www.bluetogold.com Open in urlscan Pro
198.49.23.144 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bluetogold.com/calendar/las-21
Submission: On April 23 via api (April 23rd 2021, 7:22:10 pm UTC) from US

Summary HTTP 131 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 25 domains to perform 131 HTTP transactions. The main IP is 198.49.23.144, located in United States and belongs to SQUARESPACE, US. The main domain is www.bluetogold.com.
TLS certificate: Issued by R3 on March 27th 2021. Valid for: 3 months.

This is the only time www.bluetogold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	198.49.23.144 198.49.23.144	53831 (SQUARESPACE) (SQUARESPACE)
6	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
10	104.117.213.240 104.117.213.240	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	151.101.112.238 151.101.112.238	54113 (FASTLY) (FASTLY)
14	2606:4700:20:... 2606:4700:20::681a:a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	104.96.90.218 104.96.90.218	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	136.143.191.67 136.143.191.67	2639 (ZOHO-AS) (ZOHO-AS)
6	44.237.110.25 44.237.110.25	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.164.108 130.211.164.108	15169 (GOOGLE) (GOOGLE)
3	184.30.24.107 184.30.24.107	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:20e... 2600:9000:20eb:a200:2:cf6c:5100:93a1	16509 (AMAZON-02) (AMAZON-02)
6	143.204.245.15 143.204.245.15	16509 (AMAZON-02) (AMAZON-02)
11	185.20.209.147 185.20.209.147	41913 (COMPUTERL...) (COMPUTERLINE Computerline)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	143.204.237.146 143.204.237.146	16509 (AMAZON-02) (AMAZON-02)
1	54.185.154.201 54.185.154.201	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	151.101.12.176 151.101.12.176	54113 (FASTLY) (FASTLY)
2	204.141.42.97 204.141.42.97	2639 (ZOHO-AS) (ZOHO-AS)
2	44.230.112.154 44.230.112.154	16509 (AMAZON-02) (AMAZON-02)
10	91.235.133.182 91.235.133.182	30286 (THM) (THM)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
131	31

8 198.49.23.144 (United States)

ASN53831 (SQUARESPACE, US)

www.bluetogold.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.117.213.240 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-213-240.deploy.static.akamaitechnologies.com

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.112.238 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:a1 (United States)

ASN13335 (CLOUDFLARENET, US)

api.memberstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.96.90.218 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-96-90-218.deploy.static.akamaitechnologies.com

images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.143.191.67 (United States)

ASN2639 (ZOHO-AS, US)

salesiq.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.237.110.25 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-110-25.us-west-2.compute.amazonaws.com

bluetogold.regfox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.164.108 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 108.164.211.130.bc.googleusercontent.com

static.wepay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.24.107 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-107.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:a200:2:cf6c:5100:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.webconnex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.245.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-15.cph50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.20.209.147 (Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)

css.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

memberstack-logos.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.237.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-237-146.cph50.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.185.154.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-185-154-201.us-west-2.compute.amazonaws.com

bouncer.webconnex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.141.42.97 (United States)

ASN2639 (ZOHO-AS, US)

salesiq.zohopublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.230.112.154 (Boardman, United States)

ASN16509 (AMAZON-02, US)

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 91.235.133.182 (United States)

ASN30286 (THM, US)

t.wepay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

ncwzrc4kjnnxcorsxc7gylx4s5kdpiduxuo4yjsv5471b7b249ca470dam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	squarespace.com 1 redirects assets.squarespace.com static1.squarespace.com	1 MB
14	memberstack.io api.memberstack.io	110 KB
13	squarespace-cdn.com images.squarespace-cdn.com	309 KB
11	zohocdn.com css.zohocdn.com js.zohocdn.com	322 KB
11	wepay.com static.wepay.com t.wepay.com	75 KB
8	stripe.com js.stripe.com m.stripe.com	125 KB
8	typekit.net use.typekit.net p.typekit.net	174 KB
8	bluetogold.com www.bluetogold.com	56 KB
6	gstatic.com fonts.gstatic.com	47 KB
6	regfox.com bluetogold.regfox.com Failed	724 KB
3	online-metrix.net h.online-metrix.net ncwzrc4kjnnxcorsxc7gylx4s5kdpiduxuo4yjsv5471b7b249ca470dam1.e.aa.online-metrix.net	15 KB
3	twitter.com platform.twitter.com syndication.twitter.com	132 KB
3	webconnex.com images.webconnex.com bouncer.webconnex.com	10 KB
3	bootstrapcdn.com netdna.bootstrapcdn.com	98 KB
3	google-analytics.com www.google-analytics.com	38 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	zohopublic.com salesiq.zohopublic.com	4 KB
2	stripe.network m.stripe.network	25 KB
2	addthis.com s7.addthis.com	190 KB
2	zoho.com salesiq.zoho.com	45 KB
1	addthisedge.com v1.addthisedge.com	699 B
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	1 KB
1	digitaloceanspaces.com memberstack-logos.nyc3.cdn.digitaloceanspaces.com	14 KB
1	moatads.com z.moatads.com	1 KB
0	Failed function sub() { [native code] }. Failed
131	25

	Domain	Requested by
14	api.memberstack.io	www.bluetogold.com api.memberstack.io assets.squarespace.com
13	images.squarespace-cdn.com	www.bluetogold.com
10	t.wepay.com	static.wepay.com bluetogold.regfox.com t.wepay.com
10	assets.squarespace.com	www.bluetogold.com assets.squarespace.com
8	www.bluetogold.com	assets.squarespace.com
7	js.zohocdn.com	salesiq.zoho.com js.zohocdn.com
6	js.stripe.com	bluetogold.regfox.com api.memberstack.io js.stripe.com
6	fonts.gstatic.com	fonts.googleapis.com
6	bluetogold.regfox.com	www.bluetogold.com assets.squarespace.com bluetogold.regfox.com
6	use.typekit.net	www.bluetogold.com bluetogold.regfox.com
5	static1.squarespace.com	1 redirects www.bluetogold.com static1.squarespace.com
4	css.zohocdn.com	salesiq.zoho.com css.zohocdn.com js.zohocdn.com
3	netdna.bootstrapcdn.com	bluetogold.regfox.com netdna.bootstrapcdn.com
3	www.google-analytics.com	www.bluetogold.com www.google-analytics.com bluetogold.regfox.com
3	fonts.googleapis.com	www.bluetogold.com bluetogold.regfox.com
2	h.online-metrix.net	t.wepay.com
2	m.stripe.com	m.stripe.network
2	salesiq.zohopublic.com	js.zohocdn.com
2	m.stripe.network	js.stripe.com
2	platform.twitter.com	bluetogold.regfox.com platform.twitter.com
2	images.webconnex.com	bluetogold.regfox.com
2	s7.addthis.com	bluetogold.regfox.com s7.addthis.com
2	p.typekit.net	www.bluetogold.com use.typekit.net
2	salesiq.zoho.com	www.bluetogold.com assets.squarespace.com
1	ncwzrc4kjnnxcorsxc7gylx4s5kdpiduxuo4yjsv5471b7b249ca470dam1.e.aa.online-metrix.net
1	syndication.twitter.com	platform.twitter.com
1	v1.addthisedge.com	s7.addthis.com
1	bouncer.webconnex.com	bluetogold.regfox.com
1	d3e54v103j8qbb.cloudfront.net	www.bluetogold.com
1	memberstack-logos.nyc3.cdn.digitaloceanspaces.com	www.bluetogold.com
1	z.moatads.com	s7.addthis.com
1	static.wepay.com	bluetogold.regfox.com
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	t.wepay.com
131	33

This site contains links to these domains. Also see Links.

Domain
university.bluetogold.com
maps.google.com
www.google.com
twitter.com
facebook.com
youtube.com
bluetogold.com
en.wikipedia.org

Subject Issuer	Validity	Valid
www.bluetogold.com R3	`2021-03-27` - `2021-06-25`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.squarespace.com DigiCert Secure Site ECC CA-1	`2020-07-28` - `2021-10-27`	a year	crt.sh
memberstack.io Cloudflare Inc ECC CA-3	`2020-07-15` - `2021-07-15`	a year	crt.sh
images.squarespace-cdn.com R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.zoho.com Thawte RSA CA 2018	`2020-05-31` - `2021-05-31`	a year	crt.sh
*.redpodium.com Amazon	`2020-10-04` - `2021-11-03`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
static.wepay.com DigiCert SHA2 Extended Validation Server CA	`2021-03-23` - `2022-03-28`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-06` - `2022-04-11`	a year	crt.sh
*.webconnex.com Amazon	`2021-01-14` - `2022-02-11`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-04-14` - `2021-08-04`	4 months	crt.sh
*.zohocdn.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.zohopublic.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-04` - `2022-03-04`	2 years	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-16` - `2021-08-04`	4 months	crt.sh
t.wepay.com DigiCert SHA2 High Assurance Server CA	`2019-08-12` - `2021-08-25`	2 years	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-01-21` - `2022-01-21`	a year	crt.sh
*.e.aa.online-metrix.net Go Daddy Secure Certificate Authority - G2	`2019-09-13` - `2021-09-13`	2 years	crt.sh

This page contains 11 frames:

Primary Page: https://www.bluetogold.com/calendar/las-21
Frame ID: EAC35C6C3E389E70977313735E3E5479
Requests: 68 HTTP requests in this frame

Frame: https://bluetogold.regfox.com/las-21?wmode=opaque
Frame ID: 6C1C1D0DBDEAE34B83BC9B58AC14D3F3
Requests: 37 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
Frame ID: 0F5618BC52D8C1751F7857863BCE7169
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.63899b173766ee6f8a729a72b542b0fb.html?origin=https%3A%2F%2Fbluetogold.regfox.com
Frame ID: CF19943EA65F019D97A82041588E3029
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0EB86A6DBB7FDB3BEFBCE901B91D4750
Requests: 2 HTTP requests in this frame

Frame: https://css.zohocdn.com/salesiq/https/styles/newembedtheme_b51263740ae0a39ed7c3df83e116bc8a_.css
Frame ID: 247E7A722C803733BF12FCD2127612CC
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
Frame ID: 9D20D93FA1B6D8C37561B8595AFE6ABE
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: C2DD3BA9B4D301A6594D3316B27D2092
Requests: 2 HTTP requests in this frame

Frame: https://t.wepay.com/fp/ls_fp.html;CIS3SID=938A2EF6139FB79B52DEF5D6FC135F83?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&nonce=5471b7b249ca470d
Frame ID: E11E9CD98778AD5E13BA0C6B9A5169A8
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=938A2EF6139FB79B52DEF5D6FC135F83?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&nonce=5471b7b249ca470d
Frame ID: BA42B8A5592FF4E76A761C3CB8107C5D
Requests: 2 HTTP requests in this frame

Frame: https://t.wepay.com/fp/top_fp.html;CIS3SID=938A2EF6139FB79B52DEF5D6FC135F83?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&nonce=5471b7b249ca470d
Frame ID: 01CBA662C529F8F22B3B8AC637758A69
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

html //i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

131
Requests

98 %
HTTPS

30 %
IPv6

25
Domains

33
Subdomains

31
IPs

4
Countries

3673 kB
Transfer

13509 kB
Size

15
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://university.bluetogold.com/
Title: On-Demand Login

Search URL Search Domain Scan URL

URL: http://maps.google.com/?q=400%20South%20Martin%20Luther%20King%20Boulevard%20Las%20Vegas,%20NV,%2089106%20United%20States
Title: (map)

Search URL Search Domain Scan URL

URL: http://www.google.com/calendar/event?action=TEMPLATE&text=Las%20Vegas%2C%20Nevada&dates=20210614T153000Z/20210618T000000Z&location=400%20South%20Martin%20Luther%20King%20Boulevard%2C%20Las%20Vegas%2C%20NV%2C%2089106%2C%20United%20States
Title: Google Calendar

Search URL Search Domain Scan URL

URL: http://twitter.com/bluetogold
Title:

Search URL Search Domain Scan URL

URL: http://facebook.com/bluetogoldtraining
Title:

Search URL Search Domain Scan URL

URL: http://youtube.com/bluetogold
Title:

Search URL Search Domain Scan URL

URL: https://bluetogold.com/subscribe
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Payment_Services_Directive#Revised_Directive_on_Payment_Services_(PSD2)
Title: Learn more

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://static1.squarespace.com/static/5edf027f3a6d5e2f15f7fb79/t/5eff94f8fc1b3c3e294334c4/1619200569040/?format=1500w HTTP 301
https://images.squarespace-cdn.com/content/5edf027f3a6d5e2f15f7fb79/1593808120265-3IPKDQOGWRJ0TGC5ZBUJ/B2G-Training-70.png?content-type=image%2Fpng

131 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request las-21 Show response
www.bluetogold.com/calendar/ 249 KB
34 KB 428ms
164ms Document
text/html 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluetogold.com/calendar/las-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

651492d95c1e9fd9378fa9f7e9d60a3315cee1b44aec5bf54891198e812d6319

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.bluetogold.com
:scheme: https
:path: /calendar/las-21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
age: 2110
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 23 Apr 2021 18:46:37 GMT
etag: W/"7678d7f3571a945b8dab1d660bfb20b9--gzip"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
set-cookie: crumb=BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0;Path=/
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: EtuhR2r5/LdQuSbST
content-length: 34599

GET
H2 200 B-TpD6dV8dNYRY9d-U6T1-MW04uLeYRAMcvn3KBOMXtfelt2fFHN4UJLFRbh52jhWDm8Zej3wRicwhIhZ2m8wcjUFAjaZcJa5sntMKG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0jcUuZWszZhNCZfoDSWmyS... Show response
use.typekit.net/ik/ 17 KB
7 KB 46ms
13ms Script
text/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/B-TpD6dV8dNYRY9d-U6T1-MW04uLeYRAMcvn3KBOMXtfelt2fFHN4UJLFRbh52jhWDm8Zej3wRicwhIhZ2m8wcjUFAjaZcJa5sntMKG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0jcUuZWszZhNCZfoDSWmyScmDSeBRZPoRdhXCHKoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBDOcu8Oe4CiAmXdhizdeb0jhNlOe4CiAmXdhizdeb0SaBujW48Sagyjh90jhNlOeUzjhBC-eNDifUDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80Zko0ZWbCiaiaOcBDOcu8OYiaikoKdYm8ieN1dhUqOcFzdPUaiaS0jcUuZWszZhNCZfoDSWmyScmDSeBRZPoRdhXCiaiaO1FUiABkZWF3jAF8ShFGZAsude80ZkoRdhXKfAZuiYmkjPu3ifG4fVN9IMMjgPMfH6qJ6m9bMg6YJMJ7fbKMmsMMeMv6MKG4fJ4mIMMjIPMfqMezXZQEgb.js

Requested by

Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f2dc9b98aca591bc03b84de056433d72dcbbad241a730e691cf2f415d2dbf586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 23 Apr 2021 19:21:48 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6871

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
657 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300

Requested by

Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bc2ac81279ac3de72ff9c9556bf61258cc02472a89f07ac3090f6916160da80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 19:06:19 GMT
server: ESF
date: Fri, 23 Apr 2021 19:21:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Apr 2021 19:21:48 GMT

GET
H/1.1 200
OK moment-js-vendor-26ddeab7fa5f90b6c8cb3-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 252 KB
46 KB 111ms
48ms Script
text/javascript 104.117.213.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/moment-js-vendor-26ddeab7fa5f90b6c8cb3-min.en-US.js
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.213.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-213-240.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 925818e35ed0851fba7408d7c438c261edbc941e343349d32aa07d25b2a3b653

