haley.flame.quest Open in urlscan Pro
185.47.172.154  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response haley.flame.quest/	56 KB 17 KB	909ms 565ms	Document text/html	185.47.172.154 KAMATERA
General Check archive.org Show headers Download Go to Full URL https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.47.172.154 Milan, Italy, ASN36007 (KAMATERA, US), Reverse DNS Software nginx/1.24.0 / Resource Hash d6444104b7d507efd3c02ac32436571f3594d4879132ef5109f7606d26069af7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin date Tue, 30 Jan 2024 00:35:31 GMT nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} referrer-policy same-origin report-to {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706574931&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=H6%2BzYKfGi%2B%2BE6S0tarPEdWy1oAA8pNesWZ%2FMH7C2OeU%3D"}]} reporting-endpoints heroku-nel=https://nel.heroku.com/reports?ts=1706574931&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=H6%2BzYKfGi%2B%2BE6S0tarPEdWy1oAA8pNesWZ%2FMH7C2OeU%3D server nginx/1.24.0 strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding Cookie via 1.1 vegur x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	output.54a1526aa7df.css cdn.muckrock.com/CACHE/css/	3 KB 1 KB	234ms 55ms	Stylesheet text/css	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.muckrock.com/CACHE/css/output.54a1526aa7df.css Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash 54a1526aa7df96759bcfe698a8c1ca242ed77d7fc1e9b70ef884dd176c3097db Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 08:31:16 GMT content-encoding gzip via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Mon, 22 Jan 2024 16:38:12 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 57856 x-amz-server-side-encryption AES256 etag W/"ad1442636bcc330cd6db17771c3e629e" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id v1_S-jcFa8rwbl5wZUNzPvIkDjfBelENYo6HoTlGFR_xhYSeVG8hSQ==
GET H2	200	output.3d16f393e8d9.css cdn.muckrock.com/CACHE/css/	24 KB 3 KB	234ms 57ms	Stylesheet text/css	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.muckrock.com/CACHE/css/output.3d16f393e8d9.css Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash 3d16f393e8d930af2c2ac60b26ed53bef696f7afd738f6be86dc5c447cbe478f Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 02:49:30 GMT content-encoding gzip via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Mon, 22 Jan 2024 16:38:13 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 78362 x-amz-server-side-encryption AES256 etag W/"49fa589b4a1977dd8210c7185a33a949" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id bxDNNQmYRqXf88quW-Z7VCns7YiMnAdfHLfxTXkJdxjSTOZbeM3C9A==
GET H2	200	output.1ba456fb912f.css cdn.muckrock.com/CACHE/css/	191 KB 28 KB	235ms 57ms	Stylesheet text/css	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.muckrock.com/CACHE/css/output.1ba456fb912f.css Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash 1ba456fb912f7cb0f761ea963a468a9aa5a1d0c806fe0940041a4a272b9c8af3 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 20:19:38 GMT content-encoding gzip via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Mon, 29 Jan 2024 20:10:05 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 15354 etag W/"a1068d35937eed35807d28eea330c33e" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id YlvKOZfKFe2kfwhhKlKOkWoNiJbWLvhkRbwmVpqA-A1ML4USgWfWGw==
GET H2	200	script.js Show response plausible.io/js/	1 KB 1 KB	146ms 33ms	Script application/javascript	2a02:6ea0:c454::1 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://plausible.io/js/script.js Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash 021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 30 Jan 2024 00:35:32 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 885 cdn-cachedat 01/29/2024 12:30:41 cdn-pullzone 682664 cross-origin-resource-policy cross-origin application 10.0.1.5 alt-svc h3=":443"; ma=2592000 server BunnyCDN-NY1-885 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid 153cb5b1-399a-48ef-b5bf-098c03770254 cache-control public, must-revalidate, max-age=86400 