432"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb6d3764-FRA

GET
H2 200 typewriter.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
711 B 29ms
25ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/typewriter.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18be65efe73612e4b002392884e349dbc3e859171a631163a9d8edb4bbaf8940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:56 GMT
server: cloudflare
age: 560763
etag: W/"6568c61c-5eb"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb6e3764-FRA

GET
H2 200 screencast.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 794 B
555 B 26ms
23ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/screencast.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81cecb4a4686b35edc2526e508c1093fa70f1deaafba8c4cef80183759382c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:38 GMT
server: cloudflare
age: 546773
etag: W/"6568c60a-31a"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb713764-FRA

GET
H2 200 tiktok.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/ 467 B
411 B 28ms
24ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/tiktok.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e84d0a90357d43c325884bb41a24006bcaa24cc59f2c353986f2655eb57a90a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:07 GMT
server: cloudflare
age: 560763
etag: W/"6568c5af-1d3"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb733764-FRA

GET
H2 200 twitch.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/ 448 B
422 B 34ms
30ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/twitch.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d65bf866f07b819753c80bca98f75898097a4b3c73074d35f45d440facd01bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:08 GMT
server: cloudflare
age: 560763
etag: W/"6568c5b0-1c0"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb753764-FRA

GET
H2 200 school.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
584 B 33ms
30ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/school.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8037fcd91179ff85b140b52acbde121679d944561b7a252ab8e1d6978d826ea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:38 GMT
server: cloudflare
age: 560763
etag: W/"6568c60a-5dc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb763764-FRA

GET
H2 200 rainbow.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 884 B
546 B 30ms
27ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/rainbow.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 502f615b389454e5ff7fb988c5214bd0aee8f2668d4cd5dc18721f9d9824df11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:34 GMT
server: cloudflare
age: 453642
etag: W/"6568c606-374"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb783764-FRA

GET
H2 200 head-side-brain.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 2 KB
875 B 29ms
26ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/head-side-brain.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6192fd402ade2719852ec40ba5c5f6665f74d30af826d898df44c617bc0a294e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:05 GMT
server: cloudflare
age: 560763
etag: W/"6568c5e9-624"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb793764-FRA

GET
H2 200 hand-heart.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
615 B 31ms
28ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/hand-heart.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2482c85f93f2c17c36be2b6feffe460436bfa18ec62fe4efcfabeaad5cdf471d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:04 GMT
server: cloudflare
age: 560763
etag: W/"6568c5e8-4d0"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb7b3764-FRA

GET
H2 200 megaphone.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 742 B
563 B 37ms
34ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/megaphone.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f00e02f500d94f76252907440c93fd2ac4d413477081e985c3e42ff8e730ed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:16 GMT
server: cloudflare
age: 560763
etag: W/"6568c5f4-2e6"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb7c3764-FRA

GET
H2 200 globe.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 2 KB
1001 B 36ms
33ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/globe.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647f0eb8e046a6dfc7f3aaf8b4c5e37de3c3eacb63288cd1e2454bde4b805322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:01 GMT
server: cloudflare
age: 560763
etag: W/"6568c5e5-932"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb7d3764-FRA

GET
H2 200 map.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 560 B
471 B 31ms
29ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/map.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b54f318ed5b86ee239a5b26539e7587d672975595e19de46b23384087e4b086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:15 GMT
server: cloudflare
age: 560763
etag: W/"6568c5f3-230"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb7f3764-FRA

GET
H2 200 book-atlas.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
766 B 30ms
28ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/book-atlas.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bf7cc58e7432bb37298ef81b2e57f478c523575fce8d938652f92aa767254b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:29 GMT
server: cloudflare
age: 560763
etag: W/"6568c5c5-4f2"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb803764-FRA

GET
H2 200 people-group.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
790 B 35ms
33ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/people-group.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d70003b221c72dd2af79fbfd27ad44b934900286b204e62f25b069eda84571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:24 GMT
server: cloudflare
age: 560763
etag: W/"6568c5fc-506"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb813764-FRA

GET
H2 200 coins.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
856 B 34ms
32ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/coins.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da07fd308f8d7753e8c5218ab4757e53258b5721db310acc1c4ebd15f4711b86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:44 GMT
server: cloudflare
age: 560763
etag: W/"6568c5d4-5a7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb823764-FRA

GET
H2 200 language.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/ 1 KB
785 B 32ms
31ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/duotone/language.svg?token=dc8c838d72
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54e4e9cd3900a289833fc9ba3079698ba58e18de3ddc819d367fe9618cb13900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:27:12 GMT
server: cloudflare
age: 560763
etag: W/"6568c5f0-588"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831ddb6bfb833764-FRA

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 88 KB
31 KB 67ms
26ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: 149352635.v2.pressablecdn.com
URL: https://149352635.v2.pressablecdn.com/wp-content/themes/itgetsbetter-2017/assets/dist/js/index.js?ver=2.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8aded8a01136fb1f450e122d96b2a6f5a03f81c1b9ecf6f357643f35066b77f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 15:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 189ms
188ms Script
application/javascript 2.17.147.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BUVFAJTD82FVM3BDSISG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.138 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 481bfeda
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023110907313270C13FB8D55BB8DFC767
vary: Accept-Encoding
x-cache: TCP_HIT from a2-17-147-134.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01a83725f1e840fd736b8d677242d36f0c99f56ea5f8b5ee0598474f188009bd65556a591992e7ef88e90f807f89f37e0dae799a2e5bd86015947a31cfcd634dc320d406a1e17b8a12379ad05c91e08bd2230c3149f486284a90d68eb7766adf51
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 108215

GET
H3

200

watch
www.youtube.com/
Redirect Chain

https://youtu.be/FkYumU0Z3bk?_=1
https://www.youtube.com/watch?_=1&v=FkYumU0Z3bk&feature=youtu.be

0
0

55ms
54ms

Media
text/html

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youtube.com/watch?_=1&v=FkYumU0Z3bk&feature=youtu.be
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H3
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date: Thu, 07 Dec 2023 15:38:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin-allow-popups; report-to="SHORT_URL"
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/binary
location: https://www.youtube.com/watch?_=1&v=FkYumU0Z3bk&feature=youtu.be
report-to: {"group":"SHORT_URL","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SHORT_URL"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F39F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

18ms
18ms

XHR
application/json

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4d3f717b379171d0f314d9d9fb9524338b77205ab58a2c87fbd1634901ff729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Dec 2023 15:38:42 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F39F 29 B
495 B 27ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:26:18 GMT
x-content-type-options: nosniff
age: 744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 15:41:18 GMT

GET
H2 206 IGB_Video_Faces_compressed.mp4
itgetsbetter.org/wp-content/uploads/2021/05/ 672 KB
0 270ms
269ms Media
video/mp4 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/uploads/2021/05/IGB_Video_Faces_compressed.mp4

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itgetsbetter.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
strict-transport-security: max-age=31536000
x-ac: 1.ams _atomic_ams BYPASS
last-modified: Fri, 21 May 2021 15:57:57 GMT
server: nginx
etag: "60a7d885-66a3a1"
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-6726560/6726561
Content-Length: 6726561

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 37ms
14ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 15:38:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F39F 86 KB
40 KB 23ms
22ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28154044fce2b432bd4e48733bbfaeefef87b58c57d9af3c34db2c75a5121758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40546
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/ Frame F39F 116 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

869da04350e0925de923dd2c39c41d18ba0625e3541bd5059ed5a611550552b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 07:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33484
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 07:18:34 GMT

GET
H2 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame F39F 50 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 15:29:01 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/bwkUX98fktI/ Frame F39F 52 KB
53 KB 37ms
16ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/bwkUX98fktI/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6e45edbffa2dc7f2134e257a1fc88cb79790a78672e220695b6975c5f2b1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53703
x-xss-protection: 0
server: sffe
etag: "1700661260"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Dec 2023 17:38:42 GMT

GET
DATA 200
OK truncated
/ Frame F39F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 q0UjM00bG58UIHhs7oUaOU6GdlCIFmHxap8aGI_2tnDkNNcvmWHjPGxVmxKAxPOxLJGx9UR4=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame F39F 3 KB
3 KB 30ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/q0UjM00bG58UIHhs7oUaOU6GdlCIFmHxap8aGI_2tnDkNNcvmWHjPGxVmxKAxPOxLJGx9UR4=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c9a9b73b35b559533ae8c80db712ac4b69268fea5aece862b51969b65f316630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 14:52:39 GMT
x-content-type-options: nosniff
age: 2763
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2882
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 08 Dec 2023 14:52:39 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/ 215 KB
67 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f7d6f6139d786232c30733c242672145a2ed59e41423520f4dc4dc611e2bd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:29:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68329
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 15:29:38 GMT

GET
H2 200 modules.8ee14814f88014d1770d.js Show response
script.hotjar.com/ 218 KB
55 KB 32ms
7ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8ee14814f88014d1770d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2965374.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

e106472972bdecc9a2188aa416f8d2caa42243cdd34d3c273aab333cac424dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 15:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 88656
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55396
last-modified: Wed, 06 Dec 2023 15:00:38 GMT
etag: "33f7598beee5c2090a530d7a01aa16ce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: STcb-CfV2G2atmkaUQS-x8zdsrEWTYjV6fRpYY9K9C7iNS6WGRWgCQ==

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 95ms
95ms Stylesheet
text/css 35.156.2.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.156.2.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-2-40.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 12df62abb4eaabcff5e145f2948246a31727571f7f34161f22937f5bb2bc54a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 15:38:42 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 111ms
96ms Fetch
image/jpeg 35.156.2.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.156.2.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-2-40.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 15:38:42 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/ 22 KB
5 KB 29ms
6ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.RetS0UYVF9U.O/am=AAM/d=1/rs=AN8SPfpQYLrJxLA8Evaz5V0wt6dn4DngIw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 18:19:36 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.RetS0UYVF9U.O/d=1/exm=el_conf/ed=1/rs=AN8SPfr7lb_PXZnLNkTgvVwyoxNvsn0INQ/ 228 KB
81 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.RetS0UYVF9U.O/d=1/exm=el_conf/ed=1/rs=AN8SPfr7lb_PXZnLNkTgvVwyoxNvsn0INQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.RetS0UYVF9U.O/am=AAM/d=1/rs=AN8SPfpQYLrJxLA8Evaz5V0wt6dn4DngIw/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cb3f0ad4f6b1cc587a2e0d16f7c71a298a67fd445dd9ed2ca370cb831ecc02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81976
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 00:18:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 18:22:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1725067124456859&ev=PageView&dl=https%3A%2F%2Fitgetsbetter.org%2F&rl=&if=false&ts=1701963522111&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1701963521864.937799120&cs_est=true&ler=empty&it=1701963521690&coo=false&rqm=GET

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Dec 2023 15:38:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 50f8e197-c76c-447a-9833-230403118d24.js Show response
tr.snapchat.com/config/org/ 167 B
225 B 41ms
22ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/org/50f8e197-c76c-447a-9833-230403118d24.js?v=3.7.1-2312060028

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

88345ef4c9ab548cef58fd9fa0fdfa1c958d564150ff1e51845b363a97695658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://itgetsbetter.org/
Origin: https://itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://itgetsbetter.org
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame D646 0
201 B 35ms
18ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=50f8e197-c76c-447a-9833-230403118d24&u_scsid=3200f2af-935c-4ba9-8eb5-8a8c6cc18b89&u_sclid=2ea20167-363a-4bef-8351-a05a7a5f7f33

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 15:38:42 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 d4566af6-6002-4a1a-b903-6200b4a730fc.js Show response
tr.snapchat.com/config/org/ 178 B
446 B 37ms
21ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/org/d4566af6-6002-4a1a-b903-6200b4a730fc.js?v=3.7.1-2312060028

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

4f2b26bc2e8861fa47f1a1ac9534031cfaa88bba55a132a6295f0edf7c9a2d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://itgetsbetter.org/
Origin: https://itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://itgetsbetter.org
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame FC4E 0
43 B 34ms
20ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=d4566af6-6002-4a1a-b903-6200b4a730fc&u_scsid=3200f2af-935c-4ba9-8eb5-8a8c6cc18b89&u_sclid=2ea20167-363a-4bef-8351-a05a7a5f7f33

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 15:38:42 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ 68 B
267 B 31ms
20ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=50f8e197-c76c-447a-9833-230403118d24&ev=PAGE_VIEW&u_c1=4ce61f72-b7d5-4306-a4b0-0674f2ab3d57&u_sclid=2ea20167-363a-4bef-8351-a05a7a5f7f33&u_scsid=3200f2af-935c-4ba9-8eb5-8a8c6cc18b89&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=1179&m_fcps=908&m_pi=1130&m_pl=0&m_pv=2&m_rd=1376&m_sh=1200&m_sl=324&m_sw=1600&pl=https%3A%2F%2Fitgetsbetter.org%2F&trackId=bf4df057-0296-4f89-9c33-88527540fd37&ts=1701963522115&v=3.7.1-2312060028

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 p
tr.snapchat.com/ 68 B
299 B 29ms
19ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=d4566af6-6002-4a1a-b903-6200b4a730fc&ev=PAGE_VIEW&intg=gtm&pids=d4566af6-6002-4a1a-b903-6200b4a730fc&u_c1=4ce61f72-b7d5-4306-a4b0-0674f2ab3d57&u_sclid=2ea20167-363a-4bef-8351-a05a7a5f7f33&u_scsid=3200f2af-935c-4ba9-8eb5-8a8c6cc18b89&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=1179&m_fcps=908&m_pi=1130&m_pl=0&m_pv=2&m_rd=1379&m_sh=1200&m_sl=324&m_sw=1600&pl=https%3A%2F%2Fitgetsbetter.org%2F&trackId=4e675ec9-dd14-4a4b-be72-dad4dba49f42&ts=1701963522117&v=3.7.1-2312060028

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F39F 90 B
134 B 18ms
18ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

908f9780131fb8987762486bb25342423e260e04c9aa8936ff7756b63c687116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 15:38:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 FkYumU0Z3bk Show response
www.youtube.com/embed/ Frame D3C3 93 KB
40 KB 85ms
85ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d753935de21e4b6977627956e8d6558a74c44734e8ade443da474b88200bd0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 15:38:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F39F 4 KB
2 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 15:38:42 GMT

GET
H2 200 preact-incoming-feedback.c20c19b1cc6c85b5d8d1.js Show response
script.hotjar.com/ 190 KB
42 KB 15ms
15ms Script
application/javascript 13.32.27.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/preact-incoming-feedback.c20c19b1cc6c85b5d8d1.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8ee14814f88014d1770d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-19.fra56.r.cloudfront.net

Software

Resource Hash

68947e9ddb590b11f6c1250e1080ff031fb91fddae5b9d41eb307a20ae306e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:27:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 1293095
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 42783
last-modified: Wed, 22 Nov 2023 16:26:24 GMT
etag: "238d00d7f9c895e9f37ab6355e0076c2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: GOg3wXh-DmNefq4yzB-jHO9RfMn1UBvgLY658xe-tBiIgZOfaIRJgA==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 197ms
64ms XHR
application/json 46.51.146.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8ee14814f88014d1770d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 46.51.146.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-146-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 36880bdc7af14a98862c6d0ec5d78a825d187da6ed675c5bc0152418a3720523

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Dec 2023 15:38:42 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H3 204 generate_204
www.youtube.com/ Frame F39F 0
10 B 8ms
6ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?j-xiHw
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 p
tr6.snapchat.com/ 0
42 B 20ms
18ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/31e0b6d9/ Frame D3C3 378 KB
48 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 842
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48920
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 15:24:40 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame D3C3 52 KB
16 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/embed.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45ea1febaa3bfa8f5c4711c1ed96c1971654f98d5bcc5cf69d90a555f79a0c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 245768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16591
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 03 Dec 2024 19:22:34 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/ Frame D3C3 321 KB
96 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 14:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98499
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 14:50:05 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame D3C3 2 MB
767 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6329a84811954311b5424bbab6ac2dcc70441841a9b1fd441e3315cf540a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 785355
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 19:32:51 GMT

OPTIONS
H2 200 page_views
www.juicer.io/api/ Frame 0
0 110ms
109ms Preflight 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.juicer.io/api/page_views
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://itgetsbetter.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
cf-cache-status: DYNAMIC
cf-ray: 831ddb6f69d12baf-FRA
content-length: 0
date: Thu, 07 Dec 2023 15:38:42 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701963522&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Y5WcFCdVnNhYSAGyBZ4l1JGgA6Dgey08z1qqnMLD5fQ%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701963522&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Y5WcFCdVnNhYSAGyBZ4l1JGgA6Dgey08z1qqnMLD5fQ%3D
server: cloudflare
via: 1.1 vegur