Request headers

Origin: https://www.bluetogold.com
Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Mar 2021 14:44:31 GMT
Server: UploadServer
ETag: "0e28a2bab2568967b06ccb29a987d025"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46169
Expires: Fri, 23 Apr 2021 19:36:49 GMT

GET
H/1.1 200
OK cldr-resource-pack-7d6dc599f0e9e5882dcca-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 119 KB
25 KB 34ms
34ms Script
text/javascript 104.117.213.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-7d6dc599f0e9e5882dcca-min.en-US.js
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.213.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-213-240.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 8c77794b795c43cb1944f06f8b8e834eb00a6088e5e3f0cd41b13c789105bb76

Request headers

Origin: https://www.bluetogold.com
Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Mar 2021 21:05:22 GMT
Server: UploadServer
ETag: "407be27f6c01802526b08d75e747f800"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24853
Expires: Fri, 23 Apr 2021 19:36:49 GMT

GET
H/1.1 200
OK common-vendors-stable-afecde13fe31e4470ac33-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 244 KB
77 KB 36ms
36ms Script
text/javascript 104.117.213.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-afecde13fe31e4470ac33-min.en-US.js
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.213.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-213-240.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 7b5e3e0dec9ab4763fc475655120fe453fca2f7d55921a554ae796fc98ba7a65

Request headers

Origin: https://www.bluetogold.com
Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Apr 2021 14:41:40 GMT
Server: UploadServer
ETag: "a4c3f8e16f85185c5750bd48a11ffb37"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78165
Expires: Fri, 23 Apr 2021 19:36:49 GMT

GET
H/1.1 200
OK common-vendors-f886e85b498c642a2a8f5-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 689 KB
188 KB 60ms
60ms Script
text/javascript 104.117.213.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-f886e85b498c642a2a8f5-min.en-US.js
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.213.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-213-240.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 48e8492f6fe4e204a81dcd384b2f1125ec0033ffbf9fec9c94d444b38d4dce63

Request headers

Origin: https://www.bluetogold.com
Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Apr 2021 20:38:49 GMT
Server: UploadServer
ETag: "71e8af7ede20e2393bd2e241bbd4c604"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 192402
Expires: Fri, 23 Apr 2021 19:36:49 GMT

GET
H/1.1 200
OK common-0e95fffbfaa6de282ebb3-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 779 KB
185 KB 49ms
48ms Script
text/javascript 104.117.213.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-0e95fffbfaa6de282ebb3-min.en-US.js
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.213.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-213-240.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 27f1c6e60728f6ec5a219faf56bfaa0482b600a02b83e9cce1d1253f29903309

Request headers

Origin: https://www.bluetogold.com
Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:49 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
X-GUploader-Response-Body-Transformations: gunzipped
Connection: keep-alive, Transfer-Encoding
Last-Modified: Fri, 23 Apr 2021 13:33:39 GMT
Server: UploadServer
ETag: W/"18340da7e5bf943c0a411943e6a89253"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=900
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Expires: Fri, 23 Apr 2021 19:36:49 GMT

GET
H/1.1 200
OK commerce-5311e76ff8a8da962e562-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 964 KB
238 KB 31ms
30ms Script
text/javascript 104.117.213.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/commerce-5311e76ff8a8da962e562-min.en-US.js
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.213.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-213-240.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: d3470d629b39f5504e076632b06cd8b97b2c567825aba06b2b25dd58a13acd92

Request headers

Origin: https://www.bluetogold.com
Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Apr 2021 17:13:29 GMT
Server: UploadServer
ETag: "8da1f820b386c9ebec7aef093d4326fc"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 243103
Expires: Fri, 23 Apr 2021 19:36:49 GMT

GET
H/1.1 200
OK commerce-0418f029ba9aeb9db8790-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ 10 KB
3 KB 116ms
42ms Stylesheet
text/css 104.117.213.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/styles-compressed/commerce-0418f029ba9aeb9db8790-min.en-US.css
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.213.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-213-240.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 0377b04db3b348d4a70068206a3fc227c44392912c4f6a124ee65fad2b14d582

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:49 GMT
Content-Encoding: gzip
X-GUploader-Response-Body-Transformations: gunzipped
Connection: keep-alive
Content-Length: 2247
Last-Modified: Fri, 12 Mar 2021 21:49:07 GMT
Server: UploadServer
ETag: W/"e1cb2ba8bd9ab5e7cec0e466fd15d80e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=900
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Expires: Fri, 23 Apr 2021 19:36:49 GMT

GET
H/1.1 200
OK performance-0add3f16b92e7b8855b50-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 44 KB
14 KB 31ms
31ms Script
text/javascript 104.117.213.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-0add3f16b92e7b8855b50-min.en-US.js
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.213.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-213-240.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 2d75fcf9c777174f1245b30ed95b56d566213925377acd82698e4eb45ad43a2b

Request headers

Origin: https://www.bluetogold.com
Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Apr 2021 19:07:21 GMT
Server: UploadServer
ETag: "1a9576f542aa2e25cfecc5aca041e82a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13570
Expires: Fri, 23 Apr 2021 19:36:49 GMT

GET
H2 200 site.css
static1.squarespace.com/static/sitecss/5edf027f3a6d5e2f15f7fb79/93/5c5a519771c10ba3470d8101/5edf02803a6d5e2f15f7fbaf/1050-05142015/1619105966959/ 690 KB
74 KB 96ms
30ms Stylesheet
text/css 151.101.112.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/sitecss/5edf027f3a6d5e2f15f7fb79/93/5c5a519771c10ba3470d8101/5edf02803a6d5e2f15f7fbaf/1050-05142015/1619105966959/site.css

Requested by

Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

0c76b634e423d70643229df89d936c2a731eae8ad726cb8049052d12020d97f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99741
x-cache: HIT, HIT
x-contextid: hoFW1xjc/E3RSOVzW
x-cache-hits: 1, 1
content-length: 75596
x-served-by: cache-dfw18620-DFW, cache-hhn4046-HHN
pragma: cache
server: Squarespace
x-timer: S1619205709.049686,VS0,VE1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 memberstack.js Show response
api.memberstack.io/static/ 126 KB
38 KB 933ms
906ms Script
application/javascript 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/memberstack.js?squarespace

Requested by

Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f559fc1755c4643c74849b96154553c6353a29ad682de1d8526bf03f39ae3b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:49 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iaSzuniHrMNy6fzBTKrDIVq0nGuMP7ERlXxY2a0kukKeI7wAxrnEIdFPXlL9LQ5lZIp6KdCPxB%2FWJw%2BE1fpJlVasRQ1wbUKWApzyXyTDNBRBApTqFsbNZjM%2BeGC9%2FrM%3D"}]}
content-encoding: br
vary: Accept-Encoding
cf-request-id: 09a1c774bc00004a741a0f1000000001
last-modified: Wed, 14 Apr 2021 15:18:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1f6ae-178d0f61ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 644975012b5e4a74-FRA

GET
H/1.1

200
OK

B2G-Training-70.png
images.squarespace-cdn.com/content/5edf027f3a6d5e2f15f7fb79/1593808120265-3IPKDQOGWRJ0TGC5ZBUJ/
Redirect Chain

https://static1.squarespace.com/static/5edf027f3a6d5e2f15f7fb79/t/5eff94f8fc1b3c3e294334c4/1619200569040/?format=1500w
https://images.squarespace-cdn.com/content/5edf027f3a6d5e2f15f7fb79/1593808120265-3IPKDQOGWRJ0TGC5ZBUJ/B2G-Training-70.png?content-type=image%2Fpng

12 KB
12 KB

260ms
214ms

Image
image/png

104.96.90.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/5edf027f3a6d5e2f15f7fb79/1593808120265-3IPKDQOGWRJ0TGC5ZBUJ/B2G-Training-70.png?content-type=image%2Fpng
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.90.218 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-96-90-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bd9c34850856387a1b6aa460751df47d1a4404300197e43eb696e8da7db04345

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:50 GMT
ETag: CJ/u0JKHku0CEAE=
Vary: "Accept-Encoding"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 12014
Tracepoint: "Akamai"

Redirect headers

date: Fri, 23 Apr 2021 19:21:49 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
age: 0
x-cache: MISS, MISS
x-contextid: LcheQ5ZP/AuWMte8A
x-cache-hits: 0, 0
content-length: 0
x-served-by: cache-dfw18655-DFW, cache-hhn4046-HHN
pragma: cache
server: Squarespace
x-timer: S1619205710.534090,VS0,VE268
location: https://images.squarespace-cdn.com/content/5edf027f3a6d5e2f15f7fb79/1593808120265-3IPKDQOGWRJ0TGC5ZBUJ/B2G-Training-70.png?content-type=image%2Fpng
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: public, max-age=10
accept-ranges: bytes
timing-allow-origin: *, *
tracepoint: Fastly

GET
H2 200 site-bundle.js Show response
static1.squarespace.com/static/ta/5c5a514d65019f01a2cb2be5/1050/scripts/ 194 KB
55 KB 30ms
29ms Script
application/javascript 151.101.112.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/ta/5c5a514d65019f01a2cb2be5/1050/scripts/site-bundle.js

Requested by

Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

3e09254be59ad08d7e8c964089f6f47fb178008be42ca77d689ba90ecb8368b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278743
x-cache: HIT, HIT
x-contextid: XL8uIvWn/7xAyNdHA
x-cache-hits: 1, 12922
content-length: 55969
x-served-by: cache-dfw18622-DFW, cache-hhn4046-HHN
pragma: cache
server: Squarespace
x-timer: S1619205710.926347,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

OPTIONS
H2 204 settings
api.memberstack.io/site/ Frame 0
0 583ms
568ms Preflight 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/site/settings

Protocol

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.bluetogold.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization,content-type
via: 1.1 vegur
cf-cache-status: DYNAMIC
cf-request-id: 09a1c7787100004ea3e3a18000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VnGnS7RfqsTFJTiBfkfWF5rbP3wbaMirc%2BvndnGNf7ry2mfxW3yvKWt5HivZHhjgRDv2z%2Bn8Hdd%2FfJ18Ip5aHtKsE070bEwZZsX91XXo1eFOexkFTNBkQ744hc%2FXHgs%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64497507180d4ea3-FRA

POST
H2 200 settings Show response
api.memberstack.io/site/ 608 B
747 B 562ms
560ms Fetch
application/json 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/site/settings

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?squarespace

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ce760a9ebcbf4de4448f4185c462e569156b307f8124994c25b78cd34df7052

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bluetogold.com/
Authorization: Bearer
Content-Type: application/json

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xNH9TqxJVAcjW2GiJXoNkNfsj%2F6rjeyG3cdeexBP5O5Rrg1GLE%2F7NHT4zp70fAv4YMrYVlPXRIYpdm%2F1U0WnUz2Q6CCLxzVpyovr72QRGMEDGKkxyetc2JunV1Zy7fM%3D"}]}
content-encoding: br
cf-request-id: 09a1c77aaa00004ea382337000000001
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"260-iYWeypLtF1vpcNk11QCv8FvZP68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-ray: 6449750aa8074ea3-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6076
date: Fri, 23 Apr 2021 17:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 23 Apr 2021 19:40:33 GMT

GET las-21
bluetogold.regfox.com/ Frame 6C1C 0
0

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bluetogold.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
age: 465491
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bluetogold.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:01:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:23 GMT
server: sffe
age: 296422
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7848
x-xss-protection: 0
expires: Wed, 20 Apr 2022 09:01:27 GMT

GET
H2 200 l
use.typekit.net/af/2cd6bf/00000000000000000001008f/27/ 41 KB
42 KB 36ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2cd6bf/00000000000000000001008f/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5e621780ac394f3839adb9f93d62c36bc51d432e4d8f7bfe7822d2951fdf7c4f

Request headers

Origin: https://www.bluetogold.com
Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:49 GMT
server: nginx
etag: "87868ea7533b245fa343d5fd2e370ee0daee1db8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42376

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bluetogold.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
age: 465491
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H3-29 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.bluetogold.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 06:34:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
age: 305236
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
expires: Wed, 20 Apr 2022 06:34:34 GMT

GET
H/1.1 200 widget Show response
salesiq.zoho.com/ 104 KB
31 KB 597ms
211ms Script
text/javascript 136.143.191.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/widget

Requested by

Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.191.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

6b2ad5e8efca12196b94fcede3e8268337d82d0970dd2bf1e0f06928ca0d463d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
Date: Fri, 23 Apr 2021 19:21:50 GMT
Content-Encoding: gzip
Server: ZGS
ETag: W/306203327
vary: accept-encoding
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000
Expires: Fri, 23 Apr 2021 19:26:50 GMT

GET
H2 200 settings Show response
www.bluetogold.com/api/1/performance/ 3 KB
520 B 148ms
148ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bluetogold.com/api/1/performance/settings
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-0add3f16b92e7b8855b50-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: e04460d8e3905afb14b0cff3e8e19b5193ce7e2d3bc79fdb80de18705a92a331

Request headers

:path: /api/1/performance/settings
pragma: no-cache
cookie: crumb=BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.bluetogold.com
referer: https://www.bluetogold.com/calendar/las-21
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bluetogold.com/calendar/las-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
content-encoding: gzip
server: Squarespace
x-contextid: EtuhR2r5/9Ep3ZpHx
content-length: 418
vary: Accept-Encoding, User-Agent
content-type: application/json

GET
H2 200 magic-padding-controller.c1aa3a0900bdefb2812b.js Show response
static1.squarespace.com/static/ta/5c5a514d65019f01a2cb2be5/1050/scripts/ 5 KB
2 KB 29ms
29ms Script
application/javascript 151.101.112.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/ta/5c5a514d65019f01a2cb2be5/1050/scripts/magic-padding-controller.c1aa3a0900bdefb2812b.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/ta/5c5a514d65019f01a2cb2be5/1050/scripts/site-bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

c268525a79f7817775e4840f43b967fce813641741403dedc56be4271aef600d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278743
x-cache: HIT, HIT
x-contextid: lTxKY8cU/rGMMKjvd
x-cache-hits: 1, 12283
content-length: 1806
x-served-by: cache-dfw18649-DFW, cache-hhn4046-HHN
pragma: cache
server: Squarespace
x-timer: S1619205710.335543,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 item-pagination.6cdc3e4b7a69c8cca848.js Show response
static1.squarespace.com/static/ta/5c5a514d65019f01a2cb2be5/1050/scripts/ 606 B
456 B 30ms
29ms Script
application/javascript 151.101.112.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/ta/5c5a514d65019f01a2cb2be5/1050/scripts/item-pagination.6cdc3e4b7a69c8cca848.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/ta/5c5a514d65019f01a2cb2be5/1050/scripts/site-bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

c6820fe61db0edc51052cb0dd115c90c4e5900cfefe9b324fb402152a00f9258

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278741
x-cache: HIT, HIT
x-contextid: pODPuGWa/9Vzf22m2
x-cache-hits: 2, 1483
content-length: 361
x-served-by: cache-dfw18655-DFW, cache-hhn4046-HHN
pragma: cache
server: Squarespace
x-timer: S1619205710.335638,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 l
use.typekit.net/af/309dfe/000000000000000000010091/27/ 39 KB
40 KB 7ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/309dfe/000000000000000000010091/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d37e4ca1e1902ac258dedafe9e7ee1bc8e7ac887a3d2f0babc143dede00dfd32

Request headers

Origin: https://www.bluetogold.com
Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
server: nginx
etag: "78f589bb61056c7dc2c42601e2fd59aa96941141"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40336

