larsjanowski.com Open in urlscan Pro
23.21.157.88 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://janoshi.com/
Effective URL:
https://larsjanowski.com/
Submission: On February 22 via api (February 22nd 2024, 9:21:57 pm UTC) from US — Scanned from US

Summary HTTP 61 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 19 domains to perform 61 HTTP transactions. The main IP is 23.21.157.88, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is larsjanowski.com.
TLS certificate: Issued by R3 on January 5th 2024. Valid for: 3 months.

This is the only time larsjanowski.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:8d8:100f... 2001:8d8:100f:f000::200	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1 1	23.21.234.173 23.21.234.173	14618 (AMAZON-AES) (AMAZON-AES)
6	23.21.157.88 23.21.157.88	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::5f	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
5	2400:52e0:1a0... 2400:52e0:1a00::845:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2606:4700:440... 2606:4700:4400::ac40:9a0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4004:c07::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::71	15169 (GOOGLE) (GOOGLE)
4	54.191.134.212 54.191.134.212	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:21a... 2600:9000:21a2:4200:4:b4b9:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.162.6.155 3.162.6.155	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.5.79.139 3.5.79.139	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::93	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	44.240.111.178 44.240.111.178	16509 (AMAZON-02) (AMAZON-02)
2	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
61	22

1 2001:8d8:100f:f000::200 (Germany) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

janoshi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.234.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-234-173.compute-1.amazonaws.com

larsjanowski.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.21.157.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-157-88.compute-1.amazonaws.com

larsjanowski.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:52e0:1a00::845:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

assets.tidycal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9a0b (United States)

ASN13335 (CLOUDFLARENET, US)

humanobservations.substack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::71 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.191.134.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-134-212.us-west-2.compute.amazonaws.com

tidycal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:21a2:4200:4:b4b9:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

substackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.6.155 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-6-155.yul62.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.79.139 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

public-tidycal.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9d (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:182:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.111.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-111-178.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	stripe.com js.stripe.com — Cisco Umbrella Rank: 1203 m.stripe.com — Cisco Umbrella Rank: 1170 r.stripe.com — Cisco Umbrella Rank: 4280	484 KB
9	substackcdn.com substackcdn.com — Cisco Umbrella Rank: 16689	832 KB
9	tidycal.com assets.tidycal.com — Cisco Umbrella Rank: 683859 tidycal.com — Cisco Umbrella Rank: 481912	550 KB
7	larsjanowski.com 1 redirects larsjanowski.com	119 KB
4	gstatic.com fonts.gstatic.com	86 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	317 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 806 cloudflareinsights.com — Cisco Umbrella Rank: 801	7 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1281	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	72 KB
2	substack.com humanobservations.substack.com	12 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 103	185 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	2 KB
1	amazonaws.com public-tidycal.s3.us-west-2.amazonaws.com	23 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1411	48 KB
1	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 6053	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	255 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	1 KB
1	janoshi.com 1 redirects janoshi.com	227 B
61	19

	Domain	Requested by
9	js.stripe.com	assets.tidycal.com js.stripe.com
9	substackcdn.com	humanobservations.substack.com substackcdn.com
7	larsjanowski.com	1 redirects larsjanowski.com
5	assets.tidycal.com	larsjanowski.com tidycal.com
4	tidycal.com	assets.tidycal.com
4	fonts.gstatic.com	fonts.googleapis.com humanobservations.substack.com
4	www.googletagmanager.com	larsjanowski.com tidycal.com www.googletagmanager.com substackcdn.com
2	r.stripe.com	js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	cloudflareinsights.com	static.cloudflareinsights.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	humanobservations.substack.com	larsjanowski.com humanobservations.substack.com
1	m.stripe.com	m.stripe.network
1	www.facebook.com	tidycal.com
1	www.google.com	larsjanowski.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	public-tidycal.s3.us-west-2.amazonaws.com	tidycal.com
1	www.datadoghq-browser-agent.com	humanobservations.substack.com
1	static.cloudflareinsights.com	humanobservations.substack.com
1	js.sentry-cdn.com	humanobservations.substack.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	larsjanowski.com
1	janoshi.com	1 redirects
61	23

This site contains links to these domains. Also see Links.