GET
H2 200 fontawesome-5-juicer.woff2
static.juicer.io/fonts/ 9 KB
9 KB 146ms
134ms Font
application/font-woff2 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.juicer.io/fonts/fontawesome-5-juicer.woff2?83361522
Requested by: Host: assets.juicer.io
URL: https://assets.juicer.io/embed.css?ver=6.4.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98f52c585d499ea7132a6b0c0feee576310ff9ca667cfb8b1b156811d5a89e8f

Request headers

Referer: https://assets.juicer.io/
Origin: https://itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-length: 9064
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701769523&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=77Cd%2BlbUviXwPWWVYq1CtvD3K8UcYkci0bXdkldtZh8%3D
last-modified: Tue, 05 Dec 2023 08:57:33 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701769523&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=77Cd%2BlbUviXwPWWVYq1CtvD3K8UcYkci0bXdkldtZh8%3D"}]}
access-control-allow-origin: *
content-type: application/font-woff2
access-control-expose-headers
cache-control: public, max-age=3600
vary: Origin, Accept-Encoding
accept-ranges: bytes
cf-ray: 831ddb6f79dd2baf-FRA

POST
H2 200 page_views Show response
www.juicer.io/api/ 0
127 B 121ms
120ms XHR
application/json 2606:4700:20::681a:c57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.juicer.io/api/page_views

Requested by

Host: assets.juicer.io
URL: https://assets.juicer.io/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701963522&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Y5WcFCdVnNhYSAGyBZ4l1JGgA6Dgey08z1qqnMLD5fQ%3D
x-request-id: f75cb0df-8198-480f-bc10-85184df32b9e
x-runtime: 0.007434
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701963522&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Y5WcFCdVnNhYSAGyBZ4l1JGgA6Dgey08z1qqnMLD5fQ%3D"}]}
access-control-expose-headers
x-frame-options: SAMEORIGIN
cache-control: no-cache
vary: Accept-Encoding, Origin
cf-ray: 831ddb701aa42baf-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/477328342/ 135 KB
136 KB 131ms
127ms Image
image/jpeg 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/477328342/images.jpg?external_id=C0bCWj7A3VV&s=a90d38ebf80c3aade7d65db4d9ae108d8a208ce3

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d0d980cddfaf9c46ba4a99000c8942eca471514edc22dfd9cba27436da23b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline
content-length: 138474
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701702733&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=4hNpcPDnLdb0M4UZ6AIbbe0NPA3NJbDwjT1lnzxexUM%3D
x-request-id: 295fbd57-12da-46b2-989c-a6f504b95933
x-runtime: 0.069485
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"6d0d980cddfaf9c46ba4a99000c8942e"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701702733&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=4hNpcPDnLdb0M4UZ6AIbbe0NPA3NJbDwjT1lnzxexUM%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 831ddb6f8e692c04-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/477314321/ 73 KB
74 KB 142ms
138ms Image
image/jpeg 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/477314321/images.jpg?external_id=C0ZSdWet-ME&s=b6db1ce67e54efd8f9fc16b717c800a8db4afda5

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f99958cafb6f0fbe5988b2a251ed09ef5cb95ae98142d128afaf8703b59fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline
content-length: 75236
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701702733&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=4hNpcPDnLdb0M4UZ6AIbbe0NPA3NJbDwjT1lnzxexUM%3D
x-request-id: 53a75c4f-60b6-46fd-be28-ffeef1041048
x-runtime: 0.065192
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"82f99958cafb6f0fbe5988b2a251ed09"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701702733&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=4hNpcPDnLdb0M4UZ6AIbbe0NPA3NJbDwjT1lnzxexUM%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 831ddb6f8e5a2c04-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/477119004/ 94 KB
94 KB 221ms
217ms Image
image/jpeg 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/477119004/images.jpg?external_id=C0JfLCTtQCG&s=b7d422424c7016ddbaf29966077d7be507fc99af

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0048077c7ac86f7c715ea03fa80c3429e0b1ddbf0411d8e7f8eedd7da2c83fcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline
content-length: 95996
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701246870&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Bu1gcu48k%2BBoWwcun4uGYBPj4PX0m07F742R%2FLePxSw%3D
x-request-id: edb6c9b4-d9c0-470b-8752-b2a67bd15206
x-runtime: 0.063565
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"0048077c7ac86f7c715ea03fa80c3429"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701246870&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=Bu1gcu48k%2BBoWwcun4uGYBPj4PX0m07F742R%2FLePxSw%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 831ddb6f8e5d2c04-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/477112217/ 102 KB
103 KB 122ms
118ms Image
image/jpeg 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/477112217/images.jpg?external_id=C0IdHQ6oMHS&s=e9d2cc7961fc32593a24507de88bf88210b7feb3

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ec2775c9fd1bda65d0108b8d756b43e7f60c6adea74196765fbe9243288b0b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline
content-length: 104952
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701098041&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=p6s0FwqnONG49AhiZdL5ouyLRLZ%2B49AaYDLmSqSCv4E%3D
x-request-id: 83eb7eb1-771a-4383-9fde-91c186962502
x-runtime: 0.072382
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"3ec2775c9fd1bda65d0108b8d756b43e"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701098041&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=p6s0FwqnONG49AhiZdL5ouyLRLZ%2B49AaYDLmSqSCv4E%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 831ddb6f8e622c04-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/477096240/ 232 KB
233 KB 172ms
168ms Image
image/jpeg 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/477096240/images.jpg?external_id=C0F7-zJrXO5&s=fd0de31cf5049b8dec5621e01d64e14f7ecd64e4

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41a99854a7cd595b7a0a302f4ac8a9a0301e27f979d1efea5c35937b1a4e05fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline
content-length: 237622
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701250761&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=fMmy80ZYKp3I2lqjzArzCvYOTijZ3OmV2TMF8Y94lN8%3D
x-request-id: b598e434-1d6f-488b-b49d-c737a39f4e86
x-runtime: 0.069483
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"41a99854a7cd595b7a0a302f4ac8a9a0"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701250761&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=fMmy80ZYKp3I2lqjzArzCvYOTijZ3OmV2TMF8Y94lN8%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 831ddb6f8e642c04-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/476710195/ 178 KB
179 KB 157ms
154ms Image
image/jpeg 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/476710195/images.jpg?external_id=CzjWaNqR68O&s=da6a567655ba8cabd4f64f88979f83aaff7cf86b

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dce0215122c5f97eadb45959149cfa044f5f620d6d9b403586a6dc0f291402d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline
content-length: 182681
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1699885589&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aVPe%2FbwgVbxbS8gddTfT%2Blomu3R2PSMzW4RUMSlje7Y%3D
x-request-id: 8851cde1-567c-4306-b497-06f8289260d9
x-runtime: 0.030949
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"dce0215122c5f97eadb45959149cfa04"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1699885589&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=aVPe%2FbwgVbxbS8gddTfT%2Blomu3R2PSMzW4RUMSlje7Y%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 831ddb6f8e652c04-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/476685627/ 63 KB
64 KB 139ms
136ms Image
image/jpeg 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/476685627/images.jpg?external_id=CzgnOQouwUw&s=b2fe1e927182b97b4f2906b66e14310455a83457

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a881cb6eae7ce1135a298d64c865ed30fb32d5acc31b19b8ca2a401d306a7146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline
content-length: 64510
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1701345928&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=9xfXEjlTHSC8DvkLhcAb5tnu%2BQf%2F%2FvNCM%2FOHLQVpzzw%3D
x-request-id: 691c9dd1-35dc-4e7c-a342-dcb73f81e79f
x-runtime: 0.946092
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"a881cb6eae7ce1135a298d64c865ed30"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1701345928&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=9xfXEjlTHSC8DvkLhcAb5tnu%2BQf%2F%2FvNCM%2FOHLQVpzzw%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 831ddb6f8e672c04-FRA

GET
H2 200 images.jpg
www.juicer.io/api/posts/476501424/ 71 KB
72 KB 226ms
223ms Image
image/jpeg 2606:4700:20::681a:d57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.juicer.io/api/posts/476501424/images.jpg?external_id=CzSX-WIuAwi&s=2cf9fd867c1b71b4b25634fa56ae55a6e34487f7

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07e09c1b140e3c66ab99a7afbf2462ec8aada23e2dbc97dd76a4430d8f9d62b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-transfer-encoding: binary
content-disposition: inline
content-length: 73174
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700493763&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KDdtzNtUVyOEwbDb2sxqbMv7yujhlN5guYN01LGItxg%3D
x-request-id: aed793ab-cf1a-4194-a5af-7939624e3d99
x-runtime: 0.166063
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: W/"07e09c1b140e3c66ab99a7afbf2462ec"
x-download-options: noopen
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700493763&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=KDdtzNtUVyOEwbDb2sxqbMv7yujhlN5guYN01LGItxg%3D"}]}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=1209600, public, stale-while-revalidate=30, stale-if-error=1209600
accept-ranges: bytes
cf-ray: 831ddb6f8e682c04-FRA

GET
H2 200 1f308.svg
s.w.org/images/core/emoji/14.0.0/svg/ 733 B
664 B 48ms
13ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f308.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

555858f907bda45e059201a8a3d8910876ef8d830b9b82cfc0ca9aa55c7b029a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f41f.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
975 B 49ms
14ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f41f.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

caa8008ee6dbae76478943d4d233519d362e75858f9c9928090b5928cda3b2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f420.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
957 B 48ms
13ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f420.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

353483a66fe92a11ebbe734da83f47f6d0526a75175a05e5fc6ec7b2d4890c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f991.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
868 B 49ms
14ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f991.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

bd44e1d4db19744c519d1d6490873ca76f8894680b6bfd529d89585196cb9cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f980.svg
s.w.org/images/core/emoji/14.0.0/svg/ 5 KB
2 KB 49ms
14ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f980.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

7c95cad49ca19cee604037d049a7f154fb02b785a95b9d32f99d7efe33cb2218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f419.svg
s.w.org/images/core/emoji/14.0.0/svg/ 843 B
704 B 49ms
14ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f419.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

92d125d9c4c2d7e7d8ff450d0fb1cd80c089804fa06663cf1e12ac29ed173c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f42c.svg
s.w.org/images/core/emoji/14.0.0/svg/ 969 B
866 B 15ms
13ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f42c.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

94eba04777cdb147a9359132effa6bf8b0ebccd8c08ba1a6eec4e17e5acd2ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f433.svg
s.w.org/images/core/emoji/14.0.0/svg/ 789 B
721 B 15ms
14ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f433.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

28d63fec48ab0c89355c23de6727b6fe04de522a4760f9cfa8361f7de40a745d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1fab8.svg
s.w.org/images/core/emoji/14.0.0/svg/ 3 KB
2 KB 15ms
14ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1fab8.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

311e6feda5c880a874a7ee52b7665f5d712fb4b3116825ea2e2444592cee4b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f4a6.svg
s.w.org/images/core/emoji/14.0.0/svg/ 517 B
635 B 15ms
14ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f4a6.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

17ab064814a33763fc58aca9e62a5d93078e45e0f4a10e6baf402d5396833397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f942.svg
s.w.org/images/core/emoji/14.0.0/svg/ 3 KB
1 KB 15ms
14ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f942.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

7b4eac0591ab31e4231a9783803f7800870ed2f46acd9f0cbdef9ec36568f542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2728.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
788 B 15ms
15ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2728.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

9271962e9fc8257ce9e008bde83ac1408a2f196db6142548769f290873b70b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f451.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
787 B 16ms
15ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f451.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

3916390d4395ed16641c0e23d5e5a1bef9de6ce71b02c3941c0ee6f2d899c806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f339.svg
s.w.org/images/core/emoji/14.0.0/svg/ 905 B
801 B 16ms
15ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f339.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

e4811c2a5e7af97359c718a20571660a462910f79d2da7e57cec571b24262048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f319.svg
s.w.org/images/core/emoji/14.0.0/svg/ 622 B
641 B 16ms
15ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f319.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

aafb5b77ba9325aa6139eb5229ed862fd93b44bfc91e34801998c1dd9fde72d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f64c-1f3fb.svg
s.w.org/images/core/emoji/14.0.0/svg/ 2 KB
1 KB 16ms
16ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f64c-1f3fb.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

eff362917fc89734f3ae8e72dfd33454f4b07bf50d368b35310e369d140547d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f970.svg
s.w.org/images/core/emoji/14.0.0/svg/ 2 KB
1 KB 16ms
16ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f970.svg

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

303d516f1985e3bc62aa92d1a55c2140a14435b255a32b4c3bc776a2395f056d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D3C3 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 576706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D3C3 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 67035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:01:27 GMT

GET
H/1.1 200
OK track.gif
secure.gaug.es/ 35 B
389 B 103ms
102ms Image
image/gif 54.147.159.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.gaug.es/track.gif?h[site_id]=59c13db07218b57f54165674&h[resource]=https%3A%2F%2Fitgetsbetter.org%2F&h[referrer]=&h[title]=It%20Gets%20Better%20%E2%80%93%20The%20It%20Gets%20Better%20Project%20exists%20to%20uplift%2C%20empower%2C%20and%20connect%20LGBTQ%2B%20youth%20around%20the%20globe.&h[user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&h[unique]=1&h[unique_hour]=1&h[unique_day]=1&h[unique_month]=1&h[unique_year]=1&h[screenx]=1600&h[browserx]=1600&h[browsery]=1200&timestamp=1701963522492

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.159.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-159-60.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Dec 2023 15:38:42 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 07 Dec 2023 15:38:42 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, private
Connection: keep-alive
Content-Length: 35
Expires: Sat, 25 Nov 2000 05:00:00 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame F39F 50 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 07 Dec 2023 21:36:49 GMT

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 175ms
174ms Script
application/javascript 2.17.147.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.138 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-akamai-request-id: 481c00e7
date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023110907313370C13FB8D55BB8DFC788
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-17-147-134.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01a83725f1e840fd736b8d677242d36f0c99f56ea5f8b5ee0598474f188009bd65556a591992e7ef88e90f807f89f37e0dc70e0620bcf97f94c9dff2e21941feeae9212dd6888f2f91c1ccafc56bf665fffb151a7181bdbd62ec9cbc623765b885
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=9
content-length: 36162

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
962 B 226ms
121ms Ping
text/plain 2.16.238.13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-13.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4434524.236fb6e1
date: Thu, 07 Dec 2023 15:38:42 GMT
x-bytefaas-request-id: 20231207153842CC3B8C01E21136690806
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231207153842CC3B8C01E21136690806-60F510D48CAE9958-00
x-cache: TCP_MISS from a2-16-239-13.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time: 113,2.16.239.13
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=26, inner; dur=22
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231207153842CC3B8C01E21136690806
x-cache-remote: TCP_MISS from a23-32-17-75.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 21.15
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01b7eae1c1537faf133345ddbc40d3932ae6fba4b958b1cb3d01221e16f6e75758d329e15b389d719a2ddbd2b19f5bf5e1edb90748a96a5db52595ca18e2fb71055ef732fa676f82d7ce919f51510f61abfab8325bd55e799da71655aa579e152820fc929cfeec3ca832b57eaeca248b5a
x-origin-response-time: 26,23.32.17.75
access-control-allow-headers: *
expires: Thu, 07 Dec 2023 15:38:42 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
845 B 358ms
358ms Ping
text/plain 2.17.147.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.138 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: e46dedb6.481c0114
date: Thu, 07 Dec 2023 15:38:42 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231207153842A1E18E53E6FC2A6C7B99-7443A4F08A3E44AB-00
x-cache: TCP_MISS from a2-17-147-134.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 179,2.17.147.134
server-timing: cdn-cache; desc=MISS, edge; dur=118, origin; dur=68, inner; dur=39
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231207153842A1E18E53E6FC2A6C7B99
x-cache-remote: TCP_MISS from a23-194-131-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 69,23.194.131.38
x-tt-trace-host: 01b7eae1c1537faf133345ddbc40d3932a920d53fd227676a11a98002df784bd906a6dbbdea680d4cf93e36e4ac6fe3309c0e2ae0d53205c404b2b891a88604efca4867a9d65ecc69dfc29a3358c05b180ff3da2f1cebf4244fe2bff18af85d36b4996ced5cf724da81b32a0a2c15d5cd0
access-control-allow-headers: Authorization,*
expires: Thu, 07 Dec 2023 15:38:42 GMT