permissions-policy interest-cohort=() cdn-requestid 519111a657a13dca18fada186bee3768 cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET H2	200	REFUGE-KJB-01b-thin.jpg.1800x600_q85.jpg cdn.muckrock.com/news_images/2024/01/19/	209 KB 209 KB	191ms 71ms	Image image/jpeg	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.muckrock.com/news_images/2024/01/19/REFUGE-KJB-01b-thin.jpg.1800x600_q85.jpg Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash 2924602146bebe94f1bcd8625525344c87fe61ebee48afcc77f9bdaacbdff55b Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 19:10:48 GMT via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Mon, 22 Jan 2024 14:10:58 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 19484 etag "d9ee916ddf33613153c1e1df341f2ab6" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 213755 x-amz-cf-id -VFr6T0H3xVy-e8NazNdwJ4t5mtHuUO4BO1OjKK1bdRNklYS9ugsPQ==
GET H2	200	L-AI_Bot.jpg.900x300_q85_crop.jpg cdn.muckrock.com/news_images/2024/01/23/	23 KB 24 KB	174ms 55ms	Image image/jpeg	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.muckrock.com/news_images/2024/01/23/L-AI_Bot.jpg.900x300_q85_crop.jpg Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash f132cf30bdef13d77e5d30761ae2921b0df7a9f75327a552dda72f5a822ec5f2 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 19:10:48 GMT via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Wed, 24 Jan 2024 13:02:15 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 19484 etag "55f0bc42f894fbd0100963a682e7befe" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 23763 x-amz-cf-id jOTzrVmA3czMZuGL70MPSticKKSBKXmjUd6W6rQg4yq5z9Mti4zTpw==
GET H2	200	Screenshot_2024-01-23_at_4.47.09PM.png.900x300_q85_crop.png cdn.muckrock.com/news_images/2024/01/23/	406 KB 407 KB	54ms 51ms	Image image/png	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.muckrock.com/news_images/2024/01/23/Screenshot_2024-01-23_at_4.47.09PM.png.900x300_q85_crop.png Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash 67e8bc90f1dd18d9471e2d49864f7189bc681c85f2cbe888461022bdbfba3036 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 19:10:48 GMT via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Wed, 24 Jan 2024 14:40:09 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 19484 etag "a46a8a41f956f71c68f80706772a140d" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 415714 x-amz-cf-id qTaBWefvmGQCNf98Ar3Lihfp7vlUtkX4l2-RDKyBtXAWJBS6_cV-zA==
GET H2	200	Foia_fees_banner.png.900x300_q85_crop.png cdn.muckrock.com/news_images/2023/12/19/	121 KB 122 KB	108ms 98ms	Image image/png	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.muckrock.com/news_images/2023/12/19/Foia_fees_banner.png.900x300_q85_crop.png Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash b021c18449153785bb33819a86245011d7ebd90bc0adc88c8a1b07e8ddfa855a Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 19:10:48 GMT via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Thu, 21 Dec 2023 21:05:55 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 19484 etag "5b4fb0c72b92c4cc566512980d0c81db" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 124216 x-amz-cf-id ffGv0vtY0RDqy6EZ-PqhT8lynjRh7s7Zs0vFMaxlWJhqdxyOCJMjng==
GET H2	200	For_the_Record.png.900x300_q85_crop.png cdn.muckrock.com/news_images/2024/01/24/	19 KB 19 KB	154ms 145ms	Image image/png	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.muckrock.com/news_images/2024/01/24/For_the_Record.png.900x300_q85_crop.png Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash c519c67236ab1ba0e47f4004899eba95139af995b3490943d8ec5d64014722d6 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 03:10:03 GMT via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Wed, 24 Jan 2024 16:18:49 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 77129 etag "63549347a669bda7aaf98b482d132392" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 19478 x-amz-cf-id nYvSC4vo8GvXAV_ZF3JrFlVQVORA3nQW475zUwgkRZW7JdxRM2HF-w==