Domain
twitter.com
t.me
www.linkedin.com
humanobservations.substack.com
venturekontor.com
exohouses.com
www.insideone.org
www.genalpha.org

Subject Issuer	Validity	Valid
larsjanowski.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
assets.tidycal.com R3	`2024-02-13` - `2024-05-13`	3 months	crt.sh
substack.com Cloudflare Inc ECC CA-3	`2023-09-13` - `2024-09-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tidycal.com Amazon RSA 2048 M02	`2023-10-24` - `2024-11-21`	a year	crt.sh
substackcdn.com Amazon RSA 2048 M02	`2024-02-13` - `2025-03-13`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-12` - `2024-12-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-02` - `2024-03-01`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-01-23` - `2024-12-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://larsjanowski.com/
Frame ID: 111651DFACE0B81F08EC0906F6AF3DFC
Requests: 14 HTTP requests in this frame

Frame: https://humanobservations.substack.com/embed
Frame ID: 8E5A6FC768FCD2BC0C9F21DE222BD373
Requests: 19 HTTP requests in this frame

Frame: https://tidycal.com/lrj/probono?embed=1
Frame ID: A1BB7CF6535E13B23C7DF06A88DADB2B
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-9bf6671fa3ac9c3300348d550d4e6d9e.html
Frame ID: D4290A5028381BD1EC8A9349DEF0C316
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 19CC7676C23576FFE70A589D59D76D78
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 15BEBEEAAA1B60B2BD6A1E091B1D4009
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lars Janowski

Page URL History Show full URLs

http://janoshi.com/ HTTP 302
http://larsjanowski.com/ HTTP 301
https://larsjanowski.com/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

61
Requests

100 %
HTTPS

65 %
IPv6

19
Domains

23
Subdomains

22
IPs

2
Countries

2572 kB
Transfer

9598 kB
Size

6
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/larsjano
Title: Twitter

Search URL Search Domain Scan URL

URL: https://t.me/lrj50
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/larsjano/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://humanobservations.substack.com/
Title: Substack

Search URL Search Domain Scan URL

URL: https://venturekontor.com/
Title: venturekontor.com

Search URL Search Domain Scan URL

URL: https://exohouses.com/
Title: exohouses.com

Search URL Search Domain Scan URL

URL: https://www.insideone.org/
Title: insideone.org

Search URL Search Domain Scan URL

URL: https://www.genalpha.org/
Title: genalpha.org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://janoshi.com/ HTTP 302
http://larsjanowski.com/ HTTP 301
https://larsjanowski.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
larsjanowski.com/
Redirect Chain

http://janoshi.com/
http://larsjanowski.com/
https://larsjanowski.com/

99 KB
18 KB

210ms
103ms

Document
text/html

23.21.157.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://larsjanowski.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.157.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-157-88.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 7ca37416c2a4b826c73407f24a0199740f297eac85698d76af81c43180d1e72d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0
content-encoding: gzip
content-length: 17836
content-type: text/html
date: Thu, 22 Feb 2024 21:21:46 GMT
etag: "18a3c-6114a817b1050-gzip"
expires: Thu, 22 Feb 2024 21:21:46 GMT
last-modified: Tue, 13 Feb 2024 21:59:17 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

content-length: 0
location: https://larsjanowski.com/

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 225ms
116ms Stylesheet
text/css 2607:f8b0:4004:c1f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=Courier+Prime:ital,wght@0,400;0,700;1,400;1,700&family=Archivo:ital,wght@0,300;0,400;1,300;1,400

Requested by

Host: larsjanowski.com
URL: https://larsjanowski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad1424dc5197263fd8ca4e2eac06ae19f9198b25a820ca4e3c4eb8ea8eab2767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://larsjanowski.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Feb 2024 21:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 21:21:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Feb 2024 21:21:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
87 KB 203ms
96ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1YN7SHXRGK

Requested by

Host: larsjanowski.com
URL: https://larsjanowski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3da456ef26b5fdaee9c131d0fac8b6fe2c7b259cebc1f51915ddf1348d6ac1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://larsjanowski.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Feb 2024 21:21:47 GMT

GET
H/1.1 200
OK image01.jpg
larsjanowski.com/assets/images/ 39 KB
39 KB 133ms
96ms Image
image/jpeg 23.21.157.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://larsjanowski.com/assets/images/image01.jpg?v=e717ea12
Requested by: Host: larsjanowski.com
URL: https://larsjanowski.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.157.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-157-88.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 49c1ca6fb11c6947ac2b5ff6674206b052e1628744ec426cefb32caefd4a80be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://larsjanowski.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:47 GMT
last-modified: Tue, 13 Feb 2024 21:38:04 GMT
server: Apache
etag: "9ae1-6114a359b9628"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 39649
expires: Thu, 29 Feb 2024 21:21:47 GMT

GET
H/1.1 200
OK image03.png
larsjanowski.com/assets/images/ 7 KB
7 KB 185ms
81ms Image
image/png 23.21.157.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://larsjanowski.com/assets/images/image03.png?v=e717ea12
Requested by: Host: larsjanowski.com
URL: https://larsjanowski.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.157.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-157-88.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 6c105f3b2ce5777d7437091af98d9bfdea12cdec52778f7fa8708d60c7efb0bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://larsjanowski.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:47 GMT
last-modified: Sat, 03 Feb 2024 19:41:10 GMT
server: Apache
etag: "1a2c-6107f691de1e8"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6700
expires: Thu, 29 Feb 2024 21:21:47 GMT