POST
H2 200 p
tr.snapchat.com/ 0
89 B 18ms
18ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://itgetsbetter.org
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 206 IGB_Video_Faces_compressed.mp4
itgetsbetter.org/wp-content/uploads/2021/05/ 41 KB
41 KB 142ms
142ms Media
video/mp4 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/uploads/2021/05/IGB_Video_Faces_compressed.mp4

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

17b408dfaca06b735d6b006ea17fefd0dd6c8aa8c4b11da4863d0317d5c16bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itgetsbetter.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=6684672-

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
strict-transport-security: max-age=31536000
x-ac: 1.ams _atomic_ams BYPASS
last-modified: Fri, 21 May 2021 15:57:57 GMT
server: nginx
etag: "60a7d885-66a3a1"
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 6684672-6726560/6726561
Content-Length: 41889

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 138 B
332 B 96ms
95ms XHR
text/plain 35.156.2.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=vbAHM54TrwEXEvlzEW2ZCA&is_js=true&landing_url=https%3A%2F%2Fitgetsbetter.org%2F&t=It%20Gets%20Better%20%E2%80%93%20The%20It%20Gets%20Better%20Project%20exists%20to%20uplift%2C%20empower%2C%20and%20connect%20LGBTQ%2B%20youth%20around%20the%20globe.&tip=scmTZu2EYOnBbXX68HqGL3DBXE7bAUixQSvr4zHvXIk&host=https%3A%2F%2Fitgetsbetter.org&sa_conv_data_css_value=%270-8c34cd9e-0b88-5c19-7d15-eaa5580ff015%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd98c34cd9e0b885c197d15eaa5580ff01592467547&sa-user-id-v3=s%253AAQAKIAsFo-wNeTYjQDiROfBYRNKr-B1vzLumrrZ0wc1T4LOFEHwYBCCBzserBjABOgQtwj9GQgR1QHUH.FrMkUkauZ2SsmtGxumrDbfoCPc%252FxQbfn7LJKPmBGYk4&sa-user-id-v2=s%253AjDTNnguIXBl9FeqlWA_wFZJGdUc.wyDwoDFfWHPz4JCuUpewi0Zpjz%252BqX8P7PFTcEUouDZU&sa-user-id=s%253A0-8c34cd9e-0b88-5c19-7d15-eaa5580ff015.o4bJqZy0ScCs%252F6NRpWlpnHuvMjDrZykP55Bcab%252F1Bzg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.156.2.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-2-40.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b34ec350f6dc9a300482363eb65082d9974412ff9db7ee4a53b49e1999045297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://itgetsbetter.org
date: Thu, 07 Dec 2023 15:38:42 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 138
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D3C3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

16ms
15ms

XHR
application/json

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d484196871d3ff5a3e1b232fd446b56471bc1690191969323ed948e467274081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Dec 2023 15:38:42 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D3C3 29 B
89 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:26:18 GMT
x-content-type-options: nosniff
age: 744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 15:41:18 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
14ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 15:38:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D3C3 87 KB
40 KB 22ms
22ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

181d40b4301f5eaa81f918fbd09c6d5ec5afa33ab320adc39783b73863d2c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40835
x-xss-protection: 0

GET
H3 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame D3C3 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 15:29:01 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/FkYumU0Z3bk/ Frame D3C3 3 KB
3 KB 16ms
15ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/FkYumU0Z3bk/default.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1eb7f221eefd75d8b00fe87558e5724bb7acbafdc19fee0eab33a0b3a7446fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
x-content-type-options: nosniff
server: sffe
etag: "1679349236"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3434
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Dec 2023 17:38:42 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame D3C3 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?CKdvpA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 15:38:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D3C3 90 B
134 B 18ms
17ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f03b08f58f0df83bc6b73e01ff9dc6eaff0968c61d0b58deb3a0cc1be8541c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
846 B 355ms
355ms Ping
text/plain 2.17.147.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.138 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a994962.481c01e5
date: Thu, 07 Dec 2023 15:38:43 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312071538436823F5EDC9684A821107-4E49D27B5D079808-00
x-cache: TCP_MISS from a2-17-147-134.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 162,2.17.147.134
server-timing: cdn-cache; desc=MISS, edge; dur=110, origin; dur=62, inner; dur=54
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312071538436823F5EDC9684A821107
x-cache-remote: TCP_MISS from a23-194-131-53.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 62,23.194.131.53
x-tt-trace-host: 01b7eae1c1537faf133345ddbc40d3932a920d53fd227676a11a98002df784bd90b69994070d97f0df1d453599f913a624245857f560f726b99b5c20477d9363943cb25d5619769909fef39d87dfb5598d218a051104e00c9763214850af3365de27c9352483364344fdf9613a0c3d3172
access-control-allow-headers: Authorization,*
expires: Thu, 07 Dec 2023 15:38:43 GMT

GET
H2 206 IGB_Video_Faces_compressed.mp4
itgetsbetter.org/wp-content/uploads/2021/05/ 3 MB
0 436ms
436ms Media
video/mp4 199.16.173.70
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://itgetsbetter.org/wp-content/uploads/2021/05/IGB_Video_Faces_compressed.mp4

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.16.173.70 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itgetsbetter.org/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=196608-

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000
x-ac: 1.ams _atomic_ams BYPASS
last-modified: Fri, 21 May 2021 15:57:57 GMT
server: nginx
etag: "60a7d885-66a3a1"
access-control-allow-methods: GET, HEAD
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 196608-6726560/6726561
Content-Length: 6529953

GET
H2 200 main.css
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/ Frame 0024 1 MB
146 KB 76ms
66ms Stylesheet
text/css 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/main.css

Requested by

Host: give.itgetsbetter.org
URL: https://give.itgetsbetter.org/give/533919/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f6fe6e347d4b5c4068bc7fe50caef888ac564137e7671e80c0428dc299458d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: E84EE5EEWPPX7XPR
age: 37257
cf-polished: origSize=1156305
x-amz-server-side-encryption: AES256
x-amz-id-2: fHr0xk7KEkd/Aq8OBKt+8RpfsKmbFnWfBBguAB3Wy3IzmjM4B79IJKFODK5dlQbLx5kusos+Ilg=
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
etag: W/"fe0f29c9578c5c4b70b110a572190ac1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 831ddb726efd3735-FRA

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 0024 131 KB
45 KB 52ms
14ms Script
application/javascript 2600:9000:2447:3e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: give.itgetsbetter.org
URL: https://give.itgetsbetter.org/give/533919/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:3e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

76164d9d399c8baca4656cd791982fdbd043413f39cf1a56c2d36c12ceb0b7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:42 GMT
content-encoding: br
via: 1.1 6a29cf21ce984f6a6d3f67cb902ef37e.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: 7KBKv95Sa9mvBWQPzcvjjTNwGa05RwL4lZ5QT01LfSwYBq5y8s-P_w==
x-xss-protection: 1; mode=block

GET
H2 200 rocket-loader.min.js Show response
give.itgetsbetter.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 0024 12 KB
4 KB 23ms
16ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: give.itgetsbetter.org
URL: https://give.itgetsbetter.org/give/533919/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/give/533919/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2023 16:06:21 GMT
server: cloudflare
content-encoding: gzip
etag: W/"65660ffd-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 831ddb730a124d59-FRA
expires: Sat, 09 Dec 2023 15:38:43 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 0024 20 KB
7 KB 78ms
42ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: give.itgetsbetter.org
URL: https://give.itgetsbetter.org/give/533919/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://give.itgetsbetter.org/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 831ddb733a689070-FRA

GET
H2 200 xdi.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 0024 26 KB
12 KB 43ms
14ms Script
text/javascript 2600:9000:2447:3e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/xdi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:3e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9669a10126dc3af0dfb585a7d1f1359638262289968aa7c202ad70de3371f073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.itgetsbetter.org/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 2HwkiXQectHLaswMS7GXtsj7Fj29XM2H
content-encoding: gzip
via: 1.1 ddcfcdf22c7ea27fb2a066c5c7d99ad2.cloudfront.net (CloudFront)
date: Thu, 07 Dec 2023 06:29:57 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
age: 32927
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"00c3b072683167edc19c510fffec8e50-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: BiEgT0obgoS90C4-_AfUYUIOf5zHXZwA2hHAEaBaNzcU_j-7Hgt3Fg==

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 0024 267 KB
77 KB 45ms
16ms Script
text/javascript 2600:9000:2447:3e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:3e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.itgetsbetter.org/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: pGLiXkBTZEwR1GE0xA6XjctsUE08zxMZ
content-encoding: gzip
via: 1.1 ddcfcdf22c7ea27fb2a066c5c7d99ad2.cloudfront.net (CloudFront)
date: Thu, 07 Dec 2023 10:19:58 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
age: 25143
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fc84468acd1aa46963b34967f73979cb-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: 98Fdz2oP52Xt8C-5BoX1kPZSezkU5GN_aOfJVxdVMa3c4xX0Nmdihw==

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ Frame 0024 19 KB
5 KB 516ms
124ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:42 GMT
last-modified: Tue, 28 Nov 2023 19:44:44 GMT
etag: "0dedb553322da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4905
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ Frame 0024 7 KB
3 KB 42ms
23ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2108737
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HF3KV6CCDVFC67Z4Y9KGAS5D-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 831ddb737cd718c5-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/donation/ Frame 0024 184 KB
38 KB 37ms
37ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dcb9ea2c438e20571d67b158981a0fc85924e93d84dc49a29bb6bf3d1f1fcc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: H4FB01Y7S9Y4XAVB
age: 53675
etag: W/"531bb48d7235f61a29e0ad3b073a880e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 831ddb7358353735-FRA
x-amz-id-2: P7j6M30uCn2t+hCRTrwBo0m7ADdWjBvK+aq6ePwLe2Zoa7stpA+NXdLiOVIyrV4Q2w3U7ruiVHo=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/ Frame 0024 2 MB
388 KB 56ms
55ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63a3548860c583edc719e7265f64c6c7d68cb4661f5f6c8ef107ca94f8977ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:16 GMT
server: cloudflare
x-amz-request-id: M98E9QAHR2S7QR2K
age: 53870
etag: W/"a9f1a7b5775b65256aa2d076d8158ac4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 831ddb73583b3735-FRA
x-amz-id-2: N+1TlZT5d6ASOzJCc2Deek7YmdK1HAG6i/g/0psegAV+FU/q52NYdpzrYym4gQoj00EU1J4m42c=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/ Frame 0024 1 MB
429 KB 46ms
46ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: M98FBDQA81B8N2XJ
age: 53870
etag: W/"89ff3b468454fac32729fc74e3c9be17"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 831ddb73583f3735-FRA
x-amz-id-2: yK/1X+Wois+pmYIzhZG9UinHA8XIsGboxRGaddKwzmKx5jPoU1hGMDV/5nronCUD/hu6aWki+ac=

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame 0024 142 KB
43 KB 101ms
56ms Script
application/javascript 52.222.191.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.191.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-191-88.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d1652591c5829f477a77e31d21f468fac59df22dd69c7762b40054fd6b97aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 17:02:49 GMT
x-amz-version-id: svReExSTYGZYTx3Ko1EM1j3J2rotpXlp
content-encoding: gzip
via: 1.1 fec18be10cd069f0dd74ab4667ba5e26.cloudfront.net (CloudFront)
x-amz-request-id: EA0TTJD4AM77GKF8
x-amz-cf-pop: HAM50-C2
x-amz-server-side-encryption: AES256
age: 81355
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: O0L3arfSb7XUqTEUdaj9NSFbMTE+PqwSXl5Sw11DPTuRZfJdv4wHhQhWvHmDvNRmbmjKgtrmLBk=
last-modified: Wed, 06 Dec 2023 16:50:05 GMT
server: AmazonS3
etag: W/"c9e7ac0c330c544915fbf5d5e45b1985"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: LeHj1Cu-t7vjoG6BXm46tyq3Kd7C2aGps4CfeWp9VovhoYtGrt-BPA==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 0024 569 KB
158 KB 221ms
114ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

234a9ce78cf0dd0633d0e91208323f7936334ab56790ed33ed55b4668d990853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:43 GMT
via: 1.1 varnish
age: 21
x-cache: HIT
content-length: 161268
x-request-id: c222d051-3306-431a-87cf-95e8bc516266
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "d550c71910376392c610ab015aa443a4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 0024 15 KB
4 KB 14ms
13ms Stylesheet
text/css 2600:9000:2447:3e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:3e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: JWSMp_NTaRFeSeqpmxFPkel0LiL4cMwY
content-encoding: gzip
via: 1.1 6a29cf21ce984f6a6d3f67cb902ef37e.cloudfront.net (CloudFront)
date: Thu, 07 Dec 2023 06:29:58 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
age: 32926
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fb3f2afd9f46893bb196329ab90276a6-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: kHUsyBg-QY7wsNmfx_AlKSA7eokaGRL7BqjYYwgdDIeslYsuaffY3A==

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ Frame 0024 8 KB
3 KB 13ms
13ms Fetch
application/json 2600:9000:2447:3e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:3e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: Pw3hE5sAYQ0kvHESktDQjUKbfeKteOb6
content-encoding: gzip
via: 1.1 ddcfcdf22c7ea27fb2a066c5c7d99ad2.cloudfront.net (CloudFront)
date: Thu, 07 Dec 2023 03:59:15 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
age: 41969
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"ecabc5423541bd640b7f7a45cb696671-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: Wcy4o-ZGd0KOfuLKlP5lYwynN2GClFqgMmdrQZgN6I5LFyAh27sPrw==

GET
DATA 200
OK truncated Show response
/ Frame 1D30 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 21ms
7ms Image
image/svg+xml 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 07:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 07:58:41 GMT

GET
H3 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
934 B 7ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 13:57:57 GMT
x-content-type-options: nosniff
age: 6046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 06 Dec 2024 13:57:57 GMT

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:15:52 GMT
x-content-type-options: nosniff
age: 235371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Dec 2024 22:15:52 GMT

GET
H2 200 sdk.js Show response
give.itgetsbetter.org/sso/ Frame 0024 26 KB
7 KB 506ms
505ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/give/533919/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 07 Dec 2023 02:54:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 831ddb74fccc4d59-FRA
expires: Thu, 07 Dec 2023 15:58:43 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 0024 474 B
372 B 34ms
14ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://give.itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 18
x-cache: HIT
content-length: 297
x-request-id: 84b8f3e3-442a-4450-9dda-4aa1a1458c31
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 29

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 0024 474 B
612 B 33ms
13ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://give.itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 18
x-cache: HIT
content-length: 297
x-request-id: d7dc1728-563e-4128-bcdd-70beeb8ca13c
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 28

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 6FEC 200 B
817 B 94ms
94ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2552477
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 15:38:43 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 835851
x-content-type-options: nosniff
x-request-id: 38c2fc19-2d8b-48da-8f74-f9d806b754e9
x-served-by: cache-fra-eddf8230030-FRA

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame 0024 993 B
520 B 42ms
41ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a63f486f5b05184dc0708669c9c1823de00295dd74b090557b77268118ecc0dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 07 Dec 2023 15:38:43 GMT

POST
H2 204 rum Show response
give.itgetsbetter.org/cdn-cgi/ Frame 0024 0
146 B 12ms
12ms XHR
text/plain 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-3d4c261e4dc89555----1701963523747
traceparent: 00-3a0b019e4f8f189b243f73f0c0548000-3d4c261e4dc89555-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzZDRjMjYxZTRkYzg5NTU1IiwidHIiOiIzYTBiMDE5ZTRmOGYxODliMjQzZjczZjBjMDU0ODAwMCIsInRpIjoxNzAxOTYzNTIzNzQ3fX0=
content-type: application/json
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give.itgetsbetter.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 831ddb7778264d59-FRA

GET
H2 200 tax-entities Show response
give.itgetsbetter.org/frs-api/organizations/63630/ Frame 0024 629 B
381 B 457ms
456ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/frs-api/organizations/63630/tax-entities

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27e896d440c77cd698ac77e0a62aae776c5ad104b3f8df59f5896b88b3b43a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: Ac5DfGHl-ySn3DgZ8wEyklPrv8svIFdtUkS0
tracestate: 423787@nr=0-1-423787-363751183-c4828a78c044166d----1701963523774
traceparent: 00-f8f008a7f10cea7700679c98a40c5000-c4828a78c044166d-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjNDgyOGE3OGMwNDQxNjZkIiwidHIiOiJmOGYwMDhhN2YxMGNlYTc3MDA2NzljOThhNDBjNTAwMCIsInRpIjoxNzAxOTYzNTIzNzc0fX0=
Accept: application/json, text/plain, */*
csrf-token: Ac5DfGHl-ySn3DgZ8wEyklPrv8svIFdtUkS0
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"275-t6zTU+ZUcNC5gskLBXhqsilb3Qs"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 831ddb77987c4d59-FRA