GET
H2 200 l
use.typekit.net/af/1eb35a/000000000000000000010090/27/ 45 KB
45 KB 8ms
7ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1eb35a/000000000000000000010090/27/l?subset_id=2&fvd=i5&v=3
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c642a3823bf52ed74064ebc7e9a984bec36b06014ff9c17854592f83b2fd2754

Request headers

Origin: https://www.bluetogold.com
Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
server: nginx
etag: "fa63f4ee95571fac0c3fde550489d0874f44e7d1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46092

GET
H2 200 l
use.typekit.net/af/eb729a/000000000000000000010092/27/ 39 KB
40 KB 12ms
11ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/eb729a/000000000000000000010092/27/l?subset_id=2&fvd=i7&v=3
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9ccca9067ec00e9da8a956d221275be98a9494117dd71b1daf751e88510a7081

Request headers

Origin: https://www.bluetogold.com
Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
server: nginx
etag: "599bfc6908295758da16f495738fa5c76ccf9542"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40196

GET
H2 200 las-21 Show response
bluetogold.regfox.com/ Frame 6C1C 81 KB
15 KB 286ms
285ms Document
text/html 44.237.110.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bluetogold.regfox.com/las-21?wmode=opaque

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-afecde13fe31e4470ac33-min.en-US.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.110.25 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-110-25.us-west-2.compute.amazonaws.com

Software

nginx/1.17.10 / Express

Resource Hash

27ec9469626338f19b166e356a3fabe6c68461608ae02cf8bb870a30eaeb6acb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: bluetogold.regfox.com
:scheme: https
:path: /las-21?wmode=opaque
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bluetogold.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bluetogold.com/

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.10
x-powered-by: Express
x-xss-protection: 1; mode=block
etag: W/"14443-kD04h85IuqFbqatAvt4pKLRbESE"
vary: Accept-Encoding
content-encoding: gzip

GET
H/1.1 200
OK popup-overlay-e4ea05bd2ae9c1568e432-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ 8 KB
2 KB 32ms
26ms Stylesheet
text/css 104.117.213.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/styles-compressed/popup-overlay-e4ea05bd2ae9c1568e432-min.en-US.css
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-afecde13fe31e4470ac33-min.en-US.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.213.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-213-240.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 9c7dfbe14df1869398f98a56a85184e28196b74c583eb776430f793b900330ab

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Mar 2021 21:49:07 GMT
Server: UploadServer
ETag: "427daa9748dba58b336bdb894ec7eaae"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1892
Expires: Fri, 23 Apr 2021 19:36:50 GMT

GET
H/1.1 200
OK popup-overlay-4eb4634c9b432e2e0d6c9-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 1 MB
245 KB 95ms
59ms Script
text/javascript 104.117.213.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/popup-overlay-4eb4634c9b432e2e0d6c9-min.en-US.js
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-afecde13fe31e4470ac33-min.en-US.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.213.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-213-240.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: af244bf83f9fb9af34c5576e2f5c56e8e5498225afe68f1d431da2aba73e3c51

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:50 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
X-GUploader-Response-Body-Transformations: gunzipped
Connection: keep-alive, Transfer-Encoding
Last-Modified: Fri, 23 Apr 2021 17:36:15 GMT
Server: UploadServer
ETag: W/"e604c8636bd1a480d0a212c08884898d"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=900
Warning: 214 UploadServer gunzipped
Accept-Ranges: bytes
Expires: Fri, 23 Apr 2021 19:36:50 GMT

GET
H/1.1 200
OK Course-Flyer.png
images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1598154959516-V7W0R87EHB6Y5U4T3X54/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3... 10 KB
11 KB 247ms
243ms Image
image/png 104.96.90.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1598154959516-V7W0R87EHB6Y5U4T3X54/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3-s_4yszcp2ryTI0HqTOaaUohrI8PIKLQjoMTHEldWYTXK7NhTrQG-VDSQcMX4-xxuKYa_e-c/Course-Flyer.png?format=300w
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.90.218 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-96-90-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3ed2f5002d8d76f69fb8f260ba74d0ee5647192a8da97941212115718a5b5255

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:50 GMT
ETag: CKv32JW3sOsCEAE=
Vary: "Accept-Encoding"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 10458
Tracepoint: "Akamai"

GET
H/1.1 200
OK Company-Brochure.png
images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1598155078647-4D7Y57S4QO94X7TI1PYH/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3... 12 KB
12 KB 262ms
204ms Image
image/png 104.96.90.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1598155078647-4D7Y57S4QO94X7TI1PYH/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3-s_4yszcp2ryTI0HqTOaaUohrI8PIKLQjoMTHEldWYTXK7NhTrQG-VDSQcMX4-xxuKYa_e-c/Company-Brochure.png?format=300w
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.90.218 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-96-90-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 986ad2a5430879bc7b84afcb2896ee5c4621e3b45883bd4e05d56a5987809863

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:50 GMT
ETag: CPyNwc63sOsCEAE=
Vary: "Accept-Encoding"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604716
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 11997
Tracepoint: "Akamai"

GET
H/1.1 200
OK Group-Rates.png
images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1598154917868-EZ4K80EUXL4YO7EFZ1IR/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3... 23 KB
24 KB 305ms
246ms Image
image/png 104.96.90.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1598154917868-EZ4K80EUXL4YO7EFZ1IR/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3-s_4yszcp2ryTI0HqTOaaUohrI8PIKLQjoMTHEldWYTXK7NhTrQG-VDSQcMX4-xxuKYa_e-c/Group-Rates.png?format=300w
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.90.218 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-96-90-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d1f432a4c77408dcb8c9da3c0bb4fa8694859d65ac1d8f139b17a8969b6e2fa0

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:50 GMT
ETag: CMLA7oG3sOsCEAE=
Vary: "Accept-Encoding"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 24010
Tracepoint: "Akamai"

GET
H/1.1 200
OK Training-Questions-900.png
images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1598154994913-35TPLBTYNJQ6SUVASQVQ/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3... 15 KB
15 KB 322ms
263ms Image
image/png 104.96.90.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1598154994913-35TPLBTYNJQ6SUVASQVQ/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3-s_4yszcp2ryTI0HqTOaaUohrI8PIKLQjoMTHEldWYTXK7NhTrQG-VDSQcMX4-xxuKYa_e-c/Training-Questions-900.png?format=300w
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.90.218 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-96-90-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 248a571daf850ed97a8d3fe51cf46d5d6565d88cf0789c3c49f7914ae467dfd5

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:50 GMT
ETag: CO3HxKa3sOsCEAE=
Vary: "Accept-Encoding"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 15285
Tracepoint: "Akamai"

GET
H/1.1 200
OK Download-W9-900.png
images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1598200046235-WHOKSSKGQFPPB8Y2UMZI/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3... 14 KB
14 KB 329ms
270ms Image
image/png 104.96.90.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1598200046235-WHOKSSKGQFPPB8Y2UMZI/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3-s_4yszcp2ryTI0HqTOaaUohrI8PIKLQjoMTHEldWYTXK7NhTrQG-VDSQcMX4-xxuKYa_e-c/Download-W9-900.png?format=300w
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.90.218 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-96-90-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a6dcd61c8a4320302bec6a27b8982726084e4e7596f63f59d63264b69b4ae231

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:50 GMT
ETag: CJGO1pDfsesCEAE=
Vary: "Accept-Encoding"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604794
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 14417
Tracepoint: "Akamai"

GET
H/1.1 200
OK SSSG-US-500.png
images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1606060657381-IM0EP3BR1VY67CUD0JSA/ke17ZwdGBToddI8pDm48kBIkQ6BpXxi_9dtfIasthhVZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZUJFbgE-7XRK3dM... 26 KB
27 KB 306ms
248ms Image
image/png 104.96.90.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1606060657381-IM0EP3BR1VY67CUD0JSA/ke17ZwdGBToddI8pDm48kBIkQ6BpXxi_9dtfIasthhVZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZUJFbgE-7XRK3dMEBRBhUpwjSaaoaGppkKha9ZnvoYO43kj62dQGK0EtkcVsJV_yeCnmFJRGKYDWWwbF3ltV-m0/SSSG-US-500.png?format=500w
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.90.218 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-96-90-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f4a60fe7fd46b0587925969eb8b7ac3f49e05af2c9d9a75699a4ade9e8d9a16

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:50 GMT
ETag: CMmul5jClu0CEAE=
Vary: "Accept-Encoding"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 27115
Tracepoint: "Akamai"

GET
H/1.1 200
OK BRW-900.png
images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1605115897390-1V2IW70IHBBJVJFM579D/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3... 56 KB
56 KB 477ms
476ms Image
image/png 104.96.90.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1605115897390-1V2IW70IHBBJVJFM579D/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3-s_4yszcp2ryTI0HqTOaaUohrI8PIKLQjoMTHEldWYTXK7NhTrQG-VDSQcMX4-xxuKYa_e-c/BRW-900.png?format=500w
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.90.218 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-96-90-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 84ec54c7974a044d5e1267aa6c392c8e8a47acc4768a9cc56340e9c0a5ba36fe

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:51 GMT
ETag: CNSd1NeC++wCEAE=
Vary: "Accept-Encoding"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604781
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 57254
Tracepoint: "Akamai"

GET
H/1.1 200
OK BRW-500.png
images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1606060710841-7X3IZBLFU7GLCTE32V9H/ke17ZwdGBToddI8pDm48kBIkQ6BpXxi_9dtfIasthhVZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZUJFbgE-7XRK3dM... 17 KB
18 KB 426ms
426ms Image
image/png 104.96.90.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1606060710841-7X3IZBLFU7GLCTE32V9H/ke17ZwdGBToddI8pDm48kBIkQ6BpXxi_9dtfIasthhVZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZUJFbgE-7XRK3dMEBRBhUpwjSaaoaGppkKha9ZnvoYO43kj62dQGK0EtkcVsJV_yeCnmFJRGKYDWWwbF3ltV-m0/BRW-500.png?format=500w
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.90.218 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-96-90-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 67b29bd429636d6fd7ac8c022b878d210c54e3cb8900417d30516647981f037a

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:51 GMT
ETag: CLrf17HClu0CEAE=
Vary: "Accept-Encoding"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604795
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 17881
Tracepoint: "Akamai"

GET
H/1.1 200
OK SCOTUS-500.png
images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1606060680195-H0ZNPDUILGWPD3UJI8EF/ke17ZwdGBToddI8pDm48kBIkQ6BpXxi_9dtfIasthhVZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZUJFbgE-7XRK3dM... 31 KB
31 KB 205ms
205ms Image
image/png 104.96.90.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1606060680195-H0ZNPDUILGWPD3UJI8EF/ke17ZwdGBToddI8pDm48kBIkQ6BpXxi_9dtfIasthhVZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZUJFbgE-7XRK3dMEBRBhUpwjSaaoaGppkKha9ZnvoYO43kj62dQGK0EtkcVsJV_yeCnmFJRGKYDWWwbF3ltV-m0/SCOTUS-500.png?format=500w
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.90.218 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-96-90-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fde979c2211760c0bef81d73e347b3b857ecb84aca8b2ce4b3cca5836dd4c01a

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:50 GMT
ETag: CPf+iKPClu0CEAE=
Vary: "Accept-Encoding"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604749
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 31826
Tracepoint: "Akamai"

GET
H/1.1 200
OK RS-PC-900.png
images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1605116429044-JZI4QZ66WF9CR75KRYJE/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3... 42 KB
42 KB 209ms
208ms Image
image/png 104.96.90.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1605116429044-JZI4QZ66WF9CR75KRYJE/ke17ZwdGBToddI8pDm48kPg3kkMSlDqGprD-21e6kCJZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZamWLI2zvYWH8K3-s_4yszcp2ryTI0HqTOaaUohrI8PIKLQjoMTHEldWYTXK7NhTrQG-VDSQcMX4-xxuKYa_e-c/RS-PC-900.png?format=500w
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.90.218 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-96-90-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2bb9e307a6df263e32e276de34d9ded977068dd7d05fc1e8ba3b4867c8b231eb

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:50 GMT
ETag: CMP/49WE++wCEAE=
Vary: "Accept-Encoding"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604749
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 42776
Tracepoint: "Akamai"

GET
H/1.1 200
OK RS-PC-500.png
images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1606060585122-580IS2CXWH5K09KJZDOQ/ke17ZwdGBToddI8pDm48kBIkQ6BpXxi_9dtfIasthhVZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZUJFbgE-7XRK3dM... 13 KB
13 KB 220ms
220ms Image
image/png 104.96.90.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1606060585122-580IS2CXWH5K09KJZDOQ/ke17ZwdGBToddI8pDm48kBIkQ6BpXxi_9dtfIasthhVZw-zPPgdn4jUwVcJE1ZvWQUxwkmyExglNqGp0IvTJZUJFbgE-7XRK3dMEBRBhUpwjSaaoaGppkKha9ZnvoYO43kj62dQGK0EtkcVsJV_yeCnmFJRGKYDWWwbF3ltV-m0/RS-PC-500.png?format=500w
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.90.218 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-96-90-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 885b514a3482ba315830dcdf9e09cdd4c060444c0a1f6e21c6dacb2d12db4ef7

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:50 GMT
ETag: CMq22/XBlu0CEAE=
Vary: "Accept-Encoding"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604793
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 12854
Tracepoint: "Akamai"