GET
H/1.1 200
OK image04.png
larsjanowski.com/assets/images/ 17 KB
17 KB 82ms
81ms Image
image/png 23.21.157.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://larsjanowski.com/assets/images/image04.png?v=e717ea12
Requested by: Host: larsjanowski.com
URL: https://larsjanowski.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.157.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-157-88.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 13f0997571731d237690b234f455dba9bccb50bf42bab9e24eb127c3f99013dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://larsjanowski.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:47 GMT
last-modified: Sat, 03 Feb 2024 19:41:10 GMT
server: Apache
etag: "4324-6107f691e37d8"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 17188
expires: Thu, 29 Feb 2024 21:21:47 GMT

GET
H/1.1 200
OK image02.png
larsjanowski.com/assets/images/ 22 KB
23 KB 81ms
81ms Image
image/png 23.21.157.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://larsjanowski.com/assets/images/image02.png?v=e717ea12
Requested by: Host: larsjanowski.com
URL: https://larsjanowski.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.157.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-157-88.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 2c527008110cf34dbad5604822040e4d448102d705047b073fdb810ee9d28748

Request headers

accept-language: en-US,en;q=0.9
Referer: https://larsjanowski.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:47 GMT
last-modified: Sat, 03 Feb 2024 19:41:10 GMT
server: Apache
etag: "5944-6107f691ed418"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 22852
expires: Thu, 29 Feb 2024 21:21:47 GMT

GET
H/1.1 200
OK image06.png
larsjanowski.com/assets/images/ 16 KB
16 KB 121ms
120ms Image
image/png 23.21.157.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://larsjanowski.com/assets/images/image06.png?v=e717ea12
Requested by: Host: larsjanowski.com
URL: https://larsjanowski.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.21.157.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-157-88.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 8b58ff6eb06f1afaeb19519b431f36b097ef5366467862bc0c80ff0b397c0fd8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://larsjanowski.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:47 GMT
last-modified: Sat, 03 Feb 2024 19:41:10 GMT
server: Apache
etag: "3ee1-6107f691e85f8"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16097
expires: Thu, 29 Feb 2024 21:21:47 GMT

GET
H2 200 embed.js Show response
assets.tidycal.com/js/ 28 KB
11 KB 203ms
58ms Script
application/javascript 2400:52e0:1a00::845:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.tidycal.com/js/embed.js
Requested by: Host: larsjanowski.com
URL: https://larsjanowski.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-845 /
Resource Hash: d2ef39a78f17a36b14468be9ac57001248b9a9b79b3fb951431a1a8232399f43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://larsjanowski.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:47 GMT
content-encoding: br
cdn-edgestorageid: 940
cdn-cachedat: 02/08/2024 20:52:47
cdn-pullzone: 440171
last-modified: Tue, 06 Feb 2024 01:46:48 GMT
server: BunnyCDN-IL1-845
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"714e-610acc05cf200"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: ac8a1e7d94bec6f7afe419f309b3afb8
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 embed Show response
humanobservations.substack.com/ Frame 8E5A 41 KB
11 KB 261ms
177ms Document
text/html 2606:4700:4400::ac40:9a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://humanobservations.substack.com/embed

Requested by

Host: larsjanowski.com
URL: https://larsjanowski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1afc001215a95b3bd0260ccd632a90c4898b03ba13d3e7a0ee492327bc111083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://larsjanowski.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: MISS
cf-ray: 859a47deabb79acf-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 22 Feb 2024 21:21:47 GMT
etag: W/"a3c0-lAeB4haQGAse/ceebGVly1XcS8Y"
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cluster: substack
x-deploy: 0d16149ac0
x-powered-by: Express
x-served-by: Substack
x-service: web
x-sub: humanobservations

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f13176dc5a27aa4b80f4ce04050e8d36f2fbbbe59d9149e61a1924e8245ade6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 u-450q2lgwslOqpF_6gQ8kELawFpWg.woff2
fonts.gstatic.com/s/courierprime/v9/ 18 KB
19 KB 160ms
53ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/courierprime/v9/u-450q2lgwslOqpF_6gQ8kELawFpWg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Courier+Prime:ital,wght@0,400;0,700;1,400;1,700&family=Archivo:ital,wght@0,300;0,400;1,300;1,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8761bf3adb57942e0f6bdea353ba81e8a57a44b2c8600cd50387fb3c8fa14a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://larsjanowski.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:55:04 GMT
x-content-type-options: nosniff
age: 48403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18764
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:02:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:55:04 GMT