GET H2	200	/ Show response js.stripe.com/v3/	587 KB 145 KB	241ms 66ms	Script text/javascript	65.8.178.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.8.178.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-8-178-72.mia3.r.cloudfront.net Software Cloudfront / Resource Hash 4984498a86b38efed4dad9ee261067e2fe701e0e736162d7a39c38533387bff8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 30 Jan 2024 00:35:14 GMT content-encoding br via 1.1 285957c614f44b19c6899b907506f070.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 19 x-amz-cf-pop MIA3-C4 x-cache Hit from cloudfront last-modified Mon, 29 Jan 2024 21:43:28 GMT server Cloudfront etag W/"8cf1be8e46d969fc6486a347bb4f7aed" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id JQ18dyXRbnEtRAJb9sFGU0-zG0pl5awwWfq0-wHBxSuZgoot1pSzIA==
GET H2	200	output.8d2c5a67e42e.js Show response cdn.muckrock.com/CACHE/js/	2 MB 513 KB	92ms 85ms	Script application/javascript	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.muckrock.com/CACHE/js/output.8d2c5a67e42e.js Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash 8d2c5a67e42e64664987157af99b701bef1d7ca771c7e3a43ae2308a4fe5fbf8 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 20:24:37 GMT content-encoding gzip via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Mon, 29 Jan 2024 20:10:05 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 15055 etag W/"24a598c6c829d2d2bcd7cdd2cb2123af" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id Ailpx4ieyCuEcNUfSb1BtjXbJ28U_Qc42gxmW2EwZALHjFwYJgHrEw==
GET H2	200	mixpanel-2-latest.min.js Show response cdn4.mxpnl.com/libs/	52 KB 18 KB	115ms 26ms	Script text/javascript	35.186.235.23 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.235.23 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 23.235.186.35.bc.googleusercontent.com Software UploadServer / Resource Hash acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 30 Jan 2024 00:29:59 GMT content-encoding gzip age 332 x-guploader-uploadid ABPtcPp3Mbk_Oa_-rn0AkDt70sTGjipa8XET9zQSV_8EPCsfWzZazPMo0KMDSG6xFTtlCxORKis x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18139 last-modified Tue, 14 Nov 2023 19:54:10 GMT server UploadServer etag "dff66d0b72bdc18a02be56412d5ef8c4" vary Accept-Encoding x-goog-generation 1699991650202934 x-goog-hash crc32c=VW26dg==, md5=3/ZtC3K9wYoCvlZBLV74xA== access-control-allow-origin * content-type text/javascript cache-control public,max-age=600 x-goog-stored-content-length 18139 accept-ranges bytes expires Tue, 30 Jan 2024 00:39:59 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	212 KB 75 KB	119ms 49ms	Script application/javascript	2607:f8b0:4004:c07::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WFBL4F2 Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 36d7c4478ac1fedf351707bb58fe7e27fca9b8885704943ef7d22fb04064a896 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 30 Jan 2024 00:35:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 75960 x-xss-protection 0 last-modified Tue, 30 Jan 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 30 Jan 2024 00:35:31 GMT
GET H2	200	fingerprinting.jpg cdn.muckrock.com/img/	156 KB 157 KB	101ms 87ms	Image image/jpeg	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.muckrock.com/img/fingerprinting.jpg Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash b11e524832db3629f5d0dbe97a494358271a375217452127eeee73562c4097a8 Request headers accept-language en-US,en;q=0.9 Referer https://haley.flame.quest/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 23:10:51 GMT via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Mon, 22 Jan 2024 16:38:10 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 5081 x-amz-server-side-encryption AES256 etag "bd4e8c10097230adc3356e5cb6196c48" vary Accept-Encoding x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 159895 x-amz-cf-id Rw7HAOSk5LfsUDMQz4XDYI2arXM8LeutYuRwoDR3ccU6nwL0riJUww==