POST
H2 200 RecordHit Show response
www.bluetogold.com/api/census/ 17 B
272 B 167ms
167ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluetogold.com/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-f886e85b498c642a2a8f5-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.bluetogold.com
accept-encoding: gzip, deflate, br
x-csrf-token: BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0
accept-language: en-US
sec-fetch-dest: empty
cookie: crumb=BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0; ss_cvr=800a0844-1ee6-4c3a-ab1a-b59f2a6374ab|1619205710383|1619205710383|1619205710383|1; ss_cvt=1619205710383
content-length: 876
:path: /api/census/RecordHit
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: www.bluetogold.com
referer: https://www.bluetogold.com/calendar/las-21
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://www.bluetogold.com/calendar/las-21
X-CSRF-Token: BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
x-content-type-options: nosniff
server: Squarespace
strict-transport-security: max-age=0
content-type: application/json;charset=utf-8
x-contextid: EtuhR2r5/YYftHcE8
set-cookie: ss_cid=a02f514e-f7f1-4105-9a9a-33ea906d67e0; Path=/; Expires=Sun, 23-Apr-2023 19:21:50 GMT; Max-Age=63072000 ss_cvisit=1619205710553; Path=/; Expires=Fri, 23-Apr-2021 19:51:50 GMT; Max-Age=1800 ss_cpvisit=1619205710553; Path=/; Expires=Sun, 23-Apr-2023 19:21:50 GMT; Max-Age=63072000
content-length: 17
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 button-render Show response
www.bluetogold.com/api/census/ 17 B
298 B 163ms
162ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluetogold.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-f886e85b498c642a2a8f5-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.bluetogold.com
accept-encoding: gzip, deflate, br
x-csrf-token: BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0
accept-language: en-US
sec-fetch-dest: empty
cookie: crumb=BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0; ss_cvr=800a0844-1ee6-4c3a-ab1a-b59f2a6374ab|1619205710383|1619205710383|1619205710383|1; ss_cvt=1619205710383
content-length: 414
:path: /api/census/button-render
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json;charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: www.bluetogold.com
referer: https://www.bluetogold.com/calendar/las-21
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://www.bluetogold.com/calendar/las-21
X-CSRF-Token: BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
x-content-type-options: nosniff
server: Squarespace
strict-transport-security: max-age=0
content-type: application/json;charset=utf-8
x-contextid: EtuhR2r5/XnhLqyz4
set-cookie: ss_cid=96b93d10-b20b-498a-bb2f-55f6671db520; Path=/; Expires=Sun, 23-Apr-2023 19:21:50 GMT; Max-Age=63072000 ss_cvisit=1619205710552; Path=/; Expires=Fri, 23-Apr-2021 19:51:50 GMT; Max-Age=1800 ss_cpvisit=1619205710552; Path=/; Expires=Sun, 23-Apr-2023 19:21:50 GMT; Max-Age=63072000
content-length: 17
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 button-render Show response
www.bluetogold.com/api/census/ 17 B
273 B 167ms
166ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluetogold.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-f886e85b498c642a2a8f5-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.bluetogold.com
accept-encoding: gzip, deflate, br
x-csrf-token: BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0
accept-language: en-US
sec-fetch-dest: empty
cookie: crumb=BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0; ss_cvr=800a0844-1ee6-4c3a-ab1a-b59f2a6374ab|1619205710383|1619205710383|1619205710383|1; ss_cvt=1619205710383
content-length: 416
:path: /api/census/button-render
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json;charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: www.bluetogold.com
referer: https://www.bluetogold.com/calendar/las-21
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://www.bluetogold.com/calendar/las-21
X-CSRF-Token: BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
x-content-type-options: nosniff
server: Squarespace
strict-transport-security: max-age=0
content-type: application/json;charset=utf-8
x-contextid: EtuhR2r5/MklXtPcJ
set-cookie: ss_cid=2b9e0b5e-b156-4225-a577-a1468f984b29; Path=/; Expires=Sun, 23-Apr-2023 19:21:50 GMT; Max-Age=63072000 ss_cvisit=1619205710556; Path=/; Expires=Fri, 23-Apr-2021 19:51:50 GMT; Max-Age=1800 ss_cpvisit=1619205710556; Path=/; Expires=Sun, 23-Apr-2023 19:21:50 GMT; Max-Age=63072000
content-length: 17
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 button-render Show response
www.bluetogold.com/api/census/ 17 B
273 B 202ms
198ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluetogold.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-f886e85b498c642a2a8f5-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.bluetogold.com
accept-encoding: gzip, deflate, br
x-csrf-token: BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0
accept-language: en-US
sec-fetch-dest: empty
cookie: crumb=BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0; ss_cvr=800a0844-1ee6-4c3a-ab1a-b59f2a6374ab|1619205710383|1619205710383|1619205710383|1; ss_cvt=1619205710383
content-length: 436
:path: /api/census/button-render
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json;charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: www.bluetogold.com
referer: https://www.bluetogold.com/calendar/las-21
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://www.bluetogold.com/calendar/las-21
X-CSRF-Token: BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
x-content-type-options: nosniff
server: Squarespace
strict-transport-security: max-age=0
content-type: application/json;charset=utf-8
x-contextid: EtuhR2r5/P0KJ8XkN
set-cookie: ss_cid=9e08cd12-f272-4e4c-9e68-abf560dca080; Path=/; Expires=Sun, 23-Apr-2023 19:21:50 GMT; Max-Age=63072000 ss_cvisit=1619205710594; Path=/; Expires=Fri, 23-Apr-2021 19:51:50 GMT; Max-Age=1800 ss_cpvisit=1619205710594; Path=/; Expires=Sun, 23-Apr-2023 19:21:50 GMT; Max-Age=63072000
content-length: 17
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 20ms
20ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=837441563&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bluetogold.com%2Fcalendar%2Flas-21&ul=en-us&de=UTF-8&dt=Las%20Vegas%2C%20Nevada%20%E2%80%94%20Blue%20to%20Gold%20%7C%20Training&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1740031378&gjid=1362992398&cid=699240003.1619205711&tid=UA-50149050-2&_gid=363240661.1619205711&_r=1&_slc=1&z=1936217007

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 19:21:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bluetogold.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 26ms
6ms Image
image/gif 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=2&k=646866_5edf027f3a6d5e2f15f7fb79&ht=tk&h=www.bluetogold.com&f=10879.10881.10880.10882&a=646866&js=1.20.0&app=typekit&e=js&_=1619205710610
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
last-modified: Wed, 02 Sep 2020 03:58:21 GMT
server: nginx
etag: "5f4f185d-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 render Show response
www.bluetogold.com/api/popup-overlay/ 302 KB
21 KB 182ms
182ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluetogold.com/api/popup-overlay/render?currentUrl=%2Fcalendar%2Flas-21

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-0add3f16b92e7b8855b50-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

9a1a72d7dc7909504bd80f49cbc9c7e52a18b25060d79a08a18b873a184868b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

:path: /api/popup-overlay/render?currentUrl=%2Fcalendar%2Flas-21
pragma: no-cache
cookie: crumb=BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0; ss_cvr=800a0844-1ee6-4c3a-ab1a-b59f2a6374ab|1619205710383|1619205710383|1619205710383|1; ss_cvt=1619205710383; _ga=GA1.2.699240003.1619205711; _gid=GA1.2.363240661.1619205711; _gat=1; ss_cid=9e08cd12-f272-4e4c-9e68-abf560dca080; ss_cvisit=1619205710594; ss_cpvisit=1619205710594
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.bluetogold.com
referer: https://www.bluetogold.com/calendar/las-21
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bluetogold.com/calendar/las-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding, User-Agent
content-type: application/json;charset=utf-8
x-contextid: EtuhR2r5/5bzYVdPs
strict-transport-security: max-age=0

GET
H/1.1 200 getembeddetails.ls Show response
salesiq.zoho.com/ 41 KB
14 KB 219ms
219ms XHR
application/json 136.143.191.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/getembeddetails.ls?widgetcode=7a16fa273171d176c0c8ea5f89ae709c8c42ef19a09369ce1d88c5a5e12ed3b9&fetchavuid=true&fetchapilang=true&lang_browser=en&currdomain=https%3A%2F%2Fbluetogold.com&pagetitle=Las%20Vegas%2C%20Nevada%20%E2%80%94%20Blue%20to%20Gold%20%7C%20Training

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-0add3f16b92e7b8855b50-min.en-US.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

136.143.191.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

59b0c27be455c97e730a26030b44eadb631bdd62083056e69a3845745ddc2863

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:50 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: ZGS
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.bluetogold.com
Connection: keep-alive
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000
Access-Control-Allow-Credentials: true
vary: accept-encoding
X-XSS-Protection: 1

GET
H3-29 200 css
fonts.googleapis.com/ Frame 6C1C 20 KB
1 KB 17ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400italic,600italic,400,600|Roboto:400,400italic,500,500italic

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db1534e6def6b61255abc60b854df8bcea13cf571dc7db5370d220306181be76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 19:21:50 GMT
server: ESF
date: Fri, 23 Apr 2021 19:21:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Apr 2021 19:21:50 GMT

GET
H2 200 bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.0.3/css/ Frame 6C1C 97 KB
15 KB 20ms
17ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.0.3/css/bootstrap.min.css

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46a2de362f54e3c988cc8c9fbf68fe12018c8ae42fe11509a747f52f17834466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 718, 718
age: 1232328
cdn-cachedat: 2021-04-07 05:02:22
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09a1c77be100004e0742b72000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:56 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 67f8e8ba66eb727cd73e8b2024d92e3d
cf-ray: 6449750c9cff4e07-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 6C1C 30 KB
7 KB 22ms
19ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 2756961
cdn-cachedat: 2021-03-11 11:57:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09a1c77be200004e070f1fb000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9298a31cd0a3cc5e6ffaa407ce3c7d54
cf-ray: 6449750c9d004e07-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 app.css
bluetogold.regfox.com/css/ Frame 6C1C 451 KB
103 KB 203ms
202ms Stylesheet
text/css 44.237.110.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bluetogold.regfox.com/css/app.css?1618265512483

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.110.25 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-110-25.us-west-2.compute.amazonaws.com

Software

nginx/1.17.10 / Express

Resource Hash

8cb9b3cd85e34d917fb3758e8cbe1385fbe34f4f33cbabc78227f2633f3e0131

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluetogold.regfox.com/las-21?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 21:52:47 GMT
server: nginx/1.17.10
x-powered-by: Express
etag: W/"70ccd-178c8129f98"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H3-29 200 css
fonts.googleapis.com/ Frame 6C1C 1 KB
398 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sintony|Sintony:400,700

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0616b621a20c5c418f89e29aecd25f6c315248c8185fc9119b9ae88245643fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 19:21:50 GMT
server: ESF
date: Fri, 23 Apr 2021 19:21:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Apr 2021 19:21:50 GMT

GET
H/1.1 200
OK risk.js Show response
static.wepay.com/min/js/ Frame 6C1C 2 KB
1 KB 597ms
137ms Script
application/javascript 130.211.164.108
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wepay.com/min/js/risk.js
Requested by: Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.164.108 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 108.164.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: b805c50bd761db5d2c6de14a08ca6a5cfc38f060838415c1937ec943c5901c4b

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Apr 2021 21:26:46 GMT
Server: nginx
ETag: W/"60809896-957"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=21600, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 24 Apr 2021 01:21:51 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 6C1C 353 KB
114 KB 96ms
34ms Script
application/javascript 184.30.24.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-107.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 23 Apr 2021 19:21:50 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 regfox-black.svg
images.webconnex.com/bacon/ Frame 6C1C 4 KB
2 KB 56ms
8ms Image
image/svg+xml 2600:9000:20eb:a200:2:cf6c:5100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.webconnex.com/bacon/regfox-black.svg
Requested by: Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a200:2:cf6c:5100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee4449e61a8245c7983466776579f421f3807158efdb451037e3edf0e183e99c

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 13:41:03 GMT
content-encoding: gzip
last-modified: Tue, 03 Dec 2019 19:11:35 GMT
server: AmazonS3
age: 20449
etag: W/"346029fcb29361f758dcfd17006b33aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: zIIk2XSC3HYaGwph2F713_o-x88qz8qU-kxDonxhVKx49zf018ioIA==

GET
H2 200 bundle.js Show response
bluetogold.regfox.com/ Frame 6C1C 2 MB
594 KB 225ms
225ms Script
application/javascript 44.237.110.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bluetogold.regfox.com/bundle.js?1618265512483

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.110.25 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-110-25.us-west-2.compute.amazonaws.com

Software

nginx/1.17.10 / Express

Resource Hash

2a002ab6c5d94a2b288c1f42e4e72fbab3f31066b47fb67d62d79dea793dd2d8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluetogold.regfox.com/las-21?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 21:52:47 GMT
server: nginx/1.17.10
x-powered-by: Express
etag: W/"246848-178c8129f98"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 addthisevent.min.js Show response
bluetogold.regfox.com/lib/ Frame 6C1C 34 KB
8 KB 314ms
314ms Script
application/javascript 44.237.110.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bluetogold.regfox.com/lib/addthisevent.min.js

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.110.25 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-110-25.us-west-2.compute.amazonaws.com

Software

nginx/1.17.10 / Express

Resource Hash

bd4a08ee1b016c53e2a9221e418d7fa94478b650c58b757a6dde72748cd803f4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluetogold.regfox.com/las-21?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 21:50:35 GMT
server: nginx/1.17.10
x-powered-by: Express
etag: W/"8879-178c8109bf8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 iframeResizer.contentWindow.min.js Show response
bluetogold.regfox.com/lib/ Frame 6C1C 9 KB
4 KB 256ms
255ms Script
application/javascript 44.237.110.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bluetogold.regfox.com/lib/iframeResizer.contentWindow.min.js

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.110.25 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-110-25.us-west-2.compute.amazonaws.com

Software

nginx/1.17.10 / Express

Resource Hash

e7f0c72a0ce17ca77f93669294b4ae10f8bb10b0bbcf3d06ffb122650eaa2570

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluetogold.regfox.com/las-21?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 21:50:35 GMT
server: nginx/1.17.10
x-powered-by: Express
etag: W/"2310-178c8109bf8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 6C1C 226 KB
60 KB 215ms
99ms Script
application/javascript 143.204.245.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-15.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

38ab04a6678f1e9cec489af546b8f75b61eb1a95747855c18a4a5dabb0f0a3d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:19:17 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 154
via: 1.1 54c4a3ab55229e407630e7a126ca0932.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: P4D7CH8N0611N9S4
x-amz-id-2: jjicFevPm+exYyR5VBRxvO2l6BgUnifh+8sDJdxeem2T5UJdArGuNoKUxPEDefEAZ7ehIwGZm8M=
last-modified: Thu, 22 Apr 2021 16:19:14 GMT
server: AmazonS3
etag: W/"70f737535fadb9d56858f13cd5a724ec"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: CPH50-C1
timing-allow-origin: *
x-amz-cf-id: 2xd1U6z89QkiARqTcxsujE2dnUbeJre4-pcb6-KiS9_KrZDAxrbovg==

GET
H/1.1 200
OK B1-01+copy.jpg
images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1594765775559-W8T9LY9Y1PHWQ5KTDAK6/ke17ZwdGBToddI8pDm48kIoCtpYLc0aePgHQGBmxcUJ7gQa3H78H3Y0txjaiv_0fDoOvxcdMmMKkDsyUqMSsMWxHk725yiiHCCL... 33 KB
33 KB 208ms
208ms Image
image/jpeg 104.96.90.218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5edf027f3a6d5e2f15f7fb79/1594765775559-W8T9LY9Y1PHWQ5KTDAK6/ke17ZwdGBToddI8pDm48kIoCtpYLc0aePgHQGBmxcUJ7gQa3H78H3Y0txjaiv_0fDoOvxcdMmMKkDsyUqMSsMWxHk725yiiHCCLfrh8O1z4YTzHvnKhyp6Da-NYroOW3ZGjoBKy3azqku80C789l0k6sq9GEl9ZUDkp1sRKcAyK-Mztq3ZyZBHw1xn3dmA9DjQloRH6KJA4tmFlaPEL1Zg/B1-01+copy.jpg?format=750w
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.90.218 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-96-90-218.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b3c0c5a12b2e62f1e6e892ac615c39d8edc0885b87b0c851f5234baeeede7e6b

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:51 GMT
ETag: CKz8xbuGku0CEAE=
Vary: "Accept-Encoding"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604724
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 33526
Tracepoint: "Akamai"

POST
H2 200 overlay Show response
www.bluetogold.com/api/census/ 17 B
295 B 221ms
221ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bluetogold.com/api/census/overlay

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-0add3f16b92e7b8855b50-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.bluetogold.com
accept-encoding: gzip, deflate, br
x-csrf-token: BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0
accept-language: en-US
sec-fetch-dest: empty
cookie: crumb=BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0; ss_cvr=800a0844-1ee6-4c3a-ab1a-b59f2a6374ab|1619205710383|1619205710383|1619205710383|1; ss_cvt=1619205710383; _ga=GA1.2.699240003.1619205711; _gid=GA1.2.363240661.1619205711; _gat=1; ss_cid=9e08cd12-f272-4e4c-9e68-abf560dca080; ss_cvisit=1619205710594; ss_cpvisit=1619205710594
content-length: 417
:path: /api/census/overlay
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json;charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: www.bluetogold.com
referer: https://www.bluetogold.com/calendar/las-21
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://www.bluetogold.com/calendar/las-21
X-CSRF-Token: BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
x-content-type-options: nosniff
server: Squarespace
strict-transport-security: max-age=0
content-type: application/json;charset=utf-8
x-contextid: EtuhR2r5/rmdLeuGL
set-cookie: ss_cid=9e08cd12-f272-4e4c-9e68-abf560dca080; Path=/; Expires=Sun, 23-Apr-2023 19:21:51 GMT; Max-Age=63072000 ss_cvisit=1619205710594; Path=/; Expires=Fri, 23-Apr-2021 19:51:51 GMT; Max-Age=1800 ss_cpvisit=1619205710594; Path=/; Expires=Sun, 23-Apr-2023 19:21:51 GMT; Max-Age=63072000
content-length: 17
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 floatbutton_1296b0b6b7be1318ff7db826bee129b3_.css
css.zohocdn.com/salesiq/https/styles/ 107 KB
18 KB 128ms
52ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/https/styles/floatbutton_1296b0b6b7be1318ff7db826bee129b3_.css