GET
H2 200 u-4k0q2lgwslOqpF_6gQ8kELY7pMT-Dfqw.woff2
fonts.gstatic.com/s/courierprime/v9/ 19 KB
19 KB 175ms
69ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/courierprime/v9/u-4k0q2lgwslOqpF_6gQ8kELY7pMT-Dfqw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Courier+Prime:ital,wght@0,400;0,700;1,400;1,700&family=Archivo:ital,wght@0,300;0,400;1,300;1,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245905c63307f09a323222a6b08041c22eebf61d906f89475fe8a81cab7ffeff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://larsjanowski.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:37:41 GMT
x-content-type-options: nosniff
age: 49446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19408
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:37:41 GMT

GET
H2 200 k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v19/ 34 KB
35 KB 225ms
118ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivo/v19/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Courier+Prime:ital,wght@0,400;0,700;1,400;1,700&family=Archivo:ital,wght@0,300;0,400;1,300;1,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://larsjanowski.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:47:07 GMT
x-content-type-options: nosniff
age: 48880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35272
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:41:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:47:07 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
255 B 173ms
61ms Ping
text/plain 2607:f8b0:4004:c06::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1YN7SHXRGK&gtm=45je42h0v894115027za200&_p=1708636907204&gcd=13l3l3l3l1&npa=0&dma=0&cid=855064978.1708636907&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=1&sid=1708636907&sct=1&seg=0&dl=https%3A%2F%2Flarsjanowski.com%2F&dt=Lars%20Janowski&en=scroll&_fv=1&_nsi=1&_ss=1&ep.anonymize_ip=true&epn.percent_scrolled=90&tfd=1098
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1YN7SHXRGK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://larsjanowski.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:21:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://larsjanowski.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 probono Show response
tidycal.com/lrj/ Frame A1BB 16 KB
6 KB 353ms
130ms Document
text/html 54.191.134.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tidycal.com/lrj/probono?embed=1
Requested by: Host: assets.tidycal.com
URL: https://assets.tidycal.com/js/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.191.134.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-191-134-212.us-west-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: e6b103ca3661d5ee4b9a86bdd73d6087bb700f56b5b1151f63ea6e91fc767c6a

Request headers

Referer: https://larsjanowski.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 22 Feb 2024 21:21:47 GMT
pragma: no-cache
server: Apache/2.4.38 (Debian)
vary: Accept-Encoding

GET
H2 200 main.6633620aa0d5ff29def4.css
substackcdn.com/bundle/theme/ Frame 8E5A 409 KB
50 KB 341ms
174ms Stylesheet
text/css 2600:9000:21a2:4200:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/theme/main.6633620aa0d5ff29def4.css
Requested by: Host: humanobservations.substack.com
URL: https://humanobservations.substack.com/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:4200:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fb58c85d1f5933e929f572204df3cf9b5b31fef32c8aca3a6c2b8e853acb903

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 19:03:27 GMT
content-encoding: br
via: 1.1 6bc96fcd042709dbc96cdeb6eb80307c.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
age: 8301
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Wed, 21 Aug 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Thu, 22 Feb 2024 19:00:32 GMT
server: AmazonS3
etag: W/"6633620aa0d5ff29def424c4dc3afc55"
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: i_9i4wRrgkJTiPr04rvt5h_KdV2lhBkvpPZ8b1bTsecOeaCZ2Y3jZA==

GET
H2 200 main.9b58bd9c116567d2e663.css
substackcdn.com/bundle/ Frame 8E5A 406 KB
68 KB 246ms
80ms Stylesheet
text/css 2600:9000:21a2:4200:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/main.9b58bd9c116567d2e663.css
Requested by: Host: humanobservations.substack.com
URL: https://humanobservations.substack.com/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:4200:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a6b7f22dc9ec5b3d5a19da3772f31f76035e8e5647552fab157506d48270724

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 18:09:55 GMT
content-encoding: br
via: 1.1 6bc96fcd042709dbc96cdeb6eb80307c.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
age: 11513
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Wed, 21 Aug 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Thu, 22 Feb 2024 18:04:04 GMT
server: AmazonS3
etag: W/"efdf56f5ef0769a6a793ea0a7badb0fb"
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: Su5i41z6MW9WxNtDQJrpjMUVz25nDKjAFmMrULDTWIJun0rjAaYxCg==

GET
H2 200 rnCr-xNNww_2s0amA9M5knjsS_ul.woff2
fonts.gstatic.com/s/spectral/v13/ Frame 8E5A 13 KB
14 KB 55ms
53ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spectral/v13/rnCr-xNNww_2s0amA9M5knjsS_ul.woff2