GET
H2 200 ach-account-routing Show response
give.itgetsbetter.org/frs-api/organizations/63630/ Frame 0024 33 B
168 B 447ms
447ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/frs-api/organizations/63630/ach-account-routing

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: Ac5DfGHl-ySn3DgZ8wEyklPrv8svIFdtUkS0
tracestate: 423787@nr=0-1-423787-363751183-278d680e05ab06ae----1701963523872
traceparent: 00-472cb83558caf8837d6207eb2af81e00-278d680e05ab06ae-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyNzhkNjgwZTA1YWIwNmFlIiwidHIiOiI0NzJjYjgzNTU4Y2FmODgzN2Q2MjA3ZWIyYWY4MWUwMCIsInRpIjoxNzAxOTYzNTIzODcyfX0=
Accept: application/json, text/plain, */*
csrf-token: Ac5DfGHl-ySn3DgZ8wEyklPrv8svIFdtUkS0
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 831ddb7839564d59-FRA
content-length: 33

GET
H2 200 currency-conversions Show response
give.itgetsbetter.org/frs-api/i18n/ Frame 0024 75 B
1 KB 146ms
146ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68fc46d3053087ed029f3ddc6a49a1e200817b8bde4d79527e89c989ed5b5d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: Ac5DfGHl-ySn3DgZ8wEyklPrv8svIFdtUkS0
tracestate: 423787@nr=0-1-423787-363751183-7dd2ff091a26d856----1701963523894
traceparent: 00-2fff116f4e9728c908faad5e5df12400-7dd2ff091a26d856-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3ZGQyZmYwOTFhMjZkODU2IiwidHIiOiIyZmZmMTE2ZjRlOTcyOGM5MDhmYWFkNWU1ZGYxMjQwMCIsInRpIjoxNzAxOTYzNTIzODk0fX0=
Accept: application/json, text/plain, */*
csrf-token: Ac5DfGHl-ySn3DgZ8wEyklPrv8svIFdtUkS0
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-EYQ5xZMG722YKIEfFJPEqgujWSI"
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Z8YId1eemO3O5FCpbRIUWauwyWZAjNAPgJpOGNEEv.g-1701963524-0-AdwqL5hhpYBQaTOKvLTe16xf0JVx305vYyTdf5ij0R08xcFZzmwu5MHqr5wgkTLaBq7cRHA2Rm3fWD1c5i2RybtAu_NijYC6olTsEcsNqO0GLhYJL6VpKfmpSZStITwVfxUk72Mq4u3WY5DPOK2o92sB5PnPWXU42Id9fphl2DTV; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Z8YId1eemO3O5FCpbRIUWauwyWZAjNAPgJpOGNEEv.g-1701963524-0-AdwqL5hhpYBQaTOKvLTe16xf0JVx305vYyTdf5ij0R08xcFZzmwu5MHqr5wgkTLaBq7cRHA2Rm3fWD1c5i2RybtAu_NijYC6olTsEcsNqO0GLhYJL6VpKfmpSZStITwVfxUk72Mq4u3WY5DPOK2o92sB5PnPWXU42Id9fphl2DTV"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 831ddb7859854d59-FRA

GET
H2 200 plaid Show response
pay.classy.org/token/ Frame 0024 88 B
693 B 434ms
406ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=12247&currency=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.itgetsbetter.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 4fff92fe-67bd-4b06-80dc-7cbc2215a2e2
cf-ray: 831ddb789de7917a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 user-icon.png
give.itgetsbetter.org/static/global/images/ Frame 0024 2 KB
2 KB 56ms
54ms Image
image/webp 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.itgetsbetter.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/give/533919/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 1248385
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Thu, 23 Nov 2023 00:06:14 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "655e9776-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 831ddb7879ae4d59-FRA
expires: Fri, 22 Nov 2024 04:52:18 GMT

GET
H2 200 embedded-giving-logo-visa.svg
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/embedded-giving/ Frame 0024 1 KB
900 B 31ms
29ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/embedded-giving/embedded-giving-logo-visa.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: VKE02VRGVHY2G773
age: 49638
etag: W/"b327a8825ae28019462c8c3f5b4770c0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 831ddb787fbe3735-FRA
x-amz-id-2: Ei4lLNsODHHsrbJuYOyhuXe+PuxeY/hjAWarkRuld14sp4k8fDOKd9u9Dx4WZpJhdHDN7jlhQNU=

GET
H2 200 embedded-giving-logo-amex.svg
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/embedded-giving/ Frame 0024 1 KB
849 B 35ms
34ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/embedded-giving/embedded-giving-logo-amex.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: P82NWTNQ4Q6A7JS4
age: 44462
etag: W/"0b1b4bc87aebc780d3ad6095fd447a24"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 831ddb787fc13735-FRA
x-amz-id-2: emPYHcIiiJ7Q5AGbkvNfsbsLen47Ow8P4qKLQQzq7YqH8V3TFZPmWUapKx0iwn/bFieAk7T6hKU=

GET
H2 200 embedded-giving-logo-discover.svg
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/embedded-giving/ Frame 0024 3 KB
1 KB 24ms
22ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/embedded-giving/embedded-giving-logo-discover.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: VKE0NXC4VQ11RA2S
age: 44462
etag: W/"d51cee8f590a54e755ac3501c1bd7342"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 831ddb787fc43735-FRA
x-amz-id-2: Fnjhn56CbnpahSGoyktocBtGt/cHmVGskxcvcSiBds1stNIAQBWEgnstMKTaGNghfeFUIoZSvMU=

GET
H2 200 embedded-giving-logo-mastercard.svg
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/embedded-giving/ Frame 0024 1 KB
744 B 50ms
49ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/embedded-giving/embedded-giving-logo-mastercard.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: VKE4MKWH21XBDWKS
age: 44462
etag: W/"26fb3de4519ed38ceec90bc98250ba1f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 831ddb787fc73735-FRA
x-amz-id-2: DWfzy3X17HIsKgNCK3Q9HIGIoetFC+9qTvtnQvJRYE8wTgQgD2nk7hpTeNHILXE7ndHohdhoHpw=

GET
H2 200 embedded-giving-shield-icon.svg
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/embedded-giving/ Frame 0024 6 KB
2 KB 34ms
33ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/embedded-giving/embedded-giving-shield-icon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: VKE4DVJJ7W5J5NN4
age: 44462
etag: W/"46fd834e95514def799fa0626c78233c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 831ddb787fca3735-FRA
x-amz-id-2: mszO994omO21YGVV3JBuCdZ+zPStNnnaflhXa4SsCPQrXBAMr54V/wn1mTtkQGp7W7b8PNG62yw=

GET
H2 200 embedded-giving-logo-ach.svg
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/embedded-giving/ Frame 0024 1 KB
959 B 36ms
35ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/embedded-giving/embedded-giving-logo-ach.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
x-amz-request-id: FXXVP513JCDWHR7W
age: 32425
etag: W/"d71add3c9962a21340ec557ac0628bf7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 831ddb787fcc3735-FRA
x-amz-id-2: UTAB0dP9JsSyHodBENXIfo0ie07WO2/ewenoBRTejnhZXW22lmK3qB1k9rigbcFGSOZKyTgVAic=

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/ Frame 0024 394 B
679 B 35ms
35ms Image
image/webp 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: 8CASC4AAKNJ03ZCG
age: 41110
cf-polished: origFmt=png, origSize=547
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: 2ImdzBHIvNrl4uc7RykZ+BSqBz7cV5cW9MwVaydjKyFzRvVoPKqSRARTV78nomwcQpkg6gF3j2EDAjNbVuM3ag==
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 831ddb788fd53735-FRA

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/fonts/ Frame 0024 42 KB
43 KB 72ms
54ms Font
application/x-font-woff 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d632cb364f35b40afb5abaca971891e56190d21477f05e4387f34486a02ad571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/main.css
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: F1ATFX7DV0PM866C
age: 3071
x-amz-server-side-encryption: AES256
content-length: 43184
x-amz-id-2: iXQaDuA6xDGmRKPVNXPuTQiinKpNB3JCBOjddEhyFJHgdBGIYehA9aQrk+M6L6QpT77VwQXnS4k=
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
etag: "b53f6371bd436855fd3ef361d8229d9e"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 831ddb789de59b9e-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/fonts/ Frame 0024 65 KB
66 KB 63ms
45ms Font
binary/octet-stream 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/dc2ef25255a29ef665c5a80abfbddbda75f500c4/static/frs/main.css
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: QBRHF2X2H7GT2SHJ
age: 60563
x-amz-server-side-encryption: AES256
content-length: 66624
x-amz-id-2: w+8UGJJOLDG31MVvF+4hWBkYd314fAGj1y5G8pIu3Wk3D6dZj3VE01rIvCaR2pgAov5vxufoq1E=
last-modified: Thu, 23 Nov 2023 00:10:15 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 831ddb789de99b9e-FRA

POST
H2 204 rum Show response
give.itgetsbetter.org/cdn-cgi/ Frame 0024 0
37 B 9ms
8ms XHR
text/plain 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-67e35e39c0b67d23----1701963523923
traceparent: 00-6ff3aa4e572f1a53222cf3374aa57600-67e35e39c0b67d23-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2N2UzNWUzOWMwYjY3ZDIzIiwidHIiOiI2ZmYzYWE0ZTU3MmYxYTUzMjIyY2YzMzc0YWE1NzYwMCIsInRpIjoxNzAxOTYzNTIzOTIzfX0=
content-type: application/json
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Thu, 07 Dec 2023 15:38:43 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://give.itgetsbetter.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 831ddb7889c64d59-FRA

GET
H3 200 css
fonts.googleapis.com/ Frame 0024 11 KB
745 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 15:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:38:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 15:38:43 GMT

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6FEC 631 B
533 B 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:43 GMT
via: 1.1 varnish
age: 3230420
x-cache: HIT
content-length: 399
x-request-id: c8a5d829-7259-4c70-bcf1-d47912a74bc7
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 785231

GET
H2 200 transaction-estimates Show response
give.itgetsbetter.org/frs-api/campaign/533919/ Frame 0024 365 B
844 B 517ms
516ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/frs-api/campaign/533919/transaction-estimates?amex=false&amount=25&currency=USD&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

994081b60adf9b23a36a87c318e96b628d4dd68c1a8d2abec0ca50256cf3c26c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: Ac5DfGHl-ySn3DgZ8wEyklPrv8svIFdtUkS0
tracestate: 423787@nr=0-1-423787-363751183-40b452417c55b369----1701963523940
traceparent: 00-75d53b20a1a18714c3dc63eac4146e00-40b452417c55b369-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0MGI0NTI0MTdjNTViMzY5IiwidHIiOiI3NWQ1M2IyMGExYTE4NzE0YzNkYzYzZWFjNDE0NmUwMCIsInRpIjoxNzAxOTYzNTIzOTQwfX0=
Accept: application/json, text/plain, */*
csrf-token: Ac5DfGHl-ySn3DgZ8wEyklPrv8svIFdtUkS0
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16d-pPLvkKRK5EcDnOxrhp1W/Txfdv4"
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=X4A._m9Bc9nbPYpwFi68hkYlFlXOu9NGclEMva4Awws-1701963524-0-AfGD9GsPuWWegh_WsZq3Yz326FEzXZfSWbyxHP4XmiKDw8fylNy6BYw1KWHRPvTHYC4VC2CMRT3LJRo-GzM3ksXSbtEeBzmHp3pMcyhQ3N_O8Ktlge0clBqHSNVibpVPm_iIPusRMQVfNh40qaJYM6KTi2DeHLhNqAABkJOpynp2; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=X4A._m9Bc9nbPYpwFi68hkYlFlXOu9NGclEMva4Awws-1701963524-0-AfGD9GsPuWWegh_WsZq3Yz326FEzXZfSWbyxHP4XmiKDw8fylNy6BYw1KWHRPvTHYC4VC2CMRT3LJRo-GzM3ksXSbtEeBzmHp3pMcyhQ3N_O8Ktlge0clBqHSNVibpVPm_iIPusRMQVfNh40qaJYM6KTi2DeHLhNqAABkJOpynp2"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cf-ray: 831ddb78a9f74d59-FRA

GET
H2 200 transaction-estimates Show response
give.itgetsbetter.org/frs-api/campaign/533919/ Frame 0024 365 B
270 B 425ms
425ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/frs-api/campaign/533919/transaction-estimates?amex=false&amount=25&currency=USD&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

994081b60adf9b23a36a87c318e96b628d4dd68c1a8d2abec0ca50256cf3c26c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: Ac5DfGHl-ySn3DgZ8wEyklPrv8svIFdtUkS0
tracestate: 423787@nr=0-1-423787-363751183-ba19bafe32c52da8----1701963523941
traceparent: 00-d79c6d5fb0b671c75ff8ac33ba41c200-ba19bafe32c52da8-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiYTE5YmFmZTMyYzUyZGE4IiwidHIiOiJkNzljNmQ1ZmIwYjY3MWM3NWZmOGFjMzNiYTQxYzIwMCIsInRpIjoxNzAxOTYzNTIzOTQxfX0=
Accept: application/json, text/plain, */*
csrf-token: Ac5DfGHl-ySn3DgZ8wEyklPrv8svIFdtUkS0
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16d-pPLvkKRK5EcDnOxrhp1W/Txfdv4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 831ddb78a9fb4d59-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame 6FEC 0
717 B 528ms
172ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524396612
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524395292
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6FEC 0
718 B 526ms
171ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524396170
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524395224
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 0024 29 KB
29 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:23 GMT
x-content-type-options: nosniff
age: 576680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:23 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 0024 29 KB
29 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:23 GMT
x-content-type-options: nosniff
age: 576680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:23 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/ Frame 0024 215 KB
67 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f7d6f6139d786232c30733c242672145a2ed59e41423520f4dc4dc611e2bd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:29:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68329
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 15:29:38 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 1349 930 B
2 KB 42ms
9ms Document
text/html 99.86.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-50.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 177
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 15:35:48 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-id: TfRFBdZbK-Lj6sjhNEjCUqL35UCK5f_M9az2K5-i7vR-Km_otQAroQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame 0024 88 KB
31 KB 100ms
34ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://give.itgetsbetter.org/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2580010
x-cache: HIT, HIT
content-length: 30957
x-served-by: cache-lga13629-LGA, cache-fra-eddf8230112-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701963524.063172,VS0,VE0
etag: W/"28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 1, 69575

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 0024 32 KB
32 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:28:27 GMT
x-content-type-options: nosniff
age: 515417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:28:27 GMT

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 0024 32 KB
32 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:28:27 GMT
x-content-type-options: nosniff
age: 515417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:28:27 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 0024 29 KB
29 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:23 GMT
x-content-type-options: nosniff
age: 576681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:23 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 0024 29 KB
29 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:23 GMT
x-content-type-options: nosniff
age: 576681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:23 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 0024 29 KB
29 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.itgetsbetter.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:27:23 GMT
x-content-type-options: nosniff
age: 576681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:27:23 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 1349 0
491 B 464ms
173ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524396798
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963524395269
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 1349 87 KB
15 KB 9ms
9ms Script
text/javascript 99.86.4.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-50.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:02 GMT
content-encoding: br
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 42
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: GbAe78O9TDGfKnQn84QIkAbrhyghyL1xtKS6b7OuGlPU9wGfn85U3g==

GET
H2 200 transaction-estimates Show response
give.itgetsbetter.org/frs-api/campaign/533919/ Frame 0024 365 B
262 B 457ms
457ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/frs-api/campaign/533919/transaction-estimates?amex=false&amount=24&currency=USD&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

058d8b644c0a771f4013754fb6a023fd172d2fa246eb60085d295497d0c64b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: BjHH9pIU-cdp-73D9XYOToqLabAAshYEVchM
tracestate: 423787@nr=0-1-423787-363751183-6733ed863103513a----1701963524065
traceparent: 00-7d41f190ddfb2172fe0801d338c52c00-6733ed863103513a-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2NzMzZWQ4NjMxMDM1MTNhIiwidHIiOiI3ZDQxZjE5MGRkZmIyMTcyZmUwODAxZDMzOGM1MmMwMCIsInRpIjoxNzAxOTYzNTI0MDY1fX0=
Accept: application/json, text/plain, */*
csrf-token: Ac5DfGHl-ySn3DgZ8wEyklPrv8svIFdtUkS0
Referer: https://give.itgetsbetter.org/give/533919/