GET H2	200	tips_Lgg4z1K.jpg.1200x600_q85_crop.jpg cdn.muckrock.com/project_images/2018/04/16/	74 KB 74 KB	163ms 152ms	Image image/jpeg	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.muckrock.com/project_images/2018/04/16/tips_Lgg4z1K.jpg.1200x600_q85_crop.jpg Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash 61a4dc39cc23bdb77c3a0f843ce622de5b720ca3ca2438eefa1a2f32099c6fe2 Request headers accept-language en-US,en;q=0.9 Referer https://haley.flame.quest/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 19:10:48 GMT via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Mon, 07 Jun 2021 15:52:48 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 19484 etag "d8b019244ca02af3e3f86e1c6d665b88" x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 75868 x-amz-cf-id HVFSLvLe_hLc4ApmxqFWkyIUVR5L9HYCVvakEAL6sAn6QXBcUKIyWg==
GET H2	200	Smoke_Screened_project_banner_1_QYSySUT.png.1200x600_q85_crop.png cdn.muckrock.com/project_images/2023/10/15/	1 MB 1 MB	221ms 209ms	Image image/png	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.muckrock.com/project_images/2023/10/15/Smoke_Screened_project_banner_1_QYSySUT.png.1200x600_q85_crop.png Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash a2eb38f5b60c6d2b16f5a397e1da44819850e69500c211dd695cc829a46d3e32 Request headers accept-language en-US,en;q=0.9 Referer https://haley.flame.quest/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 19:10:48 GMT via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Mon, 16 Oct 2023 15:03:41 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 19484 etag "e830a117dcdebec7eca0fd2c0417d53d" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 1099945 x-amz-cf-id R8l5bnGuwVazG8wqhtqT8xUJMYyt05DyoaIV6OHpMepuQEdpULEnNw==
GET H2	200	air_quality_main_image.png.2400x800_q85_crop.png.1200x600_q85_crop.png cdn.muckrock.com/project_images/2023/05/03/	1000 KB 1002 KB	221ms 210ms	Image image/png	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.muckrock.com/project_images/2023/05/03/air_quality_main_image.png.2400x800_q85_crop.png.1200x600_q85_crop.png Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash bfaf3d14cc7d217c4676affbd01a9799bdc9649c75de76302540ac791f9c6ac1 Request headers accept-language en-US,en;q=0.9 Referer https://haley.flame.quest/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 19:10:48 GMT via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Wed, 03 May 2023 05:03:01 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 19484 etag "bfabf627b3482fde3512d26a535016e9" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 1024481 x-amz-cf-id kBv0aCZUZh33e9EALcYfZfWxaWj8PcgC0SuybM-dUch7klWVVHppZA==
GET H2	200	flags_1_hAaKY55.jpg.2400x800_q85_crop.jpg.1200x600_q85_crop.jpg cdn.muckrock.com/project_images/2023/05/02/	156 KB 157 KB	273ms 263ms	Image image/jpeg	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.muckrock.com/project_images/2023/05/02/flags_1_hAaKY55.jpg.2400x800_q85_crop.jpg.1200x600_q85_crop.jpg Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash b0eb2f8f0f8551bd65a3a705419e8df777e85d4b9042a9fbbc97f8e248ce8b52 Request headers accept-language en-US,en;q=0.9 Referer https://haley.flame.quest/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 29 Jan 2024 19:10:48 GMT via 1.1 c3f257ad7ec4633c503cd21a690fa4dc.cloudfront.net (CloudFront) last-modified Wed, 03 May 2023 03:17:18 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 age 19484 etag "9d3568d73315191b06159ee12a0a96a9" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 160038 x-amz-cf-id frm0jVKEaquA5t4sSTntcph7QyGpzRsGOHADuFcMc5L_auTkvDJAjg==
GET H2	200	SourceSansPro-Semibold.ttf cdn.muckrock.com/fonts/	146 KB 68 KB	453ms 319ms	Font font/ttf	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.muckrock.com/fonts/SourceSansPro-Semibold.ttf Requested by Host: cdn.muckrock.com URL: https://cdn.muckrock.com/CACHE/css/output.54a1526aa7df.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash ad9bf535fc18d27ba929b766058bf5381649bc3d9092232c00e069f420054232 Request headers Referer https://cdn.muckrock.com/CACHE/css/output.54a1526aa7df.css Origin https://haley.flame.quest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 30 Jan 2024 00:35:33 GMT content-encoding gzip via 1.1 8c0e9a1aadc3a75a523925b4aae73930.cloudfront.net (CloudFront) last-modified Mon, 29 Jan 2024 20:10:16 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 etag W/"52984b3a4e09652a6feee711d5c169fd" x-amz-server-side-encryption AES256 access-control-max-age 3000 access-control-allow-methods GET content-type font/ttf access-control-allow-origin * x-cache Miss from cloudfront vary Accept-Encoding,Origin x-amz-cf-id H1zrdROGflTxwdXWSDDlPU-f5l6MycGHdHDkqsI2P3Ho0Y4N3GGoLQ==