Requested by

Host: humanobservations.substack.com
URL: https://humanobservations.substack.com/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

478eee9ac68ef242aeda59b8b37b388003eb3eac12af90b8c38fa65d3a34f3a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://humanobservations.substack.com/
Origin: https://humanobservations.substack.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:42:36 GMT
x-content-type-options: nosniff
age: 49151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13780
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 22:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:42:36 GMT

GET
H2 200 https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2Faae625b8-7184-46ba-8659-3ad1e270299f_800x800.png
substackcdn.com/image/fetch/w_170,c_limit,f_auto,q_auto:best,fl_progressive:steep/ Frame 8E5A 18 KB
18 KB 564ms
398ms Image
image/jpeg 2600:9000:21a2:4200:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_170,c_limit,f_auto,q_auto:best,fl_progressive:steep/https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2Faae625b8-7184-46ba-8659-3ad1e270299f_800x800.png

Requested by

Host: humanobservations.substack.com
URL: https://humanobservations.substack.com/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:4200:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

d291bca5eba3bc07bca000d0fd774bb7302688af17fb0a2cf3b6233c2f27ee2d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 11:43:52 GMT
content-security-policy: script-src 'none'
via: 1.1 6bc96fcd042709dbc96cdeb6eb80307c.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
age: 121075
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="aae625b8-7184-46ba-8659-3ad1e270299f_800x800.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 17938
x-request-id: 046NQUuN_Mw254tiryE0G
server: imgproxy
etag: "dTrg-oshAK4ySKs1dRAcVmVrIGvUUTV2yb9jhHodOJk/RIjBlMDIxODNmMDhmN2MwYzYzZjIwMWRlMzYyYThlYzRkIg"
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-id: S3BPDaoyOnFQsKQniH2qantuMXTgSflH7U5tUkDMF50E4JqR8Mmt3w==

GET
H2 200 https%3A%2F%2Fsubstack.com%2Fimg%2Fsubstack_wordmark.black.png
substackcdn.com/image/fetch/w_200,c_limit,f_auto,q_auto:good,fl_progressive:steep/ Frame 8E5A 3 KB
4 KB 383ms
218ms Image
image/png 2600:9000:21a2:4200:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_200,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack.com%2Fimg%2Fsubstack_wordmark.black.png

Requested by

Host: humanobservations.substack.com
URL: https://humanobservations.substack.com/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:4200:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

fd75f8a07fe97547a72567714651409cb00381c822320f534a05a0ff93c2b1fd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 06:32:44 GMT
content-security-policy: script-src 'none'
via: 1.1 6bc96fcd042709dbc96cdeb6eb80307c.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
age: 18197343
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="substack_wordmark.black.png"
alt-svc: h3=":443"; ma=86400
content-length: 3462
x-request-id: -iuLtH7hhnaOfuk3JdQMX
server: imgproxy
etag: "aUSYZOwx8_8DQNfdyad_mCD-kBjyY0l_EvDsr5MS94g/RVy8iM2ZkMC0xODk5NDhiMjAwOCI"
content-type: image/png
cache-control: public, max-age=0
x-amz-cf-id: 2l9NavAkfMEHHyLzuZYIYRFefxqxDKFK8MEisKRc3Vq-q_UrTDHmow==

GET
H2 200 6c2ff3e3828e4017b7faf7b63e24cdf8.min.js Show response
js.sentry-cdn.com/ Frame 8E5A 2 KB
2 KB 85ms
28ms Script
text/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/6c2ff3e3828e4017b7faf7b63e24cdf8.min.js

Requested by

Host: humanobservations.substack.com
URL: https://humanobservations.substack.com/embed