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

8649a8246250ec4af98b21f1d52c08494c8dea4a0e93dee7cdd50f7faba3d482

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css
x-cache: HIT
vary: Accept-Encoding
content-length: 18276
x-xss-protection: 1
x-sts-request-id: ex1-bf8f6970880e450b8d433dd1954d0691
pragma: public, max-age=5184000, immutable
last-modified: Thu, 22 Apr 2021 13:25:29 GMT
server: ZGS
etag: "920111974c2fc12af53fcd583b8d9390"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Jun 2021 07:57:38 GMT

GET
H2 200 floatbutton_3f9878a493f3e4e8f78738f9b9bb363b_.js Show response
js.zohocdn.com/salesiq/https/js/ 56 KB
12 KB 116ms
40ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/floatbutton_3f9878a493f3e4e8f78738f9b9bb363b_.js

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

40eccc4c6e758e697f72eb80ea7800553d9b4e9a9695827ff9dfc24d8ff69097

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 11852
x-xss-protection: 1
x-sts-request-id: ex1-568e2618d50c4d939aaf745c5903f60f
pragma: public, max-age=5184000, immutable
last-modified: Thu, 22 Apr 2021 13:24:58 GMT
server: ZGS
etag: "b3f4b0f0a21dd6f6eec9087887d81899"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Jun 2021 07:57:38 GMT

GET
H2 200 5.b7ba3f53e3ed2a967416.bundle.js Show response
api.memberstack.io/static/ 67 KB
11 KB 697ms
696ms Script
application/javascript 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/5.b7ba3f53e3ed2a967416.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?squarespace

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2644f8193230dedfe8b845c5fd843fc06c1464cc9586d81f357e41183d8e931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7iRtTeIxipoB5dsZau0lKzm%2FIRVAxgInBWfDvKvRXIRVGzLzu4viGhj29lE4CbWQ1RSCjBqseqjUHv%2FlBVUouhmluTRmxV2U3DWukMVawBhpayWZKWy2JjtYYIEClmI%3D"}]}
content-encoding: br
vary: Accept-Encoding
cf-request-id: 09a1c77d1600004a74b123d000000001
last-modified: Wed, 14 Apr 2021 15:18:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"10be4-178d0f61ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 6449750e88594a74-FRA

GET
H2 200 10.bc13a78d70fb5091d631.bundle.js Show response
api.memberstack.io/static/ 5 KB
2 KB 19ms
18ms Script
application/javascript 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/10.bc13a78d70fb5091d631.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?squarespace

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b63ebdc392b9798a560248f3de1333b7b96e0f6eccd7163569ae90a67ad2897d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JD1UxMJ4of6scUJjobYFfrMstlfLLQMfgYzvE%2BXVSirJEO4OHsV5SEh5%2FhrpoFtYj7V0B%2FJhy2TpWAb06I1tTkzhnsEbGtL3EkOmK4xCShfOostTTZBohiEQE8kmk1g%3D"}]}
content-encoding: br
vary: Accept-Encoding
cf-request-id: 09a1c77d1600004a74f12f5000000001
last-modified: Wed, 14 Apr 2021 15:18:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"14a4-178d0f61ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 6449750e885c4a74-FRA

GET
H2 200 1.b27311c782044d55ba95.bundle.js Show response
api.memberstack.io/static/ 96 KB
34 KB 25ms
24ms Script
application/javascript 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/1.b27311c782044d55ba95.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?squarespace

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

690788b8580c8fa411f0f5f00dce82e782a73c661d0d53322a909bf3c737e085

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OpPEuxoBX1KwY2ScU2I3sJ8N2My87sXwwREn3HAKZjcvTAwYzcy%2FTCib7Pwrk%2FFVbavut38Os%2F%2BDmpg8aL48AxIZsjAN%2BJPKWtM7E72ahmDqwpI2ZQXCL7sebwDWxsk%3D"}]}
content-encoding: br
vary: Accept-Encoding
cf-request-id: 09a1c77d1700004a740f0fb000000001
last-modified: Wed, 14 Apr 2021 15:18:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"17e89-178d0f61ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 6449750e885e4a74-FRA

GET
H2 200 8.c4bbf278374760531e8c.bundle.js Show response
api.memberstack.io/static/ 1 KB
1 KB 16ms
15ms Script
application/javascript 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/8.c4bbf278374760531e8c.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?squarespace

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f09639069de98a3d08da00360f426fbdd3748007622d8a6c58b4bb9f1037cd15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0ZXghM0%2Ff9eAPT8phKlWgT0s%2BPiP3yxWMOPkgYMSLxrPh2NWTohYC2QKar3MVfsjqfTj0ZXY%2Fur6UyqX%2BtjkSfOsvsTQ029UiUyysNfcx0cqsUr98sl9BI600n%2Fvblo%3D"}]}
content-encoding: br
vary: Accept-Encoding
cf-request-id: 09a1c77d1700004a74c7948000000001
last-modified: Wed, 14 Apr 2021 15:18:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c4-178d0f61ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 6449750e885f4a74-FRA

GET
H2 200 siq_97ef6fabaeee9282491ac0754d64dc8c_.ttf
css.zohocdn.com/salesiq/https/styles/fonts/float/ 10 KB
7 KB 110ms
36ms Font
font/ttf 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/https/styles/fonts/float/siq_97ef6fabaeee9282491ac0754d64dc8c_.ttf

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/https/styles/floatbutton_1296b0b6b7be1318ff7db826bee129b3_.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

1bd61d8494e09df2bbc3b644c2a5e77ec7d5bdd2f6a50af3bb913fc1af6fcfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Origin: https://www.bluetogold.com
Referer: https://css.zohocdn.com/salesiq/https/styles/floatbutton_1296b0b6b7be1318ff7db826bee129b3_.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: font/ttf
x-cache: HIT
vary: Accept-Encoding
content-length: 6434
x-xss-protection: 1
x-sts-request-id: ex1-5f5714f4cf71e33f7283a2bf
last-modified: Sun, 21 Jun 2020 17:02:29 GMT
server: ZGS
etag: "f923905063ae1874ef8ecb4d21486097"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, must-revalidate, proxy-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 eix8uwn.css
use.typekit.net/ Frame 6C1C 2 KB
899 B 91ms
91ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/eix8uwn.css

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/css/app.css?1618265512483

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

92f777da974629d4895b35d20a50975c626a3b285e09230406c868dc27a16811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 23 Apr 2021 19:21:51 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 667

GET
H2 200 p.css
p.typekit.net/ Frame 6C1C 5 B
162 B 13ms
12ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=eix8uwn&ht=tk&f=9785.9787.9791&a=11897783&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/eix8uwn.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ Frame 6C1C 2 KB
1 KB 100ms
29ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50306
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

OPTIONS
H2 204 memberships
api.memberstack.io/site/ Frame 0
0 144ms
144ms Preflight 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/site/memberships

Protocol

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.bluetogold.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
via: 1.1 vegur
cf-cache-status: DYNAMIC
cf-request-id: 09a1c77fdb00004ea398a3f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Sr2Hds7k5pQq9gIVnaGs8eqdLI%2Bl8cFJnH512sIu3giAUDyz1M4LeQ9Ih69L88zZ7fYqzG138JJSXGVmA3jqZxlVaK%2FYnwgikjhZgz4KaObL3CeJ%2FsndQi9xozKuJho%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64497512fb154ea3-FRA

POST
H2 200 memberships Show response
api.memberstack.io/site/ 516 B
623 B 167ms
167ms Fetch
application/json 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/site/memberships

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-0add3f16b92e7b8855b50-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc56417fe0737508a2513ee9ac5ef767080a1aad022c612cbe4c24315e1734d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 23 Apr 2021 19:21:52 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bq5sLsOWWYa%2FwQHaoyAWLhYg%2BpfeaMX4WqLdpjpc8NdejxOWsZCblYljzPu%2FJytsfmVL78p5DROYRSE3iVerPWFTfrScJowIJouSOUNfHtd1EpCoBsVR%2BUL7jtSSLko%3D"}]}
content-encoding: br
cf-request-id: 09a1c7806c00004ea36ba6c000000001
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"204-kC/OmrE6h5Ld5IDo73RojPt/kUg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-ray: 64497513dd8b4ea3-FRA

GET
H/1.1 200
OK 1601670806404B2G-Training-70.png
memberstack-logos.nyc3.cdn.digitaloceanspaces.com/square/ 13 KB
14 KB 237ms
76ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://memberstack-logos.nyc3.cdn.digitaloceanspaces.com/square/1601670806404B2G-Training-70.png

Requested by

Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

fea01bb129f782c79a5909ed1897c56be4a43384417892d8dd40df067032d0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:52 GMT
Connection: Keep-Alive
Last-Modified: Fri, 02 Oct 2020 20:33:26 GMT
x-amz-request-id: tx0000000000000023d6962-0060822cf2-4d842b1-nyc3a
etag: "e9b3076f6b6cebc93cf333dfc42f67a8"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1619205711.dop019.lo4.t,1619205712.cds061.lo4.shn,1619205712.dop019.lo4.t,1619205712.cds275.lo4.c
Content-Type: image/png
Cache-Control: max-age=24610
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 13278

GET
H2 200 9.00e56324bfe03078960d.bundle.js Show response
api.memberstack.io/static/ 29 KB
10 KB 17ms
16ms Script
application/javascript 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/9.00e56324bfe03078960d.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?squarespace

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a4125763bc689cdad8bf78bc9df373b0ccdb58ffbc791dddfdc1e84c8f3a1f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c6TvlAqERV5ohusMIzbdhPw62OOqie5%2F%2FTDz80RlYSfP4e%2FtTzMwalll98ffqY7LPlFCW4pAIhA3K43xLrn2tJCCi6FFCdIwTF8eqjPzV%2FjHA%2B5JcF0%2FSXo9gYCRK%2BY%3D"}]}
content-encoding: br
vary: Accept-Encoding
cf-request-id: 09a1c77fed00004a74f1330000000001
last-modified: Wed, 14 Apr 2021 15:18:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"75b4-178d0f61ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 644975131aef4a74-FRA

GET
H2 200 0.3dd3e39ea920260ccd76.bundle.js Show response
api.memberstack.io/static/ 13 KB
5 KB 23ms
22ms Script
application/javascript 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/0.3dd3e39ea920260ccd76.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?squarespace

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cdf5b9c1f3a84e8ae11cecd123eb3b2e38614ea926060e0133bfe43cbe907e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Fsd3dA3Hlca2IlCy2NeYcUmiNGpKx9Sf9bu5mu5yrdcGzyLVX7wQ246tdTL1%2BjhXubuPN5iPjNc%2FhZ%2FkNapDt2%2F4IshTy2OY%2By6jdFOvxpx7pBZSitLLAhqyHjDjWCA%3D"}]}
content-encoding: br
vary: Accept-Encoding
cf-request-id: 09a1c77fed00004a749ab2c000000001
last-modified: Wed, 14 Apr 2021 15:18:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"34c6-178d0f61ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 644975131af14a74-FRA

GET
H2 200 3.10079723a4cf4967bd8b.bundle.js Show response
api.memberstack.io/static/ 16 KB
6 KB 27ms
27ms Script
application/javascript 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/3.10079723a4cf4967bd8b.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?squarespace

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

942a7e4929bdd1358450c5129b27490a1ed1f0b91b79e254a209543fd156629f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CAUa1VuzKENO9VP0W7HWHGwLlH0MgSAURa%2B5PAsGHXts%2Bu3bjhYydis7%2BrHArPzOD125c2C8BT3YH7yzyopDtdqVqOaYFMkJanIG5hS%2B74rbJAg%2FHDGVcK8wJKaB9wM%3D"}]}
content-encoding: br
vary: Accept-Encoding
cf-request-id: 09a1c77fed00004a74a914b000000001
last-modified: Wed, 14 Apr 2021 15:18:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3e76-178d0f61ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 644975131af34a74-FRA

GET
H2 200 12.6703e076c97c50d04178.bundle.js Show response
api.memberstack.io/static/ 3 KB
1 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/12.6703e076c97c50d04178.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?squarespace

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cf4e4e11ca10e0fd8d913e50d0773b06880e031c7e07767c0138db18e4927eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zs86FE9LueBhnlnYJ5Wy7iqIMfKqVa%2BzKDeUt%2BydXRlFoBR%2BuAHhrKwLWePfjbI78fu0g3Kbab5nWMNzPlKlPVB8OIAMJPhw1QeHqN3wMdlDss3eDRWKTMg0IyIgmvI%3D"}]}
content-encoding: br
vary: Accept-Encoding
cf-request-id: 09a1c77ff000004a74dd9bb000000001
last-modified: Wed, 14 Apr 2021 15:18:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d37-178d0f61ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 644975131afa4a74-FRA

GET
H2 200 7.cb35ba89de12abaa1764.bundle.js Show response
api.memberstack.io/static/ 4 KB
2 KB 17ms
17ms Script
application/javascript 2606:4700:20::681a:a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberstack.io/static/7.cb35ba89de12abaa1764.bundle.js

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/memberstack.js?squarespace

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85c80213474cf67f4dcf0eadd14e944ff6422a60205cbea5cd70e8302daec502

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:51 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2
x-dns-prefetch-control: off
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JzC69fyM%2FWxkOVpwnwPFuc1tYIqH%2BdRppiGaJo6PgWvIIeFY45GmzMC4xh25LR7fvtnXEZPZ%2FxpcApn4xegcNU9UoxP5IJKGZnBdRj9R5KjkkH855w3dTCHINkYMUjU%3D"}]}
content-encoding: br
vary: Accept-Encoding
cf-request-id: 09a1c77ff000004a7403343000000001
last-modified: Wed, 14 Apr 2021 15:18:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ebe-178d0f61ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
cf-ray: 644975131afc4a74-FRA

GET
H2 200 / Show response
js.stripe.com/v3/ 226 KB
60 KB 78ms
78ms Script
application/javascript 143.204.245.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: api.memberstack.io
URL: https://api.memberstack.io/static/3.10079723a4cf4967bd8b.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-15.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

38ab04a6678f1e9cec489af546b8f75b61eb1a95747855c18a4a5dabb0f0a3d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:50 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2
via: 1.1 54c4a3ab55229e407630e7a126ca0932.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: DYGSQ2P6WMEFBCX4
x-amz-id-2: +XL9NID3iMU5K/zID8uqi27W0e2m19n2WtP/ZuSTDGtX8jbMofUf7ogLpF2kDvAEAt1dcyQznlU=
last-modified: Thu, 22 Apr 2021 16:19:14 GMT
server: AmazonS3
etag: W/"70f737535fadb9d56858f13cd5a724ec"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: CPH50-C1
timing-allow-origin: *
x-amz-cf-id: yhnyeEm1ZD2hjuPMbnS6CnsAdySiWdHSaxbBtaJ49bsUMrM3HUNPyA==