GET H2	200	SourceSansPro-Regular.ttf cdn.muckrock.com/fonts/	146 KB 68 KB	500ms 371ms	Font font/ttf	13.35.116.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.muckrock.com/fonts/SourceSansPro-Regular.ttf Requested by Host: cdn.muckrock.com URL: https://cdn.muckrock.com/CACHE/css/output.54a1526aa7df.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.116.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-116-73.mia3.r.cloudfront.net Software AmazonS3 / Resource Hash 6fc6e8f223cb7a88d7e0d07af0aa7c45084be3c2b330622c06b5e6c6d9f74768 Request headers Referer https://cdn.muckrock.com/CACHE/css/output.54a1526aa7df.css Origin https://haley.flame.quest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 30 Jan 2024 00:35:33 GMT content-encoding gzip via 1.1 8c0e9a1aadc3a75a523925b4aae73930.cloudfront.net (CloudFront) last-modified Mon, 29 Jan 2024 20:10:16 GMT server AmazonS3 x-amz-cf-pop MIA3-C2 etag W/"ba6cad25afe01d394e830f548a7f94df" x-amz-server-side-encryption AES256 access-control-max-age 3000 access-control-allow-methods GET content-type font/ttf access-control-allow-origin * x-cache Miss from cloudfront vary Accept-Encoding,Origin x-amz-cf-id vSmdylbgxNDDOX0Jz9IEMwmmqHnqpuWxc-WooL-CKlrY5_SSYjO-iQ==
GET H2	200	js Show response www.googletagmanager.com/gtag/	278 KB 91 KB	60ms 56ms	Script application/javascript	2607:f8b0:4004:c07::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-E3Z9FYBT9G&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFBL4F2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 13658925cb5783bc13488c2239b12a3ffb0f0e531e21c4257f84eb63d6f98805 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 30 Jan 2024 00:35:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92954 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 30 Jan 2024 00:35:32 GMT
POST H2	202	event Show response plausible.io/api/	2 B 500 B	608ms 240ms	XHR text/plain	2a02:6ea0:c454::1 CDN77 _
General Check archive.org Show headers Download Go to Full URL https://plausible.io/api/event Requested by Host: plausible.io URL: https://plausible.io/js/script.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain Response headers date Tue, 30 Jan 2024 00:35:33 GMT cdn-edgestorageid 885 cdn-cachedat 01/30/2024 00:35:33 cdn-pullzone 682664 application 10.0.1.5 alt-svc h3=":443"; ma=2592000 content-length 2 x-request-id F6743CcRFRO0HBAqeH8B server BunnyCDN-NY1-885 cdn-proxyver 1.04 cdn-requestpullcode 202 content-type text/plain; charset=utf-8 access-control-allow-origin * cdn-uid 153cb5b1-399a-48ef-b5bf-098c03770254 cache-control must-revalidate, max-age=0, private access-control-allow-credentials true permissions-policy interest-cohort=() cdn-requestid c87f44798a29589810f4f586e40734ed cdn-requestcountrycode US cdn-requestpullsuccess True
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response js.stripe.com/v3/ Frame 0BFE	200 B 1 KB	68ms 66ms	Document text/html	65.8.178.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.8.178.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-8-178-72.mia3.r.cloudfront.net Software Cloudfront / Resource Hash 35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 1591 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 30 Jan 2024 00:09:02 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Thu, 25 Jan 2024 21:05:49 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 285957c614f44b19c6899b907506f070.cloudfront.net (CloudFront) x-amz-cf-id J0pYDNDvl3bw4-WwnxRSijDxe8dLniT-HgUPd_kGkpNCp4yEua0Ifg== x-amz-cf-pop MIA3-C4 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	204	collect www.google-analytics.com/g/	0 255 B	119ms 38ms	Ping text/plain	2607:f8b0:4004:c06::66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-E3Z9FYBT9G&gtm=45je41o0h1v890840621z8811934348&_p=1706574931871&gcd=11l1l1l1l1&dma=0&cid=1633596362.1706574933&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706574932&sct=1&seg=0&dl=https%3A%2F%2Fhaley.flame.quest%2F&dt=MuckRock&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2363 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-E3Z9FYBT9G&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Tue, 30 Jan 2024 00:35:33 GMT server Golfe2 content-type text/plain access-control-allow-origin https://haley.flame.quest cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 0BFE	526 B 1 KB	76ms 76ms	Script text/javascript	65.8.178.