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16d-oekrtLe21y6HHsLqTSG9mBP/esI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 831ddb796b224d59-FRA

POST
H2 200 6 Show response
m.stripe.com/ Frame 1349 156 B
669 B 570ms
186ms XHR
application/json 34.210.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.21.51 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-21-51.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a53e627a452fa91d15870f0420127b0f04d1266d5418f0bb4e2d358d36a1cc7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524543949
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1701963524543422
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F39F 28 B
55 B 22ms
22ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Goog-Request-Time: 1701963524075
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/bwkUX98fktI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent
X-YouTube-Client-Version: 1.20231128.01.01
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtyanhRX01ObVY2YyiBzserBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1701963521851&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C454%2C255&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 07 Dec 2023 15:38:44 GMT

GET
H2 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
give.itgetsbetter.org/sso/ssobuild/js/ Frame 0024 12 KB
5 KB 52ms
52ms XHR
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-bd56935dd3c85011----1701963524110
traceparent: 00-c03f3b529a43bd2044b5cf8c41eeca00-bd56935dd3c85011-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiZDU2OTM1ZGQzYzg1MDExIiwidHIiOiJjMDNmM2I1MjlhNDNiZDIwNDRiNWNmOGM0MWVlY2EwMCIsInRpIjoxNzAxOTYzNTI0MTEwfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.itgetsbetter.org/give/533919/
X-Requested-With: XMLHttpRequest

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Nov 2023 20:41:48 GMT
cf-bgj: minify
server: cloudflare
age: 1434910
etag: W/"6553db8c-316e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 831ddb79bb7e4d59-FRA
expires: Wed, 20 Nov 2024 01:03:34 GMT

GET
H2 200 status Show response
give.itgetsbetter.org/sso/ Frame 0024 90 B
1 KB 437ms
436ms XHR
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.itgetsbetter.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361043133442332182526_1701963524108&_=1701963524109

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e5c50233a5496e255643263df3e65eb07d835e22821b72088ef06c9733ce294

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-0a8e7fd05c9e82a5----1701963524169
traceparent: 00-33a8c646d275337d944767a4d4cb2d00-0a8e7fd05c9e82a5-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwYThlN2ZkMDVjOWU4MmE1IiwidHIiOiIzM2E4YzY0NmQyNzUzMzdkOTQ0NzY3YTRkNGNiMmQwMCIsInRpIjoxNzAxOTYzNTI0MTY5fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.itgetsbetter.org/give/533919/
X-Requested-With: XMLHttpRequest

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self' https://*.classy.org;
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache, private
cf-ray: 831ddb7a1bf94d59-FRA
x-xss-protection: 1; mode=block

GET
H2 200 controller-e5b9447a8f4b01ae3fa8626199b71899.html Show response
js.stripe.com/v3/ Frame D104 325 B
874 B 68ms
68ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-e5b9447a8f4b01ae3fa8626199b71899.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c71fdf08be68faa116dd26fc6abba73c58066055911be8bfa11c5ba5ce391a26

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 15:38:44 GMT
etag: "e5b9447a8f4b01ae3fa8626199b71899"
last-modified: Wed, 06 Dec 2023 21:05:28 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 6
x-content-type-options: nosniff
x-request-id: ddf3344d-9fb9-4f67-9c47-b12c55b9ec79
x-served-by: cache-fra-eddf8230030-FRA

GET
H2 200 payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html Show response
js.stripe.com/v3/ Frame 48CD 408 B
919 B 68ms
67ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a9ef153a00df475c212ef4b4b516eb2f3d88a71877d01cb58fcf9aaddc7fa8ae

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 66581
cache-control: max-age=31536000
content-encoding: br
content-length: 221
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 15:38:44 GMT
etag: "b599d220d051eeac6804842ce1a8452d"
last-modified: Wed, 06 Dec 2023 21:05:44 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 817
x-content-type-options: nosniff
x-request-id: 369ea94f-bb46-43a2-a188-657180982c2b
x-served-by: cache-fra-eddf8230030-FRA

GET
H2 200 payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html Show response
js.stripe.com/v3/ Frame C4CE 344 B
999 B 66ms
66ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5cc115327dcd78f61d16e6a86c98ea3992f656406dcf16b92d60390c103a163c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 35
cache-control: max-age=60
content-encoding: br
content-length: 201
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 15:38:44 GMT
etag: "ad00c97d83842ebd47304da892f23769"
last-modified: Wed, 06 Dec 2023 21:05:44 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 25401f81-e242-4970-860d-b6c7b59c6ad4
x-served-by: cache-fra-eddf8230030-FRA

GET
H2 200 shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D104 536 KB
130 KB 51ms
51ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-e5b9447a8f4b01ae3fa8626199b71899.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1b6c26f5f4c831c5adffc8c991b363c086be4fa2c963210999ecbaf446218ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-e5b9447a8f4b01ae3fa8626199b71899.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 66667
x-cache: HIT
content-length: 133039
x-request-id: 2d4d254f-f6f7-42bd-b26c-79beef85f500
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Wed, 06 Dec 2023 21:05:43 GMT
server: Fastly
etag: "115d5808fe6617a67417b600f9a68808"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 controller-58b36f100ddea41394e79ab22f6f3038.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D104 667 KB
173 KB 52ms
52ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-58b36f100ddea41394e79ab22f6f3038.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-e5b9447a8f4b01ae3fa8626199b71899.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c48c2bd49fbe7504b1073ff8a40c875bd8a563de1481c0c1ca0a3437f686e455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-e5b9447a8f4b01ae3fa8626199b71899.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 66667
x-cache: HIT
content-length: 177051
x-request-id: 10c0b380-0002-4d58-99ff-3fa5b5bd64dd
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Wed, 06 Dec 2023 21:05:40 GMT
server: Fastly
etag: "64a21f0de6a84345e006fd0fde11930f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

POST
H2 200 csp-report
q.stripe.com/ Frame D104 0
717 B 175ms
175ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524534687
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524534031
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C4CE 536 KB
130 KB 166ms
166ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1b6c26f5f4c831c5adffc8c991b363c086be4fa2c963210999ecbaf446218ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 66667
x-cache: HIT
content-length: 133039
x-request-id: ac75c2f2-642b-4e8f-9eb1-6c8c49106bbd
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Wed, 06 Dec 2023 21:05:43 GMT
server: Fastly
etag: "115d5808fe6617a67417b600f9a68808"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C4CE 12 KB
5 KB 167ms
166ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 2544113
x-cache: HIT
content-length: 4877
x-request-id: c80a7b0c-80c3-4588-91bc-9c11550f4e10
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Mon, 09 Oct 2023 20:07:19 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 42397

POST
H2 200 csp-report
q.stripe.com/ Frame C4CE 0
717 B 203ms
203ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524564515
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524562810
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C4CE 0
717 B 200ms
200ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524563914
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524562862
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 48CD 120 KB
37 KB 89ms
58ms Script
application/javascript 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe0130a7a1c919a78c51773b8a775ca8eb1ff3211b7b06d2044cbd1357e1e9e2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-Cr4ppeHDef78Md0Z03exxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-Cr4ppeHDef78Md0Z03exxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 07 Dec 2023 15:38:44 GMT

GET
H2 200 shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 48CD 536 KB
130 KB 166ms
166ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1b6c26f5f4c831c5adffc8c991b363c086be4fa2c963210999ecbaf446218ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 66667
x-cache: HIT
content-length: 133039
x-request-id: e5ac547a-8df7-4f60-8913-bfcd0e97285a
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Wed, 06 Dec 2023 21:05:43 GMT
server: Fastly
etag: "115d5808fe6617a67417b600f9a68808"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 48CD 10 KB
4 KB 98ms
98ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 2557745
x-cache: HIT
content-length: 4272
x-request-id: 0b228246-164f-442c-a1b5-e7887b74a35b
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 24878

POST
H2 200 csp-report
q.stripe.com/ Frame 48CD 0
717 B 197ms
197ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524563454
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524562824
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 48CD 0
717 B 204ms
204ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524564268
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524562844
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html Show response
js.stripe.com/v3/ Frame E141 408 B
887 B 160ms
160ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a9ef153a00df475c212ef4b4b516eb2f3d88a71877d01cb58fcf9aaddc7fa8ae

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 66581
cache-control: max-age=31536000
content-encoding: br
content-length: 221
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 15:38:44 GMT
etag: "b599d220d051eeac6804842ce1a8452d"
last-modified: Wed, 06 Dec 2023 21:05:44 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 818
x-content-type-options: nosniff
x-request-id: 78391eec-466e-49b2-b61c-d42144810299
x-served-by: cache-fra-eddf8230030-FRA

GET
H2 200 payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html Show response
js.stripe.com/v3/ Frame 2A1E 344 B
1 KB 159ms
158ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5cc115327dcd78f61d16e6a86c98ea3992f656406dcf16b92d60390c103a163c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 35
cache-control: max-age=60
content-encoding: br
content-length: 201
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 15:38:44 GMT
etag: "ad00c97d83842ebd47304da892f23769"
last-modified: Wed, 06 Dec 2023 21:05:44 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: 1df3221c-3c38-4aae-8bc5-6f2edad6d34a
x-served-by: cache-fra-eddf8230030-FRA

GET
H2 200 payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html Show response
js.stripe.com/v3/ Frame CA77 408 B
300 B 94ms
94ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a9ef153a00df475c212ef4b4b516eb2f3d88a71877d01cb58fcf9aaddc7fa8ae

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 66581
cache-control: max-age=31536000
content-encoding: br
content-length: 221
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 15:38:44 GMT
etag: "b599d220d051eeac6804842ce1a8452d"
last-modified: Wed, 06 Dec 2023 21:05:44 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 819
x-content-type-options: nosniff
x-request-id: 8ef4bbcd-9fb4-423f-88db-de1748400ddc
x-served-by: cache-fra-eddf8230030-FRA

GET
H2 200 payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html Show response
js.stripe.com/v3/ Frame 35B6 344 B
278 B 93ms
93ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5cc115327dcd78f61d16e6a86c98ea3992f656406dcf16b92d60390c103a163c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.itgetsbetter.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 35
cache-control: max-age=60
content-encoding: br
content-length: 201
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 15:38:44 GMT
etag: "ad00c97d83842ebd47304da892f23769"
last-modified: Wed, 06 Dec 2023 21:05:44 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-content-type-options: nosniff
x-request-id: b0e80bbd-7800-45a1-9cf5-9cd215564bd7
x-served-by: cache-fra-eddf8230030-FRA

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame E141 120 KB
36 KB 65ms
61ms Script
application/javascript 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe0130a7a1c919a78c51773b8a775ca8eb1ff3211b7b06d2044cbd1357e1e9e2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PU5_KYS_hMOOJbnV1DRsjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PU5_KYS_hMOOJbnV1DRsjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 07 Dec 2023 15:38:44 GMT

GET
H2 200 shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E141 536 KB
130 KB 79ms
76ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1b6c26f5f4c831c5adffc8c991b363c086be4fa2c963210999ecbaf446218ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 66667
x-cache: HIT
content-length: 133039
x-request-id: dedd1fe4-cf03-497e-a0bc-b4e2047a302f
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Wed, 06 Dec 2023 21:05:43 GMT
server: Fastly
etag: "115d5808fe6617a67417b600f9a68808"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E141 10 KB
4 KB 38ms
38ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 2557745
x-cache: HIT
content-length: 4272
x-request-id: 13116a37-be35-46c4-94d3-28496c7a0752
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 24880

GET
H2 200 shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2A1E 536 KB
130 KB 80ms
76ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1b6c26f5f4c831c5adffc8c991b363c086be4fa2c963210999ecbaf446218ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 66667
x-cache: HIT
content-length: 133039
x-request-id: eb73cc74-26ed-4395-93cd-e2a4cffba2aa
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Wed, 06 Dec 2023 21:05:43 GMT
server: Fastly
etag: "115d5808fe6617a67417b600f9a68808"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2A1E 12 KB
5 KB 79ms
76ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 2544113
x-cache: HIT
content-length: 4877
x-request-id: 213e4c16-8f54-47aa-898f-2ada5051663a
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Mon, 09 Oct 2023 20:07:19 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 42398

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame CA77 120 KB
36 KB 66ms
63ms Script
application/javascript 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe0130a7a1c919a78c51773b8a775ca8eb1ff3211b7b06d2044cbd1357e1e9e2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cxyXVv6gzOaWUWSp5dgRzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cxyXVv6gzOaWUWSp5dgRzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 07 Dec 2023 15:38:44 GMT

GET
H2 200 shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CA77 536 KB
130 KB 79ms
77ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1b6c26f5f4c831c5adffc8c991b363c086be4fa2c963210999ecbaf446218ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 66667
x-cache: HIT
content-length: 133039
x-request-id: c2cd7434-f171-4514-af40-22fdf258bc05
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Wed, 06 Dec 2023 21:05:43 GMT
server: Fastly
etag: "115d5808fe6617a67417b600f9a68808"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CA77 10 KB
4 KB 39ms
39ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 2557745
x-cache: HIT
content-length: 4272
x-request-id: 22f66dbd-c4bd-4ae8-b779-ed9d1b0bf578
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 24879

POST
H2 200 csp-report
q.stripe.com/ Frame E141 0
716 B 180ms
178ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524715022
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524713803
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E141 0
717 B 184ms
182ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524715358
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524713846
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2A1E 0
717 B 172ms
170ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524714237
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524713773
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2A1E 0
717 B 175ms
172ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524714288
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524713777
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 35B6 536 KB
130 KB 78ms
77ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1b6c26f5f4c831c5adffc8c991b363c086be4fa2c963210999ecbaf446218ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 66667
x-cache: HIT
content-length: 133039
x-request-id: f029dc8c-14bc-4e6c-9a95-30ea619ed74d
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Wed, 06 Dec 2023 21:05:43 GMT
server: Fastly
etag: "115d5808fe6617a67417b600f9a68808"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 35B6 12 KB
5 KB 78ms
77ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 15:38:44 GMT
via: 1.1 varnish
age: 2544113
x-cache: HIT
content-length: 4877
x-request-id: 859087b8-986f-4d44-a2ff-64d33e0c5b90
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Mon, 09 Oct 2023 20:07:19 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 42399

POST
H2 200 csp-report
q.stripe.com/ Frame CA77 0
717 B 177ms
177ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524715603
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524715138
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame CA77 0
717 B 182ms
181ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524715632
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524715160
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 35B6 0
717 B 185ms
185ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524718793
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524718356
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 35B6 0
717 B 185ms
185ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: itgetsbetter.org
URL: https://itgetsbetter.org/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524718972
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701963524718376
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame D104 474 B
398 B 7ms
6ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-e5b9447a8f4b01ae3fa8626199b71899.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: fc84fb91-143d-4977-8744-a1275cc4dd4b
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 35

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame D104 474 B
372 B 7ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-e5b9447a8f4b01ae3fa8626199b71899.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: 3d14b04d-47d8-4976-98fd-a133b267c71a
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 36

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame D104 474 B
372 B 7ms
6ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-e5b9447a8f4b01ae3fa8626199b71899.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: b01ba021-b2ec-445a-90e3-d9ba299873bc
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 37

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D3C3 28 B
55 B 25ms
24ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Goog-Request-Time: 1701963524774
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/FkYumU0Z3bk?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fitgetsbetter.org&widgetid=1
X-YouTube-Client-Version: 1.20231128.01.01
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgs3d2tfU1NiS2tRayiCzserBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1701963522641&flash=0&frm=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 07 Dec 2023 15:38:44 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame C4CE 474 B
372 B 7ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: f06ee861-290e-4c73-9cc9-46beb11be8e5
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 39

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame C4CE 474 B
368 B 7ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: b2d70c62-30cc-4648-bc9f-4a9566323c8b
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 39

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 194ms
172ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524894233
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963524893610
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 196ms
175ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524894094
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963524893485
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 194ms
173ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524893744
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963524893448
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 207ms
186ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524897222
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963524896648
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 208ms
188ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524896903
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1701963524896538
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 199ms
179ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524896888
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963524896589
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 205ms
185ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524897264
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963524896723
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 206ms
187ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524897193
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963524896851
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 194ms
175ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524893922
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963524893321
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 196ms
177ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524894346
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963524893802
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 204ms
185ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524896386
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963524896083
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 207ms
188ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524896409
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1701963524896164
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 198ms
179ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524896428
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963524896218
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 197ms
178ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524893762
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1701963524893503
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 204ms
186ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524896886
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963524896283
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 196ms
178ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524896504
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963524896330
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 197ms
179ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524896728
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963524896377
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 197ms
179ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524896722
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963524896427
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 202ms
187ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524897063
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963524896479
access-control-allow-credentials: true
content-length: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 48CD 474 B
371 B 8ms
8ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: 12268f41-cb33-4405-88df-5a34f35116ff
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 41