GET
H2 200 image-placeholder.svg
d3e54v103j8qbb.cloudfront.net/img/ 801 B
1 KB 155ms
51ms Image
image/svg+xml 143.204.237.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3e54v103j8qbb.cloudfront.net/img/image-placeholder.svg
Requested by: Host: www.bluetogold.com
URL: https://www.bluetogold.com/calendar/las-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.237.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-237-146.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32099b201e4d474839074efeff27c07799d68431c3ab1a86eea6c7cd10f886c5

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 12:48:06 GMT
via: 1.1 ef25da0c32f918931915d02ad16016b9.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2016 23:08:08 GMT
server: AmazonS3
age: 31609
etag: "903099cef357bdefb58e59715cb010f9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: CPH50-C1
accept-ranges: bytes
content-length: 801
x-amz-cf-id: 29szWANVi3GicX7CnewD-K3Kig1p0ZOkG1L1DKsP8kMxNEoMvL-RAA==

GET
H2 200 metrics.gif Show response
bluetogold.regfox.com/images/ Frame 6C1C 42 B
268 B 203ms
202ms Fetch
image/gif 44.237.110.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bluetogold.regfox.com/images/metrics.gif?{%22dt%22:1619205712110,%22fr%22:%22b14094fe493349f388a5ebe8c6a3b620%22,%22tk%22:%22561b7c35807e4047b3bcc7c39af1c717%22,%22chk%22:100,%22sw%22:1019,%22sh%22:2100,%22rf%22:%22https://www.bluetogold.com/%22,%22r%22:0,%22ptk%22:%22%22}

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/bundle.js?1618265512483

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.110.25 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-110-25.us-west-2.compute.amazonaws.com

Software

nginx/1.17.10 / Express

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluetogold.regfox.com/las-21?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:52 GMT
last-modified: Mon, 12 Apr 2021 21:50:35 GMT
server: nginx/1.17.10
x-powered-by: Express
etag: W/"2a-178c8109bf8"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 42
x-xss-protection: 1; mode=block

GET
H2 200 take Show response
bouncer.webconnex.com/queue/b14094fe493349f388a5ebe8c6a3b620/ Frame 6C1C 13 B
179 B 623ms
202ms Fetch
text/plain 54.185.154.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bouncer.webconnex.com/queue/b14094fe493349f388a5ebe8c6a3b620/take
Requested by: Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/bundle.js?1618265512483
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.185.154.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-185-154-201.us-west-2.compute.amazonaws.com
Software: nginx/1.17.10 /
Resource Hash: d9d360e4a9ffa22a014272dd7f8fe5de387b69cefab7b3a75a39378fec8f7bd1

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bluetogold.regfox.com
date: Fri, 23 Apr 2021 19:21:52 GMT
access-control-allow-credentials: true
server: nginx/1.17.10
content-length: 13
content-type: text/plain; charset=utf-8

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 6C1C 48 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6079
date: Fri, 23 Apr 2021 17:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 23 Apr 2021 19:40:33 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 6C1C 95 KB
29 KB 31ms
10ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 501ed6f37588ea4083347c8c1b9fd9bfbc560f8f9977aa2847749e0977063f6c

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 22:47:45 GMT
Server: ECS (frb/668B)
Age: 1092
Etag: "f8e2082c1f210ffae5a2de107bd73ffc+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28769

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5b0453f20c9a2eee/ Frame 6C1C 1 KB
699 B 188ms
187ms Script
application/javascript 184.30.24.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5b0453f20c9a2eee/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2ec080d9b1eb81f35bdbb50b2e7342f5cf609bb6b39c60bd4454e59fc3602d78

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:52 GMT
content-encoding: gzip
etag: 880201367--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 524

GET
H2 200 m-outer-0cba8a995d163797499ab006bbb6b889.html Show response
js.stripe.com/v3/ Frame 0F56 215 B
951 B 76ms
76ms Document
text/html 143.204.245.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-15.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bluetogold.regfox.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bluetogold.regfox.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: wbibdNqeqWtTsR0kbdoZwx6efnD5+ij5D06eQGf9hcE89m9LcDI34ddWacu1FOtToxECEtwGbxM=
x-amz-request-id: 8WRCN9HP6WB1AXH4
last-modified: Tue, 09 Mar 2021 20:21:15 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Fri, 23 Apr 2021 19:16:58 GMT
cache-control: public, max-age=300
etag: "0cba8a995d163797499ab006bbb6b889"
x-cache: Hit from cloudfront
via: 1.1 54c4a3ab55229e407630e7a126ca0932.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: 5meJ-NXsoTHdMlwFexRkxRQgS9Y6WWYW1OEkNtlma5Vl7PhyPO6Qig==
age: 295

GET
H3-29 200 fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 6C1C 75 KB
76 KB 21ms
20ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://bluetogold.regfox.com
Referer: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601, 617, 617, 617, 617, 617, 617, 617, 617, 617, 617, 617, 617, 617, 617, 617, 617, 617, 617, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-04-23 21:10:17
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 09a1c7817f00004e25a433a000000001
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6e65076e545dc590e8577a4ff924b440
accept-ranges: bytes
cf-ray: 644975159a224e25-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 XoHm2YDqR7-98cVUETMtug.woff2
fonts.gstatic.com/s/sintony/v8/ Frame 6C1C 8 KB
8 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sintony/v8/XoHm2YDqR7-98cVUETMtug.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sintony|Sintony:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbd80981dfc0174f878b36a16f2df70fb71f52d418aedcc654d3020ff8e3faa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bluetogold.regfox.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 03:58:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:23:05 GMT
server: sffe
age: 55378
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8548
x-xss-protection: 0
expires: Sat, 23 Apr 2022 03:58:54 GMT

GET
H/1.1 200
OK widget_iframe.63899b173766ee6f8a729a72b542b0fb.html Show response
platform.twitter.com/widgets/ Frame CF19 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.63899b173766ee6f8a729a72b542b0fb.html?origin=https%3A%2F%2Fbluetogold.regfox.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://bluetogold.regfox.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bluetogold.regfox.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 674987
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 23 Apr 2021 19:21:52 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Thu, 15 Apr 2021 22:44:33 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6796)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 m-outer-a7fed991536d116dae496abb616e06f8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0F56 1 KB
1 KB 77ms
76ms Script
application/javascript 143.204.245.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-15.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"356a16407e7a019ffdf35f454b7438a9"
age: 109
via: 1.1 54c4a3ab55229e407630e7a126ca0932.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: 4PXHZ4ESATKWB134
x-amz-id-2: c98iZXJELA4R08ePt3WyOjSnjKK1nBBVCk71kSBNYvji58CEusUs9s93aq3XlWempwVOUXGGii8=
last-modified: Tue, 09 Mar 2021 20:21:16 GMT
server: AmazonS3
date: Fri, 23 Apr 2021 19:20:05 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: CPH50-C1
timing-allow-origin: *
x-amz-cf-id: wuEGwC7634QA6v3HwZGlh3nO3f5-hjwBYbMD45KBB5MiJdq4LOCEcg==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame CF19 183 B
412 B 199ms
134ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a04fd088daaf6fafdd570a8a802b9a85241fad92

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.63899b173766ee6f8a729a72b542b0fb.html?origin=https%3A%2F%2Fbluetogold.regfox.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 105
date: Fri, 23 Apr 2021 19:21:52 GMT
content-encoding: gzip
last-modified: Fri, 23 Apr 2021 19:21:52 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 69db27c39876a0dd7b3be4bf0a64b746
strict-transport-security: max-age=631138519
content-length: 152

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ Frame 6C1C 263 KB
76 KB 33ms
33ms Script
application/javascript 184.30.24.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.107 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-107.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 23 Apr 2021 19:21:52 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0EB8 33 KB
13 KB 101ms
29ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

server: nginx
content-type: text/html; charset=utf-8
last-modified: Fri, 04 Dec 2020 19:17:49 GMT
etag: W/"5fca8b5d-84a0"
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: public, max-age=300
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 23 Apr 2021 19:21:52 GMT
age: 180
x-served-by: cache-sea4474-SEA, cache-fra19149-FRA
x-cache: HIT, HIT
x-cache-hits: 3, 307
x-timer: S1619205713.551319,VS0,VE0
vary: Accept-Encoding
content-length: 12226

GET
H2 200 newembedtheme_b51263740ae0a39ed7c3df83e116bc8a_.css
css.zohocdn.com/salesiq/https/styles/ Frame 247E 176 KB
33 KB 42ms
40ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/https/styles/newembedtheme_b51263740ae0a39ed7c3df83e116bc8a_.css

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_3f9878a493f3e4e8f78738f9b9bb363b_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

1e4accb4e02e09eafa3142a81dd0fef6c48a5c373cbfdb08f5ddcbd60bccba00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css
x-cache: HIT
vary: Accept-Encoding
content-length: 33263
x-xss-protection: 1
x-sts-request-id: ex1-7523245f93e8487ab63e9e27906c807f
pragma: public, max-age=5184000, immutable
last-modified: Thu, 22 Apr 2021 13:25:30 GMT
server: ZGS
etag: "7796f671e3c5a865da9597888aea17af"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Jun 2021 07:57:43 GMT

GET
H2 200 Apr_02_2021_3_wmsliteapi.js Show response
js.zohocdn.com/ichat/js/ Frame 247E 18 KB
6 KB 39ms
38ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/ichat/js/Apr_02_2021_3_wmsliteapi.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_3f9878a493f3e4e8f78738f9b9bb363b_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

66658d2ec216e7ae250bde98b05afbedd8969db6c8a1f3159756792a29e552fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 5598
x-xss-protection: 1
x-sts-request-id: ex1-569cbe6204f0405abaaa7178bd97b9e0
pragma: public, max-age=5184000, immutable
last-modified: Fri, 02 Apr 2021 13:03:04 GMT
server: ZGS
etag: "2bf2db2263581775b2211c47381f701b"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Jun 2021 13:56:34 GMT

GET
H2 200 siqnewchatwindow_56c1efd314cf144b835e483ac590b4a7_.js Show response
js.zohocdn.com/salesiq/https/js/ Frame 247E 866 KB
185 KB 45ms
44ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/siqnewchatwindow_56c1efd314cf144b835e483ac590b4a7_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_3f9878a493f3e4e8f78738f9b9bb363b_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

92ad4b51dd5e55fb0bcf5770612200431fd93ceb6be6a0000ed97d990b7f8561

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 188980
x-xss-protection: 1
x-sts-request-id: ex1-af07e532fe234de6a932a09b2bd2108a
pragma: public, max-age=5184000, immutable
last-modified: Thu, 22 Apr 2021 13:25:01 GMT
server: ZGS
etag: "f9d86c3d167f06594bfe2871bde1c0ce"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Jun 2021 07:57:43 GMT

GET
H2 200 resource_4f85170e728ddf175a4a3eec00f7cb54_.js Show response
js.zohocdn.com/salesiq/https/js/resource/embed/ Frame 247E 39 KB
10 KB 99ms
98ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/resource/embed/resource_4f85170e728ddf175a4a3eec00f7cb54_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_3f9878a493f3e4e8f78738f9b9bb363b_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

21c30cb7e590e36ddccbb2ef63376803661d15e3d2d602ede7e98750950d617b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 10120
x-xss-protection: 1
x-sts-request-id: ex1-27f8af34fb86449588b996ec9906b404
pragma: public, max-age=5184000, immutable
last-modified: Thu, 22 Apr 2021 13:24:57 GMT
server: ZGS
etag: "b66acbc7e428e201cca279033c34d694"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Jun 2021 07:57:45 GMT

GET
H2 200 embedmedia-rtc_071871ae0f4eca7ab343bfc00b773217_.js Show response
js.zohocdn.com/salesiq/https/js/ Frame 247E 190 KB
39 KB 100ms
99ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/embedmedia-rtc_071871ae0f4eca7ab343bfc00b773217_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_3f9878a493f3e4e8f78738f9b9bb363b_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

2e4575e241be38715b09ef4f12983c1529598c5946ecbe8c58787135366e00d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 39508
x-xss-protection: 1
x-sts-request-id: ex1-cd3d93452c5b48118a7774f11d67089d
pragma: public, max-age=5184000, immutable
last-modified: Thu, 01 Apr 2021 05:43:23 GMT
server: ZGS
etag: "1108a85e616e9b9d312bd0b520edc771"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Jun 2021 05:14:00 GMT

GET
H/1.1 200 fetchvisitorconfigurations.ls Show response
salesiq.zohopublic.com/bluetogold/ Frame 247E 592 B
1 KB 604ms
215ms XHR
application/json 204.141.42.97
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zohopublic.com/bluetogold/fetchvisitorconfigurations.ls?avuid=10dc575f-341f-4ce3-9ae2-e2baba5d6634&lsid=396117000000002043&fetchallfields=true

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/siqnewchatwindow_56c1efd314cf144b835e483ac590b4a7_.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.141.42.97 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

d9b52ccbefa4e7a2b3151906480e1a5094019d87ee221b5eef3ec1471a123210

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:53 GMT
X-Content-Type-Options: nosniff
Server: ZGS
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 592
X-XSS-Protection: 1

GET
H2 200 m-outer-0cba8a995d163797499ab006bbb6b889.html Show response
js.stripe.com/v3/ Frame 9D20 215 B
951 B 104ms
104ms Document
text/html 143.204.245.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-15.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bluetogold.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bluetogold.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: wbibdNqeqWtTsR0kbdoZwx6efnD5+ij5D06eQGf9hcE89m9LcDI34ddWacu1FOtToxECEtwGbxM=
x-amz-request-id: 8WRCN9HP6WB1AXH4
last-modified: Tue, 09 Mar 2021 20:21:15 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Fri, 23 Apr 2021 19:16:58 GMT
cache-control: public, max-age=300
etag: "0cba8a995d163797499ab006bbb6b889"
x-cache: Hit from cloudfront
via: 1.1 54c4a3ab55229e407630e7a126ca0932.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
x-amz-cf-id: WHEOCEAguKL8wpJZtKRIuvs-fTZYyRoC2dgUXgVfXKc0RgaorcW1dg==
age: 296

GET
H2 200 73291e5e_wmsbridge.js Show response
js.zohocdn.com/ichat/js/ Frame 247E 12 KB
4 KB 43ms
36ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/ichat/js/73291e5e_wmsbridge.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/ichat/js/Apr_02_2021_3_wmsliteapi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

ec59872055a6edaa85fed24b4ef82f9a99c8f052132d24482b39f2b02bb05cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:21:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 3432
x-xss-protection: 1
x-sts-request-id: ex1-5fddc0117c42e84ee64bb059
last-modified: Sat, 19 Dec 2020 03:20:25 GMT
server: ZGS
etag: "659ae71697931fca2566bac98ce1b8ab"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cc-sprite.jpg
images.webconnex.com/bacon/ Frame 6C1C 7 KB
8 KB 20ms
16ms Image
image/jpeg 2600:9000:20eb:a200:2:cf6c:5100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.webconnex.com/bacon/cc-sprite.jpg
Requested by: Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/css/app.css?1618265512483
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:a200:2:cf6c:5100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef090d902d6cbb5fd16a044d3d93a4ae3b4f80a6163a15e66be4950827f21923

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 16:00:43 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Thu, 09 Feb 2017 19:05:51 GMT
server: AmazonS3
age: 12071
etag: "e088c2ede7be118cc269209795e064da"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 7469
x-amz-cf-id: Xb6i3svs1NLVrX0ncaiZDzYoLRWw6lsQqcU3tUJLQ1uzXlAKvQ2Gcw==