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.8.178.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-8-178-72.mia3.r.cloudfront.net Software Cloudfront / Resource Hash ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 30 Jan 2024 00:34:11 GMT via 1.1 285957c614f44b19c6899b907506f070.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31556926; includeSubDomains; preload age 82 x-amz-cf-pop MIA3-C4 x-cache Hit from cloudfront content-length 526 last-modified Wed, 24 Jan 2024 21:59:18 GMT server Cloudfront etag "d96c709017743c0759cf3853d1806ba5" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-amz-cf-id -JVlU3BcL5cDmdyaGRM5ipRZcenfHDvKJnufJuI1rNy2By8Mp0da1Q==
POST H2	200	csp-report q.stripe.com/ Frame 0BFE	0 717 B	303ms 87ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 30 Jan 2024 00:35:33 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1706574933199918 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1706574933199585 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 0BFE	0 718 B	302ms 86ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 30 Jan 2024 00:35:33 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1706574933199775 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1706574933199358 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	inner.html Show response m.stripe.network/ Frame 053E	930 B 2 KB	204ms 56ms	Document text/html	2600:9000:20bf:a800:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20bf:a800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash 947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 81 cache-control max-age=300, public content-length 930 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 30 Jan 2024 00:34:13 GMT etag "06bfcd88af438673a8bf9b845a11aa6e" last-modified Fri, 30 Jun 2023 14:32:28 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 4147caa9bd44f24d893d2277818f3b16.cloudfront.net (CloudFront) x-amz-cf-id x-WR9-1JRNf863kv4_2-PcFroeQfzTRb0MTR8th5spGizWrW2tvQaw== x-amz-cf-pop MIA3-C2 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	200	csp-report q.stripe.com/ Frame 053E	0 491 B	88ms 73ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: haley.flame.quest URL: https://haley.flame.quest/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 30 Jan 2024 00:35:33 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1706574933270718 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin x-stripe-server-envoy-upstream-service-time-ms 0 x-stripe-client-envoy-start-time-us 1706574933269956 cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none expires 0
GET H2	200	out-4.5.43.js Show response m.stripe.network/ Frame 053E	87 KB 14 KB	63ms 48ms	Script text/javascript	2600:9000:20bf:a800:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.43.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20bf:a800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 30 Jan 2024 00:33:22 GMT content-encoding br via 1.1 4147caa9bd44f24d893d2277818f3b16.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload last-modified Fri, 30 Jun 2023 14:32:28 GMT server Cloudfront age 131 x-content-type-options nosniff etag W/"69cb7809b5011312e716f29b3d19dce6" x-amz-cf-pop MIA3-C2 vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 cache-control max-age=300, public x-amz-cf-id t5qDNaAbjYobu24ubRzAPFu1uNR58hD5ZIVvvqIIbtiXIHPc958DFA==