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

42ef3fa579e4449fde3c8d420571e3cdb3d942efc2e7e42518d3056c0ff932bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .sentry.io; style-src 'unsafe-inline' ; media-src ; worker-src blob:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; base-uri 'none'; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; font-src data:; img-src blob: data: *; object-src 'none'; default-src 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=cf4c9d5f454146c04b99a2a7574e85b28cafe39f
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://humanobservations.substack.com/
Origin: https://humanobservations.substack.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.sentry.io; style-src 'unsafe-inline' *; media-src *; worker-src blob:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; base-uri 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; font-src * data:; img-src blob: data: *; object-src 'none'; default-src 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=cf4c9d5f454146c04b99a2a7574e85b28cafe39f
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 21:21:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 22
x-envoy-upstream-service-time: 43
content-length: 1225
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-777b598b54-tl8fd, cache-chi-kigq8000087-CHI, cache-mia-kmia1760054-MIA
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.911a2127bb3ff34a3b47.bundle.js Show response
substackcdn.com/bundle/ Frame 8E5A 2 MB
675 KB 390ms
228ms Script
application/javascript 2600:9000:21a2:4200:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/main.911a2127bb3ff34a3b47.bundle.js
Requested by: Host: humanobservations.substack.com
URL: https://humanobservations.substack.com/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:4200:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f705e541d7be19eec63c9a27b59ac42ac8d7b4309ac0b7a2fb6c51e172addc0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 20:49:20 GMT
content-encoding: br
via: 1.1 6bc96fcd042709dbc96cdeb6eb80307c.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
age: 1948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Wed, 21 Aug 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Thu, 22 Feb 2024 20:37:47 GMT
server: AmazonS3
etag: W/"3f9d6f9372b3cd52613c91365b7fecbc"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 3A6vt8SgPrdmFGwV5HtEzr7qAQASaWVO3rdS8rt1nJRCfopaoTB0Sw==

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame 8E5A 20 KB
7 KB 124ms
67ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: humanobservations.substack.com
URL: https://humanobservations.substack.com/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:47 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 859a47e02eb90a2a-MIA

GET
H2 200 app.css
assets.tidycal.com/css/ Frame A1BB 256 KB
46 KB 63ms
62ms Stylesheet
text/css 2400:52e0:1a00::845:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.tidycal.com/css/app.css?id=2ff4a234870a721154b6f03062d6288e
Requested by: Host: tidycal.com
URL: https://tidycal.com/lrj/probono?embed=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-845 /
Resource Hash: 11f2d9aec4e259de3e1317b7b76e53aec52228afc18ea17e73bd48f719a014c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tidycal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:47 GMT
content-encoding: br
cdn-edgestorageid: 1068
cdn-cachedat: 02/02/2024 19:19:57
cdn-pullzone: 440171
last-modified: Fri, 02 Feb 2024 16:58:04 GMT
server: BunnyCDN-IL1-845
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"40165-6106903f0ff00"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 5ec5fabf4d8fcef57b54d2abbc61da80
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 logo-blue.svg
assets.tidycal.com/img/ Frame A1BB 3 KB
2 KB 140ms
139ms Image
image/svg+xml 2400:52e0:1a00::845:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.tidycal.com/img/logo-blue.svg
Requested by: Host: tidycal.com
URL: https://tidycal.com/lrj/probono?embed=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-845 /
Resource Hash: 8e7c7d74ce120561e56d4dc31f1b556113c069abfbc5d3c74b4cc098c213d8f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tidycal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:47 GMT
content-encoding: br
cdn-edgestorageid: 894
cdn-cachedat: 02/16/2024 19:55:25
cdn-pullzone: 440171
last-modified: Thu, 15 Feb 2024 18:22:56 GMT
server: BunnyCDN-IL1-845
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"cfd-6116fb762a000"
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: 4645e9a36ef850c7237f4880780a0f33
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 booking-page.js Show response
assets.tidycal.com/js/ Frame A1BB 2 MB
474 KB 58ms
57ms Script
application/javascript 2400:52e0:1a00::845:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.tidycal.com/js/booking-page.js?id=b7710dc87575b075c27c11b755f8ef48
Requested by: Host: tidycal.com
URL: https://tidycal.com/lrj/probono?embed=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-845 /
Resource Hash: 99fbce4b721663e0d094d32a99ca0f2fd8e82d3828ee36765000e3594d259818

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tidycal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:47 GMT
content-encoding: br
cdn-edgestorageid: 941
cdn-cachedat: 01/31/2024 03:01:12
cdn-pullzone: 440171
last-modified: Wed, 31 Jan 2024 02:51:17 GMT
server: BunnyCDN-IL1-845
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"235ed0-61034f3ecf340"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: 01689d310767739e7dc25e5b33b1fde3
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame A1BB 185 KB
66 KB 86ms
85ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTZ7CVBL

Requested by

Host: tidycal.com
URL: https://tidycal.com/lrj/probono?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5dbcd152ce18d0290e86aaea4172a8b21a639eeb7f9f98ae034cd72e17415cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tidycal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67251
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Feb 2024 21:21:47 GMT