GET
H3-29 200 XoHj2YDqR7-98cVUGYgIr9AJkw.woff2
fonts.gstatic.com/s/sintony/v8/ Frame 6C1C 8 KB
8 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sintony/v8/XoHj2YDqR7-98cVUGYgIr9AJkw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sintony|Sintony:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e73db0900053cb7929c23d8ed2d667dfbec582b4c67c61e2d0e4d184e7188b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bluetogold.regfox.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:04:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:23:06 GMT
server: sffe
age: 465428
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8324
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:04:45 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 0EB8 156 B
518 B 609ms
205ms XHR
text/plain 44.230.112.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.112.154 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

26d81ccdd26eb692505fda5d72af11e230b4e9828a64ad93da6e4b869dd40f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 23 Apr 2021 19:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H2 200 m-outer-a7fed991536d116dae496abb616e06f8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9D20 1 KB
1 KB 76ms
75ms Script
application/javascript 143.204.245.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.245.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-245-15.cph50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"356a16407e7a019ffdf35f454b7438a9"
age: 110
via: 1.1 54c4a3ab55229e407630e7a126ca0932.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: 4PXHZ4ESATKWB134
x-amz-id-2: c98iZXJELA4R08ePt3WyOjSnjKK1nBBVCk71kSBNYvji58CEusUs9s93aq3XlWempwVOUXGGii8=
last-modified: Tue, 09 Mar 2021 20:21:16 GMT
server: AmazonS3
date: Fri, 23 Apr 2021 19:20:05 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: CPH50-C1
timing-allow-origin: *
x-amz-cf-id: wxyQbxKs7ikAS1znC-RIT7MRGBPrTd3szZsjta_4wmpxHNhMgBKitA==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame C2DD 33 KB
12 KB 30ms
30ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

server: nginx
content-type: text/html; charset=utf-8
last-modified: Fri, 04 Dec 2020 19:17:49 GMT
etag: W/"5fca8b5d-84a0"
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: public, max-age=300
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 23 Apr 2021 19:21:53 GMT
age: 181
x-served-by: cache-sea4474-SEA, cache-fra19149-FRA
x-cache: HIT, HIT
x-cache-hits: 3, 308
x-timer: S1619205713.318137,VS0,VE0
vary: Accept-Encoding
content-length: 12226

POST
H2 200 6 Show response
m.stripe.com/ Frame C2DD 156 B
517 B 446ms
206ms XHR
text/plain 44.230.112.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.112.154 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4820ed5d62e44829d53d49d2a42c0ec339125f45b1436c056bfbc18254aee0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 23 Apr 2021 19:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H/1.1 200 photo.ls
salesiq.zohopublic.com/bluetogold/clogo/1579320526509_674895794/ Frame 247E 2 KB
2 KB 576ms
200ms Image
image/png 204.141.42.97
ZOHO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salesiq.zohopublic.com/bluetogold/clogo/1579320526509_674895794/photo.ls?nps=202

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.141.42.97 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

b566df3b5edb26a0b7b2f0dbf25f3b666dec49fead1b71ef85b7030d07e796f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
Date: Fri, 23 Apr 2021 19:21:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 18 Jan 2020 04:08:46 GMT
Server: ZGS
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000
Content-Type: image/png;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js Show response
t.wepay.com/fp/ Frame 6C1C 271 KB
46 KB 156ms
50ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.wepay.com/fp/check.js?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb

Requested by

Host: static.wepay.com
URL: https://static.wepay.com/min/js/risk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

034a8aeeaee589a69c557028656934d19e8af08911e87d8c5f94b3af2eb0bccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Apr 2021 19:21:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
t.wepay.com/fp/ Frame 6C1C 81 B
475 B 143ms
36ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.wepay.com/fp/clear.png?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Apr 2021 19:21:57 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
t.wepay.com/fp/ Frame 6C1C 81 B
475 B 153ms
40ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.wepay.com/fp/clear.png?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&m=1

Requested by

Host: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Apr 2021 19:21:57 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
t.wepay.com/fp/ Frame 6C1C 81 B
537 B 109ms
36ms XHR
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.wepay.com/fp/clear.png

Requested by

Host: t.wepay.com
URL: https://t.wepay.com/fp/check.js?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, ncwzrc4k/5471b7b249ca470dd8471677-b02d-4409-8649-ca7c575c2deb
Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:58 GMT
Last-Modified: Fri, 23 Apr 2021 19:21:58 GMT
Server: Apache
Etag: 7208edc969274c97897ebfef6b1c6874
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://bluetogold.regfox.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Wed, 22 Apr 2026 19:21:58 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=938A2EF6139FB79B52DEF5D6FC135F83 Show response
t.wepay.com/fp/ Frame E11E 80 KB
12 KB 40ms
39ms Document
text/html 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.wepay.com/fp/ls_fp.html;CIS3SID=938A2EF6139FB79B52DEF5D6FC135F83?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&nonce=5471b7b249ca470d

Requested by

Host: t.wepay.com
URL: https://t.wepay.com/fp/check.js?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

98b019e3d2e716a1d32e0cf1552c4f7a3bf5d4e0955341a4df60c975b636c476

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: t.wepay.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://bluetogold.regfox.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: thx_guid=be12fd7dd24a47588762560d9c079d07
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bluetogold.regfox.com/

Response headers

Date: Fri, 23 Apr 2021 19:21:58 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 200
OK sid_fp.html;CIS3SID=938A2EF6139FB79B52DEF5D6FC135F83 Show response
h.online-metrix.net/fp/ Frame BA42 93 KB
14 KB 118ms
39ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=938A2EF6139FB79B52DEF5D6FC135F83?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&nonce=5471b7b249ca470d

Requested by

Host: t.wepay.com
URL: https://t.wepay.com/fp/check.js?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

d0b0cc412b32f39a65193918bd65085582eba11a317704a8ecd63fb278e9a54d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: h.online-metrix.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://bluetogold.regfox.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bluetogold.regfox.com/

Response headers

Date: Fri, 23 Apr 2021 19:21:58 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
t.wepay.com/fp/ Frame 6C1C 0
387 B 36ms
35ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.wepay.com/fp/clear.png?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&nonce=5471b7b249ca470d&jd=353026246a646c3f3c36266866603d35323a6b3e32613b3e63363236343b346367623861613f34313630633b393263246a6e746e3d38323b3131323c36

Requested by

Host: t.wepay.com
URL: https://t.wepay.com/fp/check.js?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Apr 2021 19:21:58 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 6C1C 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=938A2EF6139FB79B52DEF5D6FC135F83 Show response
t.wepay.com/fp/ Frame 01CB 80 KB
12 KB 45ms
43ms Document
text/html 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.wepay.com/fp/top_fp.html;CIS3SID=938A2EF6139FB79B52DEF5D6FC135F83?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&nonce=5471b7b249ca470d

Requested by

Host: t.wepay.com
URL: https://t.wepay.com/fp/check.js?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e046d7a4dbc1743879df2397ec2fb57285587c717cceacf11e399b843610f9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: t.wepay.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://bluetogold.regfox.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bluetogold.regfox.com/

Response headers

Date: Fri, 23 Apr 2021 19:21:58 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
t.wepay.com/fp/ Frame 6C1C 0
218 B 40ms
37ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.wepay.com/fp/clear.png?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&nonce=5471b7b249ca470d&ja=363f362426613f3438247a3f363826663d393e383278393a32302463663f31343230783332383024737a7b3f387a30246478723d3124393e323024393030322e313430322e31323230243132313b2e303932302e313e30302c393a38322c382432267161643f3236246c683f687c7472732731432d304627324e626c756d7c67656f646c2c726765666d782c616f6d27324e6c63732f30332d3146756d676465253b4c677261797d672666703d6a747672732531412d3244253044757f752e606c7d65746f6f6764662e6b676f253044266a683f66323534316c64353760333b6c673532316b6336353d3d6935623d6b663135312668736d3f4c696c7570266873603f4160706f6f652d323038312e62716f7d354e696c7778246e6a613d31342666646f3d3a247672663d47757a6f70652d3a4e40657a646b6e246f617668703f343032336c31613260676138306534636b35363038303a6364393d37343233666634373a383136316c3667616330366c613936616e6264373a3b393131313e6326723f706e75656b6e5f646c69736a5e64636e7b6721726c7d67696e577f616c64677f715f6f67646b615d726c617b657a5e64616e716729726c7767616e5f616c676a675f696b706f6063745c66636e73652370647565696c5d737d6b636974616d655e6e6964716529786e75656b6e5d736a6d636b75617e655c66636e716d23706e756f696e5f7a6d696e7064697b65705c66636c716721706e756f696c5f746e6157726c63796d725e6669647b6721786477676b6c5f666574636c76705e6e616e736723726477676b6e57737667577e6167776d7a5c66636e736721726e75676b6e576a6376635c64696e7367266d78333d6b303c64343f6c35363b616231376331346330306d3266393364643f313836306b6137303d693c61266b6b663d303230323032&jb=313d33246c733f4f6778696e6c692532463d26382732382055696c666f75732730304e56253a3033302c32273b402530305f696e363c2d3b40253a387a36362b2530304372706c67576d6249697627304e3733352e3b3625323820434a5445442732412732326c6b69652530304f65616b6d2b273a32436a72676d65253a4e303b2e382636333a3b2e353227303053636669726b253044373b352e3136

Requested by

Host: t.wepay.com
URL: https://t.wepay.com/fp/check.js?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 19:21:58 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
ncwzrc4kjnnxcorsxc7gylx4s5kdpiduxuo4yjsv5471b7b249ca470dam1.e.aa.online-metrix.net/fp/ Frame 6C1C 81 B
438 B 124ms
35ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ncwzrc4kjnnxcorsxc7gylx4s5kdpiduxuo4yjsv5471b7b249ca470dam1.e.aa.online-metrix.net/fp/clear.png?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&nonce=5471b7b249ca470d&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Apr 2021 19:21:58 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=938A2EF6139FB79B52DEF5D6FC135F83
t.wepay.com/fp/ Frame 6C1C 0
400 B 44ms
44ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.wepay.com/fp/clear1.png;CIS3SID=938A2EF6139FB79B52DEF5D6FC135F83?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&nonce=5471b7b249ca470d&jf=34393624736b665d7a6c643f746c725f71677d463b4a5d4f497a744536406f6b247369665f6c6176653f3334393b3232353f3138267b616c5d747178673d756762386561667361247361645d6b677b3f3b32353b33383133303e383f3061303e363861673366303032313034303032633834363a6b673366303b3031303f383b3632383832343a37623232303a343261393c31613836666669676360316b6535343c313d67323a6c31353067663b363464353937643b3467393532306d3b316133383738633d3c6b3b3030386734343a3932353732386467313c66373566633b6c366130363f643339383b3032323f3b30373336626734343a663731656b3230636763606a322671696c5f73696f353b32343d3830323332306765313a373235313e6463383636366c666567616b3962616d3b3c30303869373337303466393b3a626634323965343437603438636632353a396337396e3e31303a3a32303566396032333a39373a636c62323764643730676167623e37376331303c64663c3031623266636063636732343a626a3460346436316e663466613c3730392e7b6164723538

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Apr 2021 19:21:58 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=7B81F5DB306325EA1CF8B116DBE13260
h.online-metrix.net/fp/ Frame BA42 0
400 B 39ms
38ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=7B81F5DB306325EA1CF8B116DBE13260?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&nonce=5471b7b249ca470d&jf=34393624736b665d7a6c643f746c725f546449713b374b51514753484640487b247369665f6c6176653f3334393b3232353f3138267b616c5d747178673d756762386561667361247361645d6b677b3f3b32353b33383133303e383f3061303e363861673366303032313034303032633834363a6b673366303b3031303f383b36323838323432306235636666393537396d64353134673369616634336e303434693b3f32636939343933376563666736623630656e3334633331363e6363343769306562383a6e3133306b343461373661653037343066373b353535643a3b6b36333665393838336c3b396438306c323136673031353536333535646d3860336460343d352671696c5f73696f353b32343d38303233323061306066356636386e34606636643b3a363864356e6632353f386b35653e38323366366431336731643463306b643a373764336b3a636138303031663b3f3f33303a3a32333035303436663462323464306131363534353a323932666c383333696e3060376b6932383130363a65303239383a3869633b653a6437693b6433613e3434322e7b6164723539

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=938A2EF6139FB79B52DEF5D6FC135F83?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&nonce=5471b7b249ca470d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Apr 2021 19:21:58 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
t.wepay.com/fp/ Frame 6C1C 0
387 B 41ms
40ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://t.wepay.com/fp/clear.png?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb&nonce=5471b7b249ca470d&jac=1&je=313f3524267567607a76635d65707465726669645d697835372e3037332c3232352e3230302e776b6d3f75676a7074615f616e74657a66696e5f656c6c7324726d3f6e6d24626176737c3d79226e67746d6e2238312630302c2a7b7c63747d7b203a2061686372656b6e67207d2e6177646a3f616d646263653c3738363f3f6e32326e6a60643b353334313534393266626c3961363637326a64353434393636396d6a6d64313d313761603534376130333137

Requested by

Host: t.wepay.com
URL: https://t.wepay.com/fp/check.js?org_id=ncwzrc4k&session_id=d8471677-b02d-4409-8649-ca7c575c2deb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bluetogold.regfox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Apr 2021 19:21:58 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 embedpostload_0b448a6d08d59e96981b4874b37babb7_.js Show response
js.zohocdn.com/salesiq/https/js/ Frame 247E 18 KB
6 KB 38ms
37ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/embedpostload_0b448a6d08d59e96981b4874b37babb7_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/siqnewchatwindow_56c1efd314cf144b835e483ac590b4a7_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

f238ecce94f68fdcd92349eaf671c452d51911e63e2f5705e0deb1526f263a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 5880
x-xss-protection: 1
x-sts-request-id: ex1-a2e042ee14b54bf890b33fa5024cb7a7
pragma: public, max-age=5184000, immutable
last-modified: Sat, 10 Apr 2021 12:47:53 GMT
server: ZGS
etag: "1be063d800b2c8e57e098f54e8621fec"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 04:39:46 GMT

GET
H2 200 embedpostload_b08f1e6aa9116b31b91b3d87dff43aa0_.css
css.zohocdn.com/salesiq/https/styles/ Frame 247E 3 KB
1 KB 38ms
38ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/https/styles/embedpostload_b08f1e6aa9116b31b91b3d87dff43aa0_.css

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/siqnewchatwindow_56c1efd314cf144b835e483ac590b4a7_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

462e9c88a7913141f066865a63a979f3d526d371f3561ab829ee30c5c734ab5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.bluetogold.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 19:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css
x-cache: HIT
vary: Accept-Encoding
content-length: 589
x-xss-protection: 1
x-sts-request-id: ex1-5f579fd6cf71e33f72847995
last-modified: Wed, 03 Jun 2020 01:43:52 GMT
server: ZGS
etag: "e02da7321fcab60a70c344c7ae94450c"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, must-revalidate, proxy-revalidate
accept-ranges: bytes
timing-allow-origin: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bluetogold.regfox.com
URL: https://bluetogold.regfox.com/las-21?wmode=opaque