POST H2	200	6 Show response m.stripe.com/ Frame 053E	156 B 670 B	396ms 88ms	XHR application/json	44.240.5.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.5.153 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-5-153.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 01d9cbe94bddffd87c1bac628b2b475f38b63ecfda58c254172fde596df47684 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color green date Tue, 30 Jan 2024 00:35:33 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1706574933791416 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1706574933791097 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| mixpanel object| dataLayer object| google_tag_manager object| google_tag_data object| webpackChunkStripeJSouter function| noop function| Stripe object| yl function| clearImmediate function| setImmediate function| $ function| jQuery object| regeneratorRuntime object| fbLoaded object| fbEditors object| Tabulator function| qq function| plausible function| onYouTubeIframeAPIReady object| gaGlobal object| django function| __dal__initialize

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			haley.flame.quest/	1970-01-21 02:47:04	Name: csrftoken Value: ik8ubhQmIP9GOkPlCsOoikFMvvHZDj5n
			.flame.quest/	1970-01-21 02:48:30	Name: mp_cb133862e3e9d5d75bef0e81b39e8980_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A18d57cae84b5e5-0f2424b9d24166-6b305750-1d4c00-18d57cae84b5e5%22%2C%22%24device_id%22%3A%20%2218d57cae84b5e5-0f2424b9d24166-6b305750-1d4c00-18d57cae84b5e5%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
			.flame.quest/	1970-01-21 03:38:54	Name: _ga_E3Z9FYBT9G Value: GS1.1.1706574932.1.0.1706574932.0.0.0
			.flame.quest/	1970-01-21 03:38:54	Name: _ga Value: GA1.1.1633596362.1706574933
			m.stripe.com/	1970-01-21 03:38:54	Name: m Value: 0bd0e6df-c175-42c7-84ec-0ccdb82c17f44661fa
			.haley.flame.quest/	1970-01-21 02:48:30	Name: __stripe_mid Value: a673b01f-0139-4dc4-b9bf-f759261d051ed635f6
			.haley.flame.quest/	1970-01-20 18:02:56	Name: __stripe_sid Value: 1444eb47-17de-4178-a7c5-482627966eb2fd63e5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.muckrock.com
cdn4.mxpnl.com
haley.flame.quest
js.stripe.com
m.stripe.com
m.stripe.network
plausible.io
q.stripe.com
www.google-analytics.com
www.googletagmanager.com
13.35.116.73
185.47.172.154
2600:9000:20bf:a800:19:7d10:bd80:93a1
2607:f8b0:4004:c06::66
2607:f8b0:4004:c07::61
2a02:6ea0:c454::1
35.186.235.23
44.240.5.153
54.187.159.182
65.8.178.72
01d9cbe94bddffd87c1bac628b2b475f38b63ecfda58c254172fde596df47684
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
13658925cb5783bc13488c2239b12a3ffb0f0e531e21c4257f84eb63d6f98805
1ba456fb912f7cb0f761ea963a468a9aa5a1d0c806fe0940041a4a272b9c8af3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2924602146bebe94f1bcd8625525344c87fe61ebee48afcc77f9bdaacbdff55b
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
36d7c4478ac1fedf351707bb58fe7e27fca9b8885704943ef7d22fb04064a896
3d16f393e8d930af2c2ac60b26ed53bef696f7afd738f6be86dc5c447cbe478f
4984498a86b38efed4dad9ee261067e2fe701e0e736162d7a39c38533387bff8
54a1526aa7df96759bcfe698a8c1ca242ed77d7fc1e9b70ef884dd176c3097db
61a4dc39cc23bdb77c3a0f843ce622de5b720ca3ca2438eefa1a2f32099c6fe2
67e8bc90f1dd18d9471e2d49864f7189bc681c85f2cbe888461022bdbfba3036
6fc6e8f223cb7a88d7e0d07af0aa7c45084be3c2b330622c06b5e6c6d9f74768
8d2c5a67e42e64664987157af99b701bef1d7ca771c7e3a43ae2308a4fe5fbf8
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a2eb38f5b60c6d2b16f5a397e1da44819850e69500c211dd695cc829a46d3e32
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4
ad9bf535fc18d27ba929b766058bf5381649bc3d9092232c00e069f420054232
b021c18449153785bb33819a86245011d7ebd90bc0adc88c8a1b07e8ddfa855a
b0eb2f8f0f8551bd65a3a705419e8df777e85d4b9042a9fbbc97f8e248ce8b52
b11e524832db3629f5d0dbe97a494358271a375217452127eeee73562c4097a8
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bfaf3d14cc7d217c4676affbd01a9799bdc9649c75de76302540ac791f9c6ac1
c519c67236ab1ba0e47f4004899eba95139af995b3490943d8ec5d64014722d6
d6444104b7d507efd3c02ac32436571f3594d4879132ef5109f7606d26069af7
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f132cf30bdef13d77e5d30761ae2921b0df7a9f75327a552dda72f5a822ec5f2