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ Frame 8E5A 150 KB
48 KB 231ms
80ms Script
application/javascript 3.162.6.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: humanobservations.substack.com
URL: https://humanobservations.substack.com/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.6.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-6-155.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:40 GMT
content-encoding: br
via: 1.1 bf162a8b9bcf17e02f2843479d4278e2.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P2
age: 9
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: BG4j4j6dyCcP4GHERuaYC40kzvRMsmQOV3H-lx14DKu8BAAr_2uEig==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A1BB 263 KB
89 KB 88ms
88ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MDNVPSWCJ1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTZ7CVBL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1aa9358165c6154b88459c068430e7f623a02ce37a1cf05c7302a2569a18a8b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tidycal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91389
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Feb 2024 21:21:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame A1BB 214 KB
58 KB 166ms
56ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTZ7CVBL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tidycal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 22 Feb 2024 21:21:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: +0KsLIFhekFvXxwR9wsUMPPFzEAYVDT8LUceeyV9REgqiDs1MtbpFw4UrfwTOhpOmkYZhKUVdkZu4zCfCW5SsQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 3211.159a2a1652096fd9a948.chunk.js Show response
substackcdn.com/bundle/ Frame 8E5A 9 KB
4 KB 69ms
68ms Script
application/javascript 2600:9000:21a2:4200:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/3211.159a2a1652096fd9a948.chunk.js
Requested by: Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.911a2127bb3ff34a3b47.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a2:4200:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37d75804fd70121fe0e302d16b4a8f6e7fefe9ebdac601e904146e799a059b66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 20:48:54 GMT
content-encoding: br
via: 1.1 6bc96fcd042709dbc96cdeb6eb80307c.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
age: 1975
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Wed, 21 Aug 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Thu, 22 Feb 2024 20:37:47 GMT
server: AmazonS3
etag: W/"27afbe82ace9c2fc7392129812672160"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: smfahLs9UNZxL32vRptOvBnmutWHXbLDBRDYIwsr1Jjvg2cNE8dpFw==

GET
H2 200 firehose
humanobservations.substack.com/api/v1/ Frame 8E5A 35 B
954 B 271ms
270ms Image
image/gif 2606:4700:4400::ac40:9a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://humanobservations.substack.com/api/v1/firehose?_=1708636908645&d=eyJldmVudCI6IlBhZ2VzIiwicHJvcGVydGllcyI6eyJicm93c2VyU2Vzc2lvbklkIjoieGRxYWxibTM2eSIsImlmcmFtZVZpc2l0SWQiOnsiaWQiOiJhYzM5YjExMy01YjE4LTQxMDYtYjM3My0yYjMyZDY0N2U3MDUiLCJ0aW1lc3RhbXAiOiIyMDI0LTAyLTIyVDIxOjIxOjQ4LjUzNloifX0sImNvbnRleHQiOnsiY2xpZW50X3R5cGUiOiJ3ZWIiLCJkaXNwbGF5TW9kZSI6ImJyb3dzZXIiLCJwYWdlIjp7InJlZmVycmVyIjoiaHR0cHM6Ly9sYXJzamFub3dza2kuY29tLyIsInRpdGxlIjoiSHVtYW4gb2JzZXJ2YXRpb25zIGFuZCBvdGhlciBpbnRlbGxlY3R1YWwgY2hhbGxlbmdlcyB8IExhcnMgSmFub3dza2kgfCBTdWJzdGFjayIsInVybCI6Imh0dHBzOi8vaHVtYW5vYnNlcnZhdGlvbnMuc3Vic3RhY2suY29tL2VtYmVkIn0sImNhbXBhaWduIjp7fX19

Requested by

Host: humanobservations.substack.com
URL: https://humanobservations.substack.com/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:48 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 0d16149ac0
cache-control: no-cache
x-service: web
cf-ray: 859a47e74ba09acf-MIA
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H2 200 https%3A%2F%2Fsubstack.com%2Fimg%2Fsubstack_wordmark.png
substackcdn.com/image/fetch/w_200,c_limit,f_auto,q_auto:good,fl_progressive:steep/ Frame 8E5A 4 KB
4 KB 69ms
68ms Image
image/png 2600:9000:21a2:4200:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_200,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack.com%2Fimg%2Fsubstack_wordmark.png

Requested by

Host: humanobservations.substack.com
URL: https://humanobservations.substack.com/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21a2:4200:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

48f288997574a7deec02314a237b4e68765bb729d3f6f8e8981b6336909d1644

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 09:14:01 GMT
content-security-policy: script-src 'none'
via: 1.1 6bc96fcd042709dbc96cdeb6eb80307c.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
age: 9806867
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="substack_wordmark.png"
alt-svc: h3=":443"; ma=86400
content-length: 3762
x-request-id: SsLSr_EoczvaTfQRG4fob
server: imgproxy
etag: "aUSYZOwx8_8DQNfdyad_mCD-kBjyY0l_EvDsr5MS94g/RVy8iNGE0OC0xOGI4N2FkNzIwOCI"
content-type: image/png
cache-control: public, max-age=0
x-amz-cf-id: TUwiQJP7ymSJUnleKZMIc3V_TtVeSrnj_6c19Enb7dLwKx0a60UZ8A==