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bluetogold.com/	1970-01-19 17:48:12	Name: bluetogold-_zldt Value: 5c3d64af-050a-4ec3-9626-825837ba4b7e-0
www.bluetogold.com/	1970-01-19 17:46:47	Name: ss_cvisit Value: 1619205710594
.bluetogold.com/	1970-01-19 17:46:45	Name: _gat Value: 1
www.bluetogold.com/calendar	1970-01-19 17:48:12	Name: ZLSLANG7a16fa273171d176c0c8ea5f89ae709c8c42ef19a09369ce1d88c5a5e12ed3b9 Value: %22en%22
www.bluetogold.com/	1970-01-20 11:17:57	Name: ss_cid Value: 9e08cd12-f272-4e4c-9e68-abf560dca080
.bluetogold.com/	1970-01-19 17:48:12	Name: _gid Value: GA1.2.363240661.1619205711
www.bluetogold.com/	1970-01-19 17:49:38	Name: memberstack Value: %7B%22spEditor%22%3Afalse%2C%22defaultMembership%22%3A%225f777c5e527e59000490bb39%22%2C%22squareLogo%22%3A%22https%3A%2F%2Fmemberstack-logos.nyc3.cdn.digitaloceanspaces.com%2Fsquare%2F1601670806404B2G-Training-70.png%22%2C%22colorCode%22%3A%222aa8ff%22%2C%22allow_signup%22%3Afalse%2C%22protected%22%3A%5B%7B%22id%22%3A%22employee%22%2C%22redirect%22%3A%22access-denied%22%2C%22urls%22%3A%5B%7B%22url%22%3A%22manager%22%2C%22filter%22%3A%22Starts%22%7D%5D%2C%22access%22%3Afalse%2C%22hide_links%22%3Atrue%7D%2C%7B%22id%22%3A%22staff%22%2C%22redirect%22%3A%22access-denied%22%2C%22urls%22%3A%5B%7B%22url%22%3A%22staff%22%2C%22filter%22%3A%22Starts%22%7D%5D%2C%22access%22%3Afalse%2C%22hide_links%22%3Afalse%7D%2C%7B%22id%22%3A%22instructor%22%2C%22redirect%22%3A%22access-denied%22%2C%22urls%22%3A%5B%7B%22url%22%3A%22instructor%22%2C%22filter%22%3A%22Starts%22%7D%5D%2C%22access%22%3Afalse%2C%22hide_links%22%3Atrue%7D%5D%2C%22hasRecaptcha%22%3Afalse%7D
.bluetogold.com/	1970-01-20 11:17:57	Name: _ga Value: GA1.2.699240003.1619205711
www.bluetogold.com/	1969-12-31 23:59:59	Name: crumb Value: BTvMlRHXyoMFMTI2ZWVkNmU0MzAxYjY2Yzk3YTllZTY2NDE5MjM0
.bluetogold.com/	1970-01-20 11:17:57	Name: bluetogold-_zldp Value: xBBQ4tP5C%2BLAkBtr%2B%2FoQOgKL2eYXXWHawmXz0voI3I8vpdRVMrnZDDE51ay9afZrodoRkLyJC2Y%3D
www.bluetogold.com/	1970-01-20 11:17:57	Name: ss_cvr Value: 800a0844-1ee6-4c3a-ab1a-b59f2a6374ab\|1619205710383\|1619205710383\|1619205710383\|1
www.bluetogold.com/	1970-01-20 11:17:57	Name: ss_cpvisit Value: 1619205710594
www.bluetogold.com/calendar	1970-01-19 17:46:45	Name: ZLD396117000000002043avuid Value: %2210dc575f-341f-4ce3-9ae2-e2baba5d6634%22
www.bluetogold.com/	1970-01-19 17:46:47	Name: ss_cvt Value: 1619205710383
www.bluetogold.com/calendar	1970-01-19 17:46:46	Name: bluetogold-_zldp Value: %22xBBQ4tP5C%252BLtofLzbqVyx53l%252BtvLuEahocpSsyfU2LZoYHFcoYMU43s1eyr6cqTRmKwM1K1ctjo%253D%22

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-afecde13fe31e4470ac33-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-moment_js_vendor
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-afecde13fe31e4470ac33-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-cldr_resource_pack
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-afecde13fe31e4470ac33-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-common_vendors_stable
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-afecde13fe31e4470ac33-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-common_vendors
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-afecde13fe31e4470ac33-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-performance

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.memberstack.io
assets.squarespace.com
bluetogold.regfox.com
bouncer.webconnex.com
css.zohocdn.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
h.online-metrix.net
images.squarespace-cdn.com
images.webconnex.com
js.stripe.com
js.zohocdn.com
m.stripe.com
m.stripe.network
memberstack-logos.nyc3.cdn.digitaloceanspaces.com
ncwzrc4kjnnxcorsxc7gylx4s5kdpiduxuo4yjsv5471b7b249ca470dam1.e.aa.online-metrix.net
netdna.bootstrapcdn.com
p.typekit.net
platform.twitter.com
s7.addthis.com
salesiq.zoho.com
salesiq.zohopublic.com
static.wepay.com
static1.squarespace.com
syndication.twitter.com
t.wepay.com
use.typekit.net
v1.addthisedge.com
www.bluetogold.com
www.google-analytics.com
z.moatads.com
bluetogold.regfox.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
104.117.213.240
104.244.42.136
104.96.90.218
130.211.164.108
136.143.191.67
143.204.237.146
143.204.245.15
151.101.112.238
151.101.12.176
184.30.24.107
185.20.209.147
198.49.23.144
2.18.235.40
204.141.42.97
205.185.216.42
2600:9000:20eb:a200:2:cf6c:5100:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:20::681a:a1
2606:4700::6812:bcf
2a00:1450:4001:809::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::200e
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
44.230.112.154
44.237.110.25
54.185.154.201
91.235.132.130
91.235.133.182
91.235.134.131
034a8aeeaee589a69c557028656934d19e8af08911e87d8c5f94b3af2eb0bccb
0377b04db3b348d4a70068206a3fc227c44392912c4f6a124ee65fad2b14d582
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0616b621a20c5c418f89e29aecd25f6c315248c8185fc9119b9ae88245643fe5
0c76b634e423d70643229df89d936c2a731eae8ad726cb8049052d12020d97f8
0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b
1bd61d8494e09df2bbc3b644c2a5e77ec7d5bdd2f6a50af3bb913fc1af6fcfc7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ce760a9ebcbf4de4448f4185c462e569156b307f8124994c25b78cd34df7052
1e4accb4e02e09eafa3142a81dd0fef6c48a5c373cbfdb08f5ddcbd60bccba00
21c30cb7e590e36ddccbb2ef63376803661d15e3d2d602ede7e98750950d617b
248a571daf850ed97a8d3fe51cf46d5d6565d88cf0789c3c49f7914ae467dfd5
26d81ccdd26eb692505fda5d72af11e230b4e9828a64ad93da6e4b869dd40f3a
27ec9469626338f19b166e356a3fabe6c68461608ae02cf8bb870a30eaeb6acb
27f1c6e60728f6ec5a219faf56bfaa0482b600a02b83e9cce1d1253f29903309
2a002ab6c5d94a2b288c1f42e4e72fbab3f31066b47fb67d62d79dea793dd2d8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bb9e307a6df263e32e276de34d9ded977068dd7d05fc1e8ba3b4867c8b231eb
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d75fcf9c777174f1245b30ed95b56d566213925377acd82698e4eb45ad43a2b
2e4575e241be38715b09ef4f12983c1529598c5946ecbe8c58787135366e00d3
2ec080d9b1eb81f35bdbb50b2e7342f5cf609bb6b39c60bd4454e59fc3602d78
32099b201e4d474839074efeff27c07799d68431c3ab1a86eea6c7cd10f886c5
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
38ab04a6678f1e9cec489af546b8f75b61eb1a95747855c18a4a5dabb0f0a3d4
3cf4e4e11ca10e0fd8d913e50d0773b06880e031c7e07767c0138db18e4927eb
3e09254be59ad08d7e8c964089f6f47fb178008be42ca77d689ba90ecb8368b8
3ed2f5002d8d76f69fb8f260ba74d0ee5647192a8da97941212115718a5b5255
40eccc4c6e758e697f72eb80ea7800553d9b4e9a9695827ff9dfc24d8ff69097
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
462e9c88a7913141f066865a63a979f3d526d371f3561ab829ee30c5c734ab5a
46a2de362f54e3c988cc8c9fbf68fe12018c8ae42fe11509a747f52f17834466
4820ed5d62e44829d53d49d2a42c0ec339125f45b1436c056bfbc18254aee0d6
48e8492f6fe4e204a81dcd384b2f1125ec0033ffbf9fec9c94d444b38d4dce63
4cdf5b9c1f3a84e8ae11cecd123eb3b2e38614ea926060e0133bfe43cbe907e3
4f4a60fe7fd46b0587925969eb8b7ac3f49e05af2c9d9a75699a4ade9e8d9a16
501ed6f37588ea4083347c8c1b9fd9bfbc560f8f9977aa2847749e0977063f6c
59b0c27be455c97e730a26030b44eadb631bdd62083056e69a3845745ddc2863
5e621780ac394f3839adb9f93d62c36bc51d432e4d8f7bfe7822d2951fdf7c4f
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
651492d95c1e9fd9378fa9f7e9d60a3315cee1b44aec5bf54891198e812d6319
66658d2ec216e7ae250bde98b05afbedd8969db6c8a1f3159756792a29e552fb
67b29bd429636d6fd7ac8c022b878d210c54e3cb8900417d30516647981f037a
690788b8580c8fa411f0f5f00dce82e782a73c661d0d53322a909bf3c737e085
6b2ad5e8efca12196b94fcede3e8268337d82d0970dd2bf1e0f06928ca0d463d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b5e3e0dec9ab4763fc475655120fe453fca2f7d55921a554ae796fc98ba7a65
84ec54c7974a044d5e1267aa6c392c8e8a47acc4768a9cc56340e9c0a5ba36fe
85c80213474cf67f4dcf0eadd14e944ff6422a60205cbea5cd70e8302daec502
8649a8246250ec4af98b21f1d52c08494c8dea4a0e93dee7cdd50f7faba3d482
885b514a3482ba315830dcdf9e09cdd4c060444c0a1f6e21c6dacb2d12db4ef7
8a4125763bc689cdad8bf78bc9df373b0ccdb58ffbc791dddfdc1e84c8f3a1f8
8bc2ac81279ac3de72ff9c9556bf61258cc02472a89f07ac3090f6916160da80
8c77794b795c43cb1944f06f8b8e834eb00a6088e5e3f0cd41b13c789105bb76
8cb9b3cd85e34d917fb3758e8cbe1385fbe34f4f33cbabc78227f2633f3e0131
8f559fc1755c4643c74849b96154553c6353a29ad682de1d8526bf03f39ae3b9
925818e35ed0851fba7408d7c438c261edbc941e343349d32aa07d25b2a3b653
92ad4b51dd5e55fb0bcf5770612200431fd93ceb6be6a0000ed97d990b7f8561
92f777da974629d4895b35d20a50975c626a3b285e09230406c868dc27a16811
942a7e4929bdd1358450c5129b27490a1ed1f0b91b79e254a209543fd156629f
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
986ad2a5430879bc7b84afcb2896ee5c4621e3b45883bd4e05d56a5987809863
98b019e3d2e716a1d32e0cf1552c4f7a3bf5d4e0955341a4df60c975b636c476
9a1a72d7dc7909504bd80f49cbc9c7e52a18b25060d79a08a18b873a184868b4
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c7dfbe14df1869398f98a56a85184e28196b74c583eb776430f793b900330ab
9ccca9067ec00e9da8a956d221275be98a9494117dd71b1daf751e88510a7081
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a6dcd61c8a4320302bec6a27b8982726084e4e7596f63f59d63264b69b4ae231
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
af244bf83f9fb9af34c5576e2f5c56e8e5498225afe68f1d431da2aba73e3c51
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b3c0c5a12b2e62f1e6e892ac615c39d8edc0885b87b0c851f5234baeeede7e6b
b566df3b5edb26a0b7b2f0dbf25f3b666dec49fead1b71ef85b7030d07e796f7
b63ebdc392b9798a560248f3de1333b7b96e0f6eccd7163569ae90a67ad2897d
b805c50bd761db5d2c6de14a08ca6a5cfc38f060838415c1937ec943c5901c4b
bbc56417fe0737508a2513ee9ac5ef767080a1aad022c612cbe4c24315e1734d
bbd80981dfc0174f878b36a16f2df70fb71f52d418aedcc654d3020ff8e3faa1
bd4a08ee1b016c53e2a9221e418d7fa94478b650c58b757a6dde72748cd803f4
bd9c34850856387a1b6aa460751df47d1a4404300197e43eb696e8da7db04345
c268525a79f7817775e4840f43b967fce813641741403dedc56be4271aef600d
c642a3823bf52ed74064ebc7e9a984bec36b06014ff9c17854592f83b2fd2754
c6820fe61db0edc51052cb0dd115c90c4e5900cfefe9b324fb402152a00f9258
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
d0b0cc412b32f39a65193918bd65085582eba11a317704a8ecd63fb278e9a54d
d1f432a4c77408dcb8c9da3c0bb4fa8694859d65ac1d8f139b17a8969b6e2fa0
d3470d629b39f5504e076632b06cd8b97b2c567825aba06b2b25dd58a13acd92
d37e4ca1e1902ac258dedafe9e7ee1bc8e7ac887a3d2f0babc143dede00dfd32
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d9b52ccbefa4e7a2b3151906480e1a5094019d87ee221b5eef3ec1471a123210
d9d360e4a9ffa22a014272dd7f8fe5de387b69cefab7b3a75a39378fec8f7bd1
db1534e6def6b61255abc60b854df8bcea13cf571dc7db5370d220306181be76
e04460d8e3905afb14b0cff3e8e19b5193ce7e2d3bc79fdb80de18705a92a331
e046d7a4dbc1743879df2397ec2fb57285587c717cceacf11e399b843610f9d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73db0900053cb7929c23d8ed2d667dfbec582b4c67c61e2d0e4d184e7188b36
e7f0c72a0ce17ca77f93669294b4ae10f8bb10b0bbcf3d06ffb122650eaa2570
ec59872055a6edaa85fed24b4ef82f9a99c8f052132d24482b39f2b02bb05cd2
ee4449e61a8245c7983466776579f421f3807158efdb451037e3edf0e183e99c
ef090d902d6cbb5fd16a044d3d93a4ae3b4f80a6163a15e66be4950827f21923
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09639069de98a3d08da00360f426fbdd3748007622d8a6c58b4bb9f1037cd15
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f238ecce94f68fdcd92349eaf671c452d51911e63e2f5705e0deb1526f263a0a
f2644f8193230dedfe8b845c5fd843fc06c1464cc9586d81f357e41183d8e931
f2dc9b98aca591bc03b84de056433d72dcbbad241a730e691cf2f415d2dbf586
fde979c2211760c0bef81d73e347b3b857ecb84aca8b2ce4b3cca5836dd4c01a
fea01bb129f782c79a5909ed1897c56be4a43384417892d8dd40df067032d0a3

www.bluetogold.com Open in urlscan Pro 198.49.23.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

131 Requests

98 %HTTPS

30 %IPv6

25 Domains

33 Subdomains

31 IPs

4 Countries

3673 kBTransfer

13509 kBSize

15 Cookies

8 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bluetogold.com Open in urlscan Pro
198.49.23.144 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

98 %
HTTPS

30 %
IPv6

25
Domains

33
Subdomains

31
IPs

4
Countries

3673 kB
Transfer

13509 kB
Size

15
Cookies

131 HTTP transactions
0 data transactions