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 48CD 474 B
454 B 8ms
8ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: f6688fa0-3c56-4ea0-a9d5-b54af178a854
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 41

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 2B35 19 KB
7 KB 61ms
60ms Document
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e28f78aee0d8b9847cb1e03221fa47ab731dc769c312fe1f3d4edb87a3c86f4e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tHfQpftsqLgokeMo_hGlxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tHfQpftsqLgokeMo_hGlxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 07 Dec 2023 15:38:44 GMT
expires: Thu, 07 Dec 2023 15:38:44 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 177ms
172ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524894118
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963524893526
access-control-allow-credentials: true
content-length: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame D104 2 KB
3 KB 325ms
246ms Fetch
application/json 54.76.53.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.76.53.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-53-164.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6b2a62ac5a53052d04fe7c98b5bb7c13d3ffc27c6792ddc9046f008a260cc535

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2367
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 1349 156 B
668 B 187ms
187ms XHR
application/json 34.210.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.21.51 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-21-51.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a53e627a452fa91d15870f0420127b0f04d1266d5418f0bb4e2d358d36a1cc7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524901586
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1701963524900887
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 1349 156 B
668 B 237ms
236ms XHR
application/json 34.210.21.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.21.51 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-21-51.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a53e627a452fa91d15870f0420127b0f04d1266d5418f0bb4e2d358d36a1cc7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701963524951564
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1701963524950832
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E141 474 B
469 B 7ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: 2902ef3e-7709-4db9-99f3-3e2a8ee45519
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 43

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E141 474 B
381 B 7ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: 91d635cc-8f63-4f6a-851c-892cce7db240
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 43

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 169F 19 KB
7 KB 66ms
66ms Document
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1bdf36eafcc220295d58a9d20aad33ee9757940da54e474f6678b449f34bf531

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lS762cfEs0dg_ILoo32MJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lS762cfEs0dg_ILoo32MJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 07 Dec 2023 15:38:44 GMT
expires: Thu, 07 Dec 2023 15:38:44 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 173ms
172ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:44 GMT
x-stripe-server-envoy-start-time-us: 1701963524927279
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963524926765
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/am=AIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 2B35 159 KB
56 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/am=AIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjQZdz8cYTQZGUJXsuRpOXn-0Kwmw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdd2d405f6ed6768210c4c18671a129e20b22e821bd2719e7ce909762dd28299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 17:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57478
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 07:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 17:48:45 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 2B35 2 KB
2 KB 115ms
114ms Other
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2A1E 474 B
372 B 8ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: 61a52d37-5435-477d-acd5-50d80ea8de74
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 48

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2A1E 474 B
394 B 8ms
8ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: f19e3e83-4e03-4059-ad2a-0d0e90903fb5
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 48

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIE... Frame 2B35 73 KB
27 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIEqMvT8.L.B1.O/am=AIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg3_l4tBNeO-SP8ZAA6WdqQHiQPrQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/am=AIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjQZdz8cYTQZGUJXsuRpOXn-0Kwmw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42d4f34d879db7a00e6b4f53d52c4ac6df5264c7395ffe46e44f100086d00cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 18:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27334
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 02:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 18:31:32 GMT

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/am=AIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 169F 159 KB
56 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdd2d405f6ed6768210c4c18671a129e20b22e821bd2719e7ce909762dd28299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 17:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57478
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 07:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 17:48:45 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 169F 2 KB
2 KB 115ms
114ms Other
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame CA77 474 B
371 B 8ms
8ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: 8f1e05b9-a0f1-49e3-bec2-9be7deffba2b
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 50

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame CA77 474 B
368 B 8ms
8ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-b599d220d051eeac6804842ce1a8452d.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: e779424b-50c9-46a5-9f53-3e493719bdec
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 50

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 9E31 19 KB
7 KB 72ms
72ms Document
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76355b68f188fdb713c15eba03f48457485ec84866ae51005993aa2241b13e2c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-qghlp48PfCecbRGXrYiaPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-qghlp48PfCecbRGXrYiaPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 07 Dec 2023 15:38:44 GMT
expires: Thu, 07 Dec 2023 15:38:44 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 2B35 1 MB
376 KB 69ms
69ms XHR
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b16a0f32557c0d81ef6b44615e8d87c358dad80cba36f1e811fe2f191abd842

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-nhjPJ-jEq-lI8a3YI7xJIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-nhjPJ-jEq-lI8a3YI7xJIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 07 Dec 2023 15:38:44 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
272 B 174ms
174ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525051720
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963525051153
access-control-allow-credentials: true
content-length: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 35B6 474 B
371 B 7ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: d53c2869-35c4-47ee-a23c-54cf0f99f37e
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 52

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 35B6 474 B
372 B 7ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/payment-request-inner-browser-ad00c97d83842ebd47304da892f23769.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 07 Dec 2023 15:38:44 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 19
x-cache: HIT
content-length: 297
x-request-id: d8a2a33f-6035-497a-8490-4642d5b322f4
x-served-by: cache-fra-eddf8230106-FRA
last-modified: Wed, 06 Dec 2023 21:36:29 GMT
server: Fastly
etag: "cc489ea00e29d0217a6d055f949400ef"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 51

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIE... Frame 2B35 9 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIEqMvT8.L.B1.O/am=AIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg3_l4tBNeO-SP8ZAA6WdqQHiQPrQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff269876fe9326d7ee3ff8d84dee915664b3ead70fd7760002529cd35cae202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 18:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3729
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 02:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 18:31:32 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIE... Frame 2B35 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIEqMvT8.L.B1.O/am=AIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg3_l4tBNeO-SP8ZAA6WdqQHiQPrQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ea2661b7537acaca91a5207cdffa69ce3f75bc51a8a09e4dc04183e68d73e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14131
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 02:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 20:19:42 GMT

POST
H3 200 log Show response
play.google.com/ Frame 2B35 131 B
155 B 93ms
79ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 62ms
41ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 60ms
40ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2B35 131 B
155 B 96ms
81ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

POST
H3 200 log Show response
play.google.com/ Frame 2B35 131 B
155 B 97ms
84ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 61ms
41ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2B35 131 B
155 B 97ms
85ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 59ms
42ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 59ms
42ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2B35 131 B
155 B 84ms
72ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIE... Frame 169F 73 KB
27 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42d4f34d879db7a00e6b4f53d52c4ac6df5264c7395ffe46e44f100086d00cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 18:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27334
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 02:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 18:31:32 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 51ms
42ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2B35 131 B
155 B 88ms
75ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 178ms
172ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525086292
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963525085562
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 179ms
173ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525086215
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963525085626
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/am=AIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 9E31 159 KB
56 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdd2d405f6ed6768210c4c18671a129e20b22e821bd2719e7ce909762dd28299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 17:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57478
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 07:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 17:48:45 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 9E31 2 KB
2 KB 114ms
114ms Other
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: itgetsbetter.org
URL: https://itgetsbetter.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 169F 1 MB
376 KB 63ms
63ms XHR
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a79040f5bd6bfe2063fd1e9ff9c008327fa839bf980bd11719beb70ec93f9a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O73gi12WL6D1HWqtdyd7EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-O73gi12WL6D1HWqtdyd7EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 07 Dec 2023 15:38:45 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIE... Frame 169F 9 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIEqMvT8.L.B1.O/am=AIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg3_l4tBNeO-SP8ZAA6WdqQHiQPrQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff269876fe9326d7ee3ff8d84dee915664b3ead70fd7760002529cd35cae202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 18:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3729
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 02:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 18:31:32 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIE... Frame 169F 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIEqMvT8.L.B1.O/am=AIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg3_l4tBNeO-SP8ZAA6WdqQHiQPrQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ea2661b7537acaca91a5207cdffa69ce3f75bc51a8a09e4dc04183e68d73e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14131
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 02:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 20:19:42 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
40ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 169F 131 B
155 B 74ms
73ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

POST
H3 200 log Show response
play.google.com/ Frame 169F 131 B
155 B 82ms
81ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 41ms
40ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
40ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 169F 131 B
155 B 74ms
73ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

POST
H3 200 log Show response
play.google.com/ Frame 169F 131 B
155 B 68ms
68ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
40ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
40ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 169F 131 B
155 B 66ms
66ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
40ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 169F 131 B
155 B 78ms
78ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
271 B 172ms
171ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525122415
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1701963525121811
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
272 B 173ms
173ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525122763
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963525122135
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIE... Frame 9E31 73 KB
27 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42d4f34d879db7a00e6b4f53d52c4ac6df5264c7395ffe46e44f100086d00cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 18:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27334
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 02:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 18:31:32 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 9E31 1 MB
376 KB 69ms
69ms XHR
text/html 2a00:1450:4013:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a3446229b31a32d64acd5df8bcac57163dbd17c5c28a7a54ad923af649dde02

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A2vr6Nf5mmeUeEM2xPnTcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-A2vr6Nf5mmeUeEM2xPnTcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 07 Dec 2023 15:38:45 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIE... Frame 9E31 9 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIEqMvT8.L.B1.O/am=AIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg3_l4tBNeO-SP8ZAA6WdqQHiQPrQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff269876fe9326d7ee3ff8d84dee915664b3ead70fd7760002529cd35cae202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 18:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3729
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 02:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 18:31:32 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIE... Frame 9E31 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.n2GFzV9GNKo.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pHpcIEqMvT8.L.B1.O/am=AIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg3_l4tBNeO-SP8ZAA6WdqQHiQPrQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ea2661b7537acaca91a5207cdffa69ce3f75bc51a8a09e4dc04183e68d73e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 20:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14131
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 02:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 20:19:42 GMT

POST
H3 200 log Show response
play.google.com/ Frame 9E31 131 B
155 B 73ms
70ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
40ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9E31 131 B
155 B 74ms
72ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
40ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9E31 131 B
155 B 69ms
68ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 41ms
41ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9E31 131 B
155 B 70ms
69ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 41ms
41ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9E31 131 B
155 B 68ms
67ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
40ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 9E31 131 B
155 B 67ms
66ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 15:38:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
40ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Dec 2023 15:38:45 GMT
expires: Thu, 07 Dec 2023 15:38:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 173ms
173ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525157080
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963525156696
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 174ms
174ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525157273
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1701963525156917
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 192ms
180ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525231498
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1701963525230641
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 185ms
173ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525231727
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963525230899
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 180ms
177ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525231146
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1701963525230813
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
272 B 181ms
177ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525231711
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963525230870
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 178ms
175ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525231762
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963525230964
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 177ms
175ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525231704
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963525231099
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 174ms
173ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525231689
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963525231053
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 173ms
172ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525231676
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963525231093
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
272 B 177ms
177ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525232130
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701963525231534
access-control-allow-credentials: true
content-length: 0

GET
H2 200 GooglePay-logo.svg
give.itgetsbetter.org/static/global/images/digitalWallets/ Frame 0024 3 KB
2 KB 62ms
61ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.itgetsbetter.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://give.itgetsbetter.org/give/533919/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 00:06:14 GMT
server: cloudflare
age: 377410
etag: W/"655e9776-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 831ddb803c6a4d59-FRA
expires: Mon, 02 Dec 2024 06:48:35 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
273 B 175ms
175ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525237605
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963525236938
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D104 0
272 B 172ms
171ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-06833ea29f8969ed7ad2ea8cb2bbe93f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 07 Dec 2023 15:38:45 GMT
x-stripe-server-envoy-start-time-us: 1701963525242275
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701963525241702
access-control-allow-credentials: true
content-length: 0

POST 6
m.stripe.com/ Frame 1349 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: itgetsbetter.org
URL: https://itgetsbetter.org/wp-content/uploads/2021/05/IGB_Video_Faces_compressed.mp4