GET
H2 200 probono Show response
tidycal.com/lrj/ Frame A1BB 21 KB
8 KB 157ms
157ms XHR
application/json 54.191.134.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tidycal.com/lrj/probono?json
Requested by: Host: assets.tidycal.com
URL: https://assets.tidycal.com/js/booking-page.js?id=b7710dc87575b075c27c11b755f8ef48
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.191.134.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-191-134-212.us-west-2.compute.amazonaws.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: f586810ce4dc7b54b762fcee61b781ba9d97fef6ddcaab757b7e3e5eb7489124

Request headers

Accept: application/json, text/plain, */*
Referer: https://tidycal.com/lrj/probono?embed=1
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:21:48 GMT
cache-control: max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
content-encoding: gzip
server: Apache/2.4.38 (Debian)
vary: Accept-Encoding
content-type: application/json

GET
H2 200 v3 Show response
js.stripe.com/ Frame A1BB 600 KB
167 KB 106ms
27ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: assets.tidycal.com
URL: https://assets.tidycal.com/js/booking-page.js?id=b7710dc87575b075c27c11b755f8ef48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d792414c87399fc84822e61710fbe7852fe0855c691bd6edd468b2ebde81551b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tidycal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 21:21:48 GMT
via: 1.1 varnish
age: 34
x-cache: HIT
content-length: 170279
x-request-id: 77ace64a-84a9-4029-90c0-7c7e5cae7e51
x-served-by: cache-mia-kmia1760057-MIA
last-modified: Thu, 22 Feb 2024 19:57:24 GMT
server: Fastly
etag: "a39ce0271102c1f71dff69f95fb9f027"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10

GET
H3 200 987.26e359bfafdb25db21d3.css
substackcdn.com/bundle/ Frame 8E5A 986 B
1 KB 72ms
71ms Stylesheet
text/css 2600:9000:21a2:4200:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/987.26e359bfafdb25db21d3.css
Requested by: Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.911a2127bb3ff34a3b47.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21a2:4200:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d73592368d2c63854a67c5aecb7b6c93e663bd513164e437058da1f423a3afa2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 19:03:30 GMT
via: 1.1 c0216388ff1632eb6c4704890b01eee4.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
age: 8299
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 986
x-amz-expiration: expiry-date="Tue, 20 Aug 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Wed, 21 Feb 2024 18:53:23 GMT
server: AmazonS3
etag: "df2a318476492335f2a02d3469ba3284"
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: 1Dx0IT0yCzZdGCE_70sqd1Ve-yKBSkWvyRukeXWrw_pH1mY0x6KiCg==

GET
H3 200 987.323bcb8bfb42f27a7d80.chunk.js Show response
substackcdn.com/bundle/ Frame 8E5A 19 KB
7 KB 73ms
72ms Script
application/javascript 2600:9000:21a2:4200:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/987.323bcb8bfb42f27a7d80.chunk.js
Requested by: Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.911a2127bb3ff34a3b47.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21a2:4200:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50ecc86ccfd23b0094d32b038af2568d539250d51fab937d62c5d1d2aef2f163

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 20:48:54 GMT
content-encoding: br
via: 1.1 c0216388ff1632eb6c4704890b01eee4.cloudfront.net (CloudFront)
age: 1975
x-amz-cf-pop: YUL62-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Wed, 21 Aug 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Thu, 22 Feb 2024 20:37:47 GMT
server: AmazonS3
etag: W/"f9e581986d1cec54d791b5d13fb43b62"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: d5XJ9xhmjrq_3nNTPLnkEWlCfkpLKsdUHIwt6n-TH-ZMZgDYXW0U1w==

GET
H2 200 1011799288887290 Show response
connect.facebook.net/signals/config/ Frame A1BB 65 KB
14 KB 472ms
471ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1011799288887290?v=2.9.147&r=stable&domain=larsjanowski.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

75e152667e0b179ebe40d6b6b850962a75c5430df5d5c96500620d5862b01fb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tidycal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 22 Feb 2024 21:21:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: DQ88hx1Lwz6EtjmdUJh5BXqMZIBMCQEBJ6qsJRUCsuMFUvZDIx5gl9jGzUzjRggjoGfd6WE+MzjP9Bag265K8g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8E5A 207 KB
75 KB 82ms
79ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer

Requested by

Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.911a2127bb3ff34a3b47.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3028779df9f10ef75c862676aaa54657c588b76b2b3f45a669203fb2fd2144d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76776
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Feb 2024 21:21:49 GMT

POST
H2 204 rum Show response
cloudflareinsights.com/cdn-cgi/ Frame 8E5A 0
37 B 31ms
30ms XHR