Domain: m.stripe.com
URL: https://m.stripe.com/6

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 16:47:29	Name: X-AB Value: undefined
.itgetsbetter.org/	1970-01-20 18:55:39	Name: _gcl_au Value: 1.1.1810209364.1701963521
.doubleclick.net/	1970-01-20 16:46:04	Name: test_cookie Value: CheckForPermission
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: tI7tAUsitQY
.itgetsbetter.org/	1970-01-21 02:22:03	Name: _ga_Y69L8SW4D9 Value: GS1.1.1701963521.1.0.1701963521.0.0.0
.itgetsbetter.org/	1970-01-21 02:22:03	Name: _ga Value: GA1.1.1231555188.1701963522
.classy.org/	1970-01-20 16:46:05	Name: __cf_bm Value: Ucg8kBXtuonh2sYentgyTT2RaDDbSPglzlcjV3AMhho-1701963521-0-AcRErzi8J/onaftAc8FH126xhMA6VgYqMj1dGuwkqw13s3usqjHPpopEiysy6QEpSnHz/lwLQ43ehN/DDYkktts=
.classy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: fbp7dSBYgFpciwQ.3c01GHI5jXDWhgYSxCXg0x5pzO4-1701963521669-0-604800000
.itgetsbetter.org/	1970-01-21 02:15:50	Name: _scid Value: 4ce61f72-b7d5-4306-a4b0-0674f2ab3d57
.itgetsbetter.org/	1970-01-20 18:55:39	Name: _fbp Value: fb.1.1701963521864.937799120
.itgetsbetter.org/	1970-01-21 02:22:03	Name: tk_or Value: %22%22
.itgetsbetter.org/	1970-01-20 16:50:22	Name: tk_r3d Value: %22%22
.itgetsbetter.org/	1970-01-21 01:31:39	Name: tk_lr Value: %22%22
tags.srv.stackadapt.com/	1970-01-21 01:31:39	Name: sa-user-id Value: s%3A0-8c34cd9e-0b88-5c19-7d15-eaa5580ff015.o4bJqZy0ScCs%2F6NRpWlpnHuvMjDrZykP55Bcab%2F1Bzg
.srv.stackadapt.com/	1970-01-21 01:31:39	Name: sa-user-id Value: s%3A0-8c34cd9e-0b88-5c19-7d15-eaa5580ff015.o4bJqZy0ScCs%2F6NRpWlpnHuvMjDrZykP55Bcab%2F1Bzg
tags.srv.stackadapt.com/	1970-01-21 01:31:39	Name: sa-user-id-v2 Value: s%3AjDTNnguIXBl9FeqlWA_wFZJGdUc.wyDwoDFfWHPz4JCuUpewi0Zpjz%2BqX8P7PFTcEUouDZU
.srv.stackadapt.com/	1970-01-21 01:31:39	Name: sa-user-id-v2 Value: s%3AjDTNnguIXBl9FeqlWA_wFZJGdUc.wyDwoDFfWHPz4JCuUpewi0Zpjz%2BqX8P7PFTcEUouDZU
tags.srv.stackadapt.com/	1970-01-21 01:31:39	Name: sa-user-id-v3 Value: s%3AAQAKIAsFo-wNeTYjQDiROfBYRNKr-B1vzLumrrZ0wc1T4LOFEHwYBCCBzserBjABOgQtwj9GQgR1QHUH.FrMkUkauZ2SsmtGxumrDbfoCPc%2FxQbfn7LJKPmBGYk4
.srv.stackadapt.com/	1970-01-21 01:31:39	Name: sa-user-id-v3 Value: s%3AAQAKIAsFo-wNeTYjQDiROfBYRNKr-B1vzLumrrZ0wc1T4LOFEHwYBCCBzserBjABOgQtwj9GQgR1QHUH.FrMkUkauZ2SsmtGxumrDbfoCPc%2FxQbfn7LJKPmBGYk4
.t.co/	1970-01-21 02:22:03	Name: muc_ads Value: f9fdf22c-c523-49c5-a4a2-edc5f100d7a0
.twitter.com/	1970-01-21 02:22:03	Name: guest_id_marketing Value: v1%3A170196352195934905
.twitter.com/	1970-01-21 02:22:03	Name: guest_id_ads Value: v1%3A170196352195934905
.twitter.com/	1970-01-21 02:22:03	Name: guest_id Value: v1%3A170196352195934905
.tiktok.com/	1970-01-21 02:07:39	Name: _ttp Value: 2ZDjPmBzRGZSRFe7kp6gh7OydTZ
.itgetsbetter.org/	1970-01-21 02:15:50	Name: _scid_r Value: 4ce61f72-b7d5-4306-a4b0-0674f2ab3d57
itgetsbetter.org/	1970-01-21 01:31:39	Name: sa-user-id Value: s%253A0-8c34cd9e-0b88-5c19-7d15-eaa5580ff015.o4bJqZy0ScCs%252F6NRpWlpnHuvMjDrZykP55Bcab%252F1Bzg
itgetsbetter.org/	1970-01-21 01:31:39	Name: sa-user-id-v2 Value: s%253AjDTNnguIXBl9FeqlWA_wFZJGdUc.wyDwoDFfWHPz4JCuUpewi0Zpjz%252BqX8P7PFTcEUouDZU
itgetsbetter.org/	1970-01-21 01:31:39	Name: sa-user-id-v3 Value: s%253AAQAKIAsFo-wNeTYjQDiROfBYRNKr-B1vzLumrrZ0wc1T4LOFEHwYBCCBzserBjABOgQtwj9GQgR1QHUH.FrMkUkauZ2SsmtGxumrDbfoCPc%252FxQbfn7LJKPmBGYk4
.twitter.com/	1970-01-21 02:22:03	Name: personalization_id Value: "v1_Y7x4Vdrab4Rre+nw8emBlg=="
.snapchat.com/	1970-01-21 02:07:39	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQIFBoz6HbcgXHz0bw+ssjLKpEO6UzVfDtXuBjVTFjpXbSFzD6A7G4cOcyAAAA
.itgetsbetter.org/	1970-01-21 02:22:03	Name: tk_ai Value: eeojFTB%2BR4%2Bp%2FsvnOtTqSQKy
.itgetsbetter.org/	1970-01-20 16:46:05	Name: _hjFirstSeen Value: 1
.itgetsbetter.org/	1970-01-20 16:46:05	Name: _hjIncludedInSessionSample_2965374 Value: 1
.itgetsbetter.org/	1970-01-20 16:46:05	Name: _hjSession_2965374 Value: eyJpZCI6IjQyZjQ1M2ZmLTRmOWItNDY4ZS1hZDdmLWUxNTQxMTJhN2MyYyIsImNyZWF0ZWQiOjE3MDE5NjM1MjIzMTksImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjp0cnVlfQ==
.itgetsbetter.org/	1970-01-21 01:31:39	Name: _hjSessionUser_2965374 Value: eyJpZCI6IjAwNTYwYmMyLTM3ZTYtNTM4Ny04YTc0LWI2MGU2MGFjMmIyNCIsImNyZWF0ZWQiOjE3MDE5NjM1MjIzMTgsImV4aXN0aW5nIjp0cnVlfQ==
.itgetsbetter.org/	1970-01-20 16:46:05	Name: _hjAbsoluteSessionInProgress Value: 0
.youtube.com/	1970-01-20 21:05:15	Name: VISITOR_INFO1_LIVE Value: 7wk_SSbKkQk
itgetsbetter.org/	1970-01-20 16:46:07	Name: _gauges_unique_hour Value: 1
itgetsbetter.org/	1970-01-20 16:47:29	Name: _gauges_unique_day Value: 1
itgetsbetter.org/	1970-01-20 17:30:41	Name: _gauges_unique_month Value: 1
itgetsbetter.org/	1970-01-21 01:31:39	Name: _gauges_unique_year Value: 1
itgetsbetter.org/	1970-01-21 01:31:39	Name: _gauges_unique Value: 1
.itgetsbetter.org/	1970-01-21 02:07:39	Name: _tt_enable_cookie Value: 1
.itgetsbetter.org/	1970-01-21 02:07:39	Name: _ttp Value: AAdL9lVSOBqyr5lZRHCzJ284FFR
give.itgetsbetter.org/	1970-01-21 02:22:03	Name: connect.sid Value: s%3A6F_-48Ng6LjB4-ehhCivShm-zqG4Pd3u.so6mqzQHKziV7gijNQDRjkHwtYc86QiPC4QS%2BO%2BQKHM
.give.itgetsbetter.org/	1970-01-20 16:46:05	Name: __cf_bm Value: TzfssiCsHQHdidVbwf_Xg3jcWuZ6ClPBnVhJTuzYHVQ-1701963522-0-AdxUfSHkT8rbl1KYso78Uhe3pw2/kUYBET13l+QiENnej6GOAjvB8nNZZ8RdcYgFelz1z/UWp5rh3x1tXcuE2d8=
.give.itgetsbetter.org/	1969-12-31 23:59:59	Name: __cfruid Value: 91591666a70e8b81db8d5020a4e43aa478a314ce-1701963522
.give.itgetsbetter.org/	1969-12-31 23:59:59	Name: _cfuvid Value: 3GVjBi2mEXOAYwnDpqLsyAivCUKakI0MpgYTcU8jSZc-1701963522835-0-604800000
give.itgetsbetter.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: emS8oiDY-v85H_JsEcUbgznk2Kaf4lNrrkPI
.google.com/	1970-01-20 21:09:34	Name: NID Value: 511=W6L9FBeBCq-fMCF4srXSNiTlTvByQhZ-BEVWMcSDbjqMCLbASB-88fMUbk5qSE6Fr40NClN_X7948LnKBLXMbV3DDjmj9-SYJx-WweFm9mxYjFzmzO-60SmAzL_STY98Q19HAqwMC9GDl_JzoTSKwga9bOH2gAdTaCq9KnsDlo0
give.itgetsbetter.org/	1970-01-20 16:46:04	Name: XSRF-TOKEN Value: eyJpdiI6Ikg4cGJ4ZWdsaFAwN0ZvVWVvS1ZKOWc9PSIsInZhbHVlIjoiME94K0hWcDJmU3p2MWt1c3pjNUZWRzFDWlZ4QjlIREJSVXNwd09JeVdiRlNCZE1KVzY0TWNvSVpLbkZkZGozblRnemJERFNmS2tBeFA5QXhFc2hqVGJJbW0wQU9mTWZDTVd4Y290R2g5aU85R0JzNEtDZm9yNXM1aHRnc2JXdWciLCJtYWMiOiIzY2VkZGZkYjdkZTIyYjc1YzYzZTAwNTU5OTlkZGQxNjExZmMwYjY0NWMyZDUxZTExMWRhNjhhZGFiODJiODMxIiwidGFnIjoiIn0%3D
give.itgetsbetter.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IllldE8yMDY1cS84eDlGejE4dGpDWEE9PSIsInZhbHVlIjoibDRxaGJwRFdETFZoOVRvdjh5cVhWYU5VZ3QyT09KaTllUWNiWG5MRVNQckI5QlRkRUx3M0JETmR0OEdKZUFzYnE5N1ZpbDVKRGFrWXVrT2Q2clhQWmh4bFpZaEM4b3Y4L3hwR3Vic0ZWYm0wUi95MUcvalZieHF6VDFzRkhjY0ciLCJtYWMiOiIyNGUzMzUyNjlhNWJlMjNiMzdjMzliOTU0OTNhMDRkYzE5NmU4NTg0Mjk3MmM1MTU5ZjQ5NDI3MjY4ZDdhN2FhIiwidGFnIjoiIn0%3D
m.stripe.com/	1970-01-21 02:22:03	Name: m Value: 7a8a71ec-5cca-4cda-a0c6-bfd844138a6cc1f907
.give.itgetsbetter.org/	1970-01-21 01:31:39	Name: __stripe_mid Value: e1a72ebb-59b0-441b-8d55-ef17abbfa63541efda
.give.itgetsbetter.org/	1970-01-20 16:46:05	Name: __stripe_sid Value: 72f55e53-906c-4cf4-b7ba-80065bad94b256ee71

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/www-widgetapi.js(Line 1248) Message: Unrecognized feature: 'web-share'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://itgetsbetter.org/ Message: The resource https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/igb-logo-mobile-10.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://itgetsbetter.org/ Message: The resource https://i0.wp.com/itgetsbetter.org/wp-content/uploads/2021/05/igb-logo-10.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

149352635.v2.pressablecdn.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
assets.juicer.io
c0.wp.com
cdn.plaid.com
cdn.transcend.io
code.jquery.com
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
give.itgetsbetter.org
googleads.g.doubleclick.net
htp.tokenex.com
i.ytimg.com
i0.wp.com
itgetsbetter.org
jnn-pa.googleapis.com
js.stripe.com
ka-p.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.classy.org
pay.google.com
pixel.wp.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
region1.google-analytics.com
s.w.org
sc-static.net
script.hotjar.com
sdk.classy.org
secure.gaug.es
static.ads-twitter.com
static.cloudflareinsights.com
static.doubleclick.net
static.hotjar.com
static.juicer.io
stats.wp.com
t.co
tags.srv.stackadapt.com
tr.snapchat.com
tr6.snapchat.com
translate.google.com
translate.googleapis.com
unpkg.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.juicer.io
www.youtube.com
youtu.be
yt3.ggpht.com
itgetsbetter.org
m.stripe.com
104.244.42.131
104.244.42.197
108.156.60.58
13.32.27.19
143.204.207.250
146.75.116.157
151.101.64.176
192.0.76.3
192.0.77.2
192.0.77.37
192.0.77.39
192.0.77.48
199.16.172.188
199.16.173.70
2.16.238.13
2.17.147.138
2001:4860:4802:32::36
2600:9000:2447:3e00:2:8531:afc0:93a1
2606:4700:20::681a:c57
2606:4700:20::681a:d57
2606:4700:4400::6812:2844
2606:4700::6810:3965
2606:4700::6810:7aaf
2606:4700::6812:7c49
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4013:c04::5c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:600::649
34.210.21.51
35.156.2.40
35.190.43.134
46.51.146.14
52.143.247.24
52.222.191.88
54.147.159.60
54.187.119.242
54.76.53.164
99.86.4.50
0048077c7ac86f7c715ea03fa80c3429e0b1ddbf0411d8e7f8eedd7da2c83fcd
006a2b313915b4c2dd538d1316e935ba593bdb7793a21a493b05de60473769c5
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0200bc38d986631f9cc4680084d7d263ccf17fa4a3c627b26ff347e0cfcf1d47
03d27c71ce9e1f4da7c9948f62f6e43900a6377b66879400d0f9587218326124
058d8b644c0a771f4013754fb6a023fd172d2fa246eb60085d295497d0c64b9e
067b22759bfd5684834af3dde55a1205bf7af63a1355a77777c5a160bdca9b55
06d9c9326c7fa24c99554f45c49585782e6f1207e942cd8afdb71422ff2d59ac
07e09c1b140e3c66ab99a7afbf2462ec8aada23e2dbc97dd76a4430d8f9d62b2
07e0c303e819263d40643137625f64cd6697153539d57329683a7fca47edcc17
08c4f8203773f0d8c0820bd606e09d4ab1407d995c015a329e8f2ca737e141ce
09de594226b72397977af42907bcac46d6248ba806bd88d22bc93733325b1541
0e459102d172831a8eeb317d128fa35e0a749f9a6406a8a4f360f47ed6a82878
0faac6667b9444d10e4d1d4b3551491e48687f885f612b88379c1c2f8e4f3447
0fd285e85a0833012cd1a4904d7736227f2f26884e84c653718678178c8f7a07
11de36c54879d13a91383ea5803810995b5cf96400b59db98143093025227b1d
12df62abb4eaabcff5e145f2948246a31727571f7f34161f22937f5bb2bc54a3
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
148f8b31db59c14b3a649f5c3d3ddbd85f061aa23e93418966149aea03afbcf9
1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8
15794828b4a570d8200f86adc3c07657f6939022d2120f31ba031de2af5421db
15b357c8dfc2123fbf442f29510439ebce7bea5a0dc07c9070b52b876308717d
15bbd333ee2e5c38f955a867a2097169e48152a2a336af7203f4f88bc002d348
17a408bf3a3aeb1cf6fffe16bfda1126ff1a4d996ea28ea3b85bf5dcc3a6c1aa
17ab064814a33763fc58aca9e62a5d93078e45e0f4a10e6baf402d5396833397
17b408dfaca06b735d6b006ea17fefd0dd6c8aa8c4b11da4863d0317d5c16bd8
181d40b4301f5eaa81f918fbd09c6d5ec5afa33ab320adc39783b73863d2c2e4
18be65efe73612e4b002392884e349dbc3e859171a631163a9d8edb4bbaf8940
1ae9be0de86ea5204f07a8baa11bb5ba1aa1d6ed4e8cf7d10c8fbd7160661954
1b6c26f5f4c831c5adffc8c991b363c086be4fa2c963210999ecbaf446218ca6
1bdf36eafcc220295d58a9d20aad33ee9757940da54e474f6678b449f34bf531
1cb3f0ad4f6b1cc587a2e0d16f7c71a298a67fd445dd9ed2ca370cb831ecc02e
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a
1e7a05373bc70f979b6088dd3276576750a581d5781be7f31a3ab5f4996c8337
1eb63ab6ef15987ab229241ca2fd8da090d9a7d1ee5406fe8118d0acaf9fa386
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
20ac027ad49317ebdf76a19e606ccdf892924bdce3996d90af1ed4cabcbe1de1
221e965e75a81f454afe91be6ed66b036913142ec31b262b564d1966fc6abf07
22808b48a5290f2910aaa66a123440621dc67427728ab22518c8e136c3d7be85
234a9ce78cf0dd0633d0e91208323f7936334ab56790ed33ed55b4668d990853
236fb88931feead5473c70f542473d5dc064578ffb45ea743414720e2aea3929
2482c85f93f2c17c36be2b6feffe460436bfa18ec62fe4efcfabeaad5cdf471d
24c50da5304d6ce8ec81d988c926f3ebd7dc438489952772052a7c152dcf8756
27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
27e896d440c77cd698ac77e0a62aae776c5ad104b3f8df59f5896b88b3b43a9e
28154044fce2b432bd4e48733bbfaeefef87b58c57d9af3c34db2c75a5121758
28d63fec48ab0c89355c23de6727b6fe04de522a4760f9cfa8361f7de40a745d
28dbf1bfa9461838186542b43adf9dac9666b439de4cc026b2c2416784161bb7
29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b3f86a5519461bf7afb2a8587e94830b00edecb94fb1c1cb0ae0b4e897f0ead
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2ea2661b7537acaca91a5207cdffa69ce3f75bc51a8a09e4dc04183e68d73e04
2f167ae1780938fa19464993733924d0d078d5f5ce7955a596a55c210cb36cc8
303d516f1985e3bc62aa92d1a55c2140a14435b255a32b4c3bc776a2395f056d
311e6feda5c880a874a7ee52b7665f5d712fb4b3116825ea2e2444592cee4b94
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
353483a66fe92a11ebbe734da83f47f6d0526a75175a05e5fc6ec7b2d4890c3a
3570bfba53e8d72faa85cc930f04176d45ea79d7b36d8130623d5afd30c27075
36880bdc7af14a98862c6d0ec5d78a825d187da6ed675c5bc0152418a3720523
38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458
3916390d4395ed16641c0e23d5e5a1bef9de6ce71b02c3941c0ee6f2d899c806
3ba5387729ccfe1bd125870a2d0d64d7db0b71e7c16403c9700a88b7c5ab344c
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ec2775c9fd1bda65d0108b8d756b43e7f60c6adea74196765fbe9243288b0b9
3f631e6316191fa33655184b7eb8fe3a9941ee26fbbec21b1930349e2a70b9d4
3f7af01f4d8414f9dfe9e2dc0f693ad62b3081e7a345aee612114e4c4aebcd2e
401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349
41a99854a7cd595b7a0a302f4ac8a9a0301e27f979d1efea5c35937b1a4e05fa
42b35aef6cb136d6e11834fb43089610eb13bb7ce0323547d559679615db9c4d
436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
455683a936fcffe23f3f2a156944b7961c2360b4bf639ef4fbbd1837f12ee969
45ea1febaa3bfa8f5c4711c1ed96c1971654f98d5bcc5cf69d90a555f79a0c9e
498a873a8912a66c10eddf5fb07274c747847eaa3e8e3fb1a14daba3425a980c
4abf322e82c1e642eb0ee166a8dca80581b098c4b6ce21b29610c272e0a20440
4b7b9c0ddaab33312029946c1a9d7a5fa088e1fcf114cf573721519470b7df47
4c6329a84811954311b5424bbab6ac2dcc70441841a9b1fd441e3315cf540a2e
4d1652591c5829f477a77e31d21f468fac59df22dd69c7762b40054fd6b97aa1
4d29c47cfca29cefed6235ec9d67a6f4a1b1d75945d8421c4d83e94a86a5cd12
4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd
4d65bf866f07b819753c80bca98f75898097a4b3c73074d35f45d440facd01bb
4d66970f202534f853c044ff0eb91afb19751662e8e12c8679d969c641c78b13
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e13d3bd6eb7dc170086f2a756b912a19b009df9d47aef62d0ed5b60a60a93f5
4e5c50233a5496e255643263df3e65eb07d835e22821b72088ef06c9733ce294
4f2b26bc2e8861fa47f1a1ac9534031cfaa88bba55a132a6295f0edf7c9a2d19
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5015b2e49faca5b3b14c98d2a3745aa664eca6b7d79822ffb3d21cbb92381538
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
502f615b389454e5ff7fb988c5214bd0aee8f2668d4cd5dc18721f9d9824df11
50bb7c36ecca26ef05a1d308ca06ca7f60740c7e95d20a8971909303f4fa8657
52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52e7f4e3a17126da79220e405c9530796e8be381f1ccf692d40040a7cd0638d8
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
54e4e9cd3900a289833fc9ba3079698ba58e18de3ddc819d367fe9618cb13900
555858f907bda45e059201a8a3d8910876ef8d830b9b82cfc0ca9aa55c7b029a
564c70df47775767816f028ca9cb667c9a643c1da7bc35dbfba417565fa2c0fe
56f2e68e3eeb4dea9fdf0f3b46b778785fab56fb7844c0c1a626c14299804386
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
5834b33dd181a3cf8d3fd6623b1316bb7a8674ce7327bd5700d2f2d46e01a3bb
585d4af3a08847a4604f8796b4841ebf7eaec7211606cc954f88dc9f27c72b28
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a
5cc115327dcd78f61d16e6a86c98ea3992f656406dcf16b92d60390c103a163c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6192fd402ade2719852ec40ba5c5f6665f74d30af826d898df44c617bc0a294e
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
63a3548860c583edc719e7265f64c6c7d68cb4661f5f6c8ef107ca94f8977ffc
647f0eb8e046a6dfc7f3aaf8b4c5e37de3c3eacb63288cd1e2454bde4b805322
65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf
65f976cffe2202ce71f130a2a4496ca28762a5323229d71ae014d1205c4ffdad
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f7b9d565e432a272c8a087cef5d5bd71a41c4979b2cba3b1e1b8dbe3566388
68947e9ddb590b11f6c1250e1080ff031fb91fddae5b9d41eb307a20ae306e64
68fc46d3053087ed029f3ddc6a49a1e200817b8bde4d79527e89c989ed5b5d8b
6930acce90c269cfadee0a68bb292bc4c52a9c0fe4b63bee4fe72b15fc52cd5d
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6a3446229b31a32d64acd5df8bcac57163dbd17c5c28a7a54ad923af649dde02
6a360e4e3e7c65709b0ffefc54e4f116ea6d8c9909e68ff4578284ebaf07c5f1
6b2a62ac5a53052d04fe7c98b5bb7c13d3ffc27c6792ddc9046f008a260cc535
6cee9f8dff2aab298eeeb2f8e731080bb832c14c9cf00de583b9e7e1dcce3ae2
6d0d980cddfaf9c46ba4a99000c8942eca471514edc22dfd9cba27436da23b6f
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6d3401e57ca271a7ea8fbba27bc7580c9ac443178ee71976ecdd32db9b517b5d
6dcb9ea2c438e20571d67b158981a0fc85924e93d84dc49a29bb6bf3d1f1fcc9
6e6e45edbffa2dc7f2134e257a1fc88cb79790a78672e220695b6975c5f2b1c1
6f362df700f594c70c744881a38ffcaf3863ef11faa6a67db1645a45849b9a73
6ff269876fe9326d7ee3ff8d84dee915664b3ead70fd7760002529cd35cae202
708518c451d33d2ce773ac15b38bd20f1c14a426311d8e3b2aec07df38697c43
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582
73281b24dd9dd9527401232b1e1a979fa3918e5e2d1611eca4991ad9bd989cdf
76164d9d399c8baca4656cd791982fdbd043413f39cf1a56c2d36c12ceb0b7b2
76355b68f188fdb713c15eba03f48457485ec84866ae51005993aa2241b13e2c
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
78d82b67110e48b2e2c570a0d3fa10db72edc69e1c42ab271a5b0c8d59f3edf5
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
79ea29e7ff6a116e3c2d983d73f94e30798465011dcf5a2bb2814303374a98ad
7a79040f5bd6bfe2063fd1e9ff9c008327fa839bf980bd11719beb70ec93f9a2
7a98cfd53fb371872ceef03beaed46b74a7e02d44caa34bab76913cccf0249bb
7b16a0f32557c0d81ef6b44615e8d87c358dad80cba36f1e811fe2f191abd842
7b4eac0591ab31e4231a9783803f7800870ed2f46acd9f0cbdef9ec36568f542
7bf7cc58e7432bb37298ef81b2e57f478c523575fce8d938652f92aa767254b9
7c95cad49ca19cee604037d049a7f154fb02b785a95b9d32f99d7efe33cb2218
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b
8037fcd91179ff85b140b52acbde121679d944561b7a252ab8e1d6978d826ea6
80f6fe6e347d4b5c4068bc7fe50caef888ac564137e7671e80c0428dc299458d
81cecb4a4686b35edc2526e508c1093fa70f1deaafba8c4cef80183759382c6f
82f99958cafb6f0fbe5988b2a251ed09ef5cb95ae98142d128afaf8703b59fc7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845c5e6839712db80395f4b9d6e7d1298fba2d769c1cd20a5e1c89b489dcc754
8646d8ecf9f4c7fe7cd30e29db092aa9cf2781a5c4eea7a4f10f41024176a62c
8647f9026e0186ab195a4083d72ea20202f521addd8cc5e92a6bd63ef5a6ba2e
869da04350e0925de923dd2c39c41d18ba0625e3541bd5059ed5a611550552b6
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
88345ef4c9ab548cef58fd9fa0fdfa1c958d564150ff1e51845b363a97695658
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
8a7e706df924c35378447275d51e61208da84b4280763fed7da27cc70934ffed
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6
8ca59ea276635e06f4153a8979c26329c234dcc44673066902f6971ecdefc758
8cbb165442212630f1ef3fef9321e086db9d58150abeca635dbe767e1f367bed
8cc972b71226ec94578a47c204f06ca46f34494ef1f70acc44a27aa5b5e2d80f
8d1b040cdb0d8a3beb3dedf8127c8b3a10f77250044dc1d932f25bf0d5ce469f
8e84d0a90357d43c325884bb41a24006bcaa24cc59f2c353986f2655eb57a90a
8f00e02f500d94f76252907440c93fd2ac4d413477081e985c3e42ff8e730ed2
8f7d6f6139d786232c30733c242672145a2ed59e41423520f4dc4dc611e2bd8c
908f9780131fb8987762486bb25342423e260e04c9aa8936ff7756b63c687116
9271962e9fc8257ce9e008bde83ac1408a2f196db6142548769f290873b70b93
92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42
92d125d9c4c2d7e7d8ff450d0fb1cd80c089804fa06663cf1e12ac29ed173c54
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
94eba04777cdb147a9359132effa6bf8b0ebccd8c08ba1a6eec4e17e5acd2ac6
95e877a86db1f072d5039946c2ff76ea5848d155a6d98df2b34ade6579572e04
9669a10126dc3af0dfb585a7d1f1359638262289968aa7c202ad70de3371f073
96d70003b221c72dd2af79fbfd27ad44b934900286b204e62f25b069eda84571
98f52c585d499ea7132a6b0c0feee576310ff9ca667cfb8b1b156811d5a89e8f
994081b60adf9b23a36a87c318e96b628d4dd68c1a8d2abec0ca50256cf3c26c
9af605dd32012adeaec6aec9d2d15ff3f2b86db9b724977d1e2396a29f0462c6
9b54f318ed5b86ee239a5b26539e7587d672975595e19de46b23384087e4b086
9c197c685d1cfde9e68e198bd0c023f58202efd10e5991a58aeacb01db67f844
9cb482e4bbe7ddb2e5c64230d4bf9e90f5b0b41ad1c503a7c888ecff4b72fb87
9cece2ee9c97d9ef7bce2fb6aff036dee86bcdbd437b8869a278136ed87f4c2f
9d3088f0e066ab2912fe6d564317ca73543f2262d5ae4a109e89e4720db94715
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9dfd0be145d5d7726152610afc493658321b21de177435273d7a49ed4449040c
9e1f1cd3369c758e19b92899eac17de20750b6888d0600673811208162dab08d
9e8189a6b9d88051b90735e02168330e7faecb461157e686314ab82c29a18cf5
9e9eace97f5f8cf4982c875c3cac72f504b1620e0b86d8bec2bf0cb511e05c8f
9ed9e6f1a0e7db46c951859be33131dee436a1e0405021ddf76a814f23b8a3eb
9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a53e627a452fa91d15870f0420127b0f04d1266d5418f0bb4e2d358d36a1cc7f
a63f486f5b05184dc0708669c9c1823de00295dd74b090557b77268118ecc0dd
a6914ac53aa3855febfe548abb43a66d1df9e1272656c8c378074e0680de2398
a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f
a881cb6eae7ce1135a298d64c865ed30fb32d5acc31b19b8ca2a401d306a7146
a9ef153a00df475c212ef4b4b516eb2f3d88a71877d01cb58fcf9aaddc7fa8ae
aafb5b77ba9325aa6139eb5229ed862fd93b44bfc91e34801998c1dd9fde72d8
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ab92807379feb9a2b4600eb7903373d523c4c025d9d8a81a138e68be3e7708f2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad1a9d38fb19479061ecffb38db571f803ccbb15e0d51d1523ab219ea568d550
af5147e593f6a8dc6f6329c4fcbe2f8f512662d1afaf26bc2a3422643bb3f71e
b0627e3c20e0eaac0d740514ee496d5cb00597819f9b70e211d93d7c398ec410
b0665a16f0f78a80f527b00fe5463d469e79d1288a7389b19a0452596c9c9749
b06bb41004d7fcd9051c499749c319244ffdacf890af122d1b9be2f413fb43ea
b09bbc10887550bcc13732c26f52ebf50bb347b310978bf08271e13a34c8b3cc
b0d768ee72635105b8b27d02e4e25da58394365a1d60aff2a5181f4044062f3d
b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b34ec350f6dc9a300482363eb65082d9974412ff9db7ee4a53b49e1999045297
b400236e532466354be554a16cddd1ab9231066ac4730382df1dbbd08a395e7c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7bc3b9fb8a119aa279b4b7ad5c778393eaecef6a8786673601309fc71cb4e8b
bd44e1d4db19744c519d1d6490873ca76f8894680b6bfd529d89585196cb9cf7
bdd2d405f6ed6768210c4c18671a129e20b22e821bd2719e7ce909762dd28299
bfd761a9c6e6c5c0f50a303e473b15669ed19851fb18b331008b281c9fd0caa4
c046f278de5092451d72870f6205ba519550a6b5911369b46d9edc2095e304d7
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c3a4cabd471a1212e12181bc0d101c32f0ac5bc120720f9fa4ee05adadb3ae69
c460e6629af9a07c3df00d23ec7dba444f1b4506041488b939ff409683d08bf3
c48c2bd49fbe7504b1073ff8a40c875bd8a563de1481c0c1ca0a3437f686e455
c4f3e54234d954492686d0c340031058d44f93a5dc2b75d565a40c08da36ce1a
c71fdf08be68faa116dd26fc6abba73c58066055911be8bfa11c5ba5ce391a26
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
c95a52255502607fbc12722fb5e4e0b3ccdc44c4df9ffd5c17546bbbad547b63
c9622494307eaef76c0eb581738c0c85734b027104ca3c5a115db712e3a1c617
c9a9b73b35b559533ae8c80db712ac4b69268fea5aece862b51969b65f316630
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
caa8008ee6dbae76478943d4d233519d362e75858f9c9928090b5928cda3b2d8
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620
d42d4f34d879db7a00e6b4f53d52c4ac6df5264c7395ffe46e44f100086d00cf
d484196871d3ff5a3e1b232fd446b56471bc1690191969323ed948e467274081
d632cb364f35b40afb5abaca971891e56190d21477f05e4387f34486a02ad571
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d715d803774712817e0843a429bdee439b10a425f9426b02743691fd225da8ea
d753935de21e4b6977627956e8d6558a74c44734e8ade443da474b88200bd0e5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8aded8a01136fb1f450e122d96b2a6f5a03f81c1b9ecf6f357643f35066b77f
da07fd308f8d7753e8c5218ab4757e53258b5721db310acc1c4ebd15f4711b86
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
db7fb0d2d815f32f28ec22cb27abc0ed6bda4f64f1f4f975d04f5157df92176f
dcd006c4a7793fe5e665c0536139c5c30e16fbda66ca93b30d1f69e57887c471
dce0215122c5f97eadb45959149cfa044f5f620d6d9b403586a6dc0f291402d1
dce7ee62a2ea6b9e01fbcb1f19f85cab2135c849a5486a9d3dfcf972b00b9608
ddc70bebc8a0e4ae5b13a5f8409693a3e88aa4b4415a75f632f11d0f0c423457
df2698e6cf74ed890afa92da10051f880df2ce0b3257b73c5d9ae2f6bea82d3c
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e106472972bdecc9a2188aa416f8d2caa42243cdd34d3c273aab333cac424dc2
e1d66faeabf6383070334c56c65ef313ab9b34efe18bd37c54696673484fb16c
e28f78aee0d8b9847cb1e03221fa47ab731dc769c312fe1f3d4edb87a3c86f4e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4811c2a5e7af97359c718a20571660a462910f79d2da7e57cec571b24262048
e4d3f717b379171d0f314d9d9fb9524338b77205ab58a2c87fbd1634901ff729
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e7cc3ea52e6a5e1ea3e0938fb9df73529604f82147154f3f4d69e6b580bbac02
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff362917fc89734f3ae8e72dfd33454f4b07bf50d368b35310e369d140547d7
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f03b08f58f0df83bc6b73e01ff9dc6eaff0968c61d0b58deb3a0cc1be8541c40
f1eb7f221eefd75d8b00fe87558e5724bb7acbafdc19fee0eab33a0b3a7446fd
f21a803f0b7f63109cd608bfbe9769a3dc2e2a17c8e885826529d3981d15d313
f24c65cd8e3c41f426ef9a8c653b298d848b413b95e4de5dbe8f8d5f7ed47977
f27902b2b9390fb8b4b9b4239b762bc52fb4e6e2098d3dfecc1fdb37c9431b8f
f2f94f7fbc53e6454a3781287a15449eaa44e64a98a238a9be67410bc2c3afc2
f324bb9f291d65c0864e28df2f87444f27e995e75eb4d91dc4b0ba3182c82463
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4125873a800fd8df636016b1d34e0af85e54abb5a1a06e26360e8f2af1d2eba
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f508fafed8937fa0e8c9d797493ae41e0a31896903f6215397dcfba20df8d2c2
f5d443de6f68d2fa95c8f5493cf7e248b5025615c40333a24c4eda1366626ca5
f70f8ae9e901910b342fc2ffeb47668d9f504e4e26a68279d02c72c84035bee9
f7d4c54dc556bce61c6a59150788149f9310dcf3f1deba151612334afd20e726
f7e1ef3dd67755f224768aca391d7f74bd6c6e943d53f8a5533496f5d79a7d54
f9307bfc8d9261402d1e44aa45a4ab1e133dabe80c84172fa4cc2d23acaa4487
fbe21e04ab5ce0d9750ea23a0d16a44f6a2673e95da64a7ab56af4b119ed775d
fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e
fe0130a7a1c919a78c51773b8a775ca8eb1ff3211b7b06d2044cbd1357e1e9e2
fe3e8011fccc8d506f24b6160c6663c8ec1933f732454ad3e2aa45bb06164c83
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

itgetsbetter.org Open in urlscan Pro 199.16.173.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

493 Requests

99 %HTTPS

52 %IPv6

39 Domains

61 Subdomains

54 IPs

5 Countries

15568 kBTransfer

41623 kBSize

55 Cookies

24 Outgoing links

Page URL History

Redirected requests

493 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

itgetsbetter.org Open in urlscan Pro
199.16.173.70 Public Scan

Screenshot
Live screenshot

Full Image

493
Requests

99 %
HTTPS

52 %
IPv6

39
Domains

61
Subdomains

54
IPs

5
Countries

15568 kB
Transfer

41623 kB
Size

55
Cookies

493 HTTP transactions
8 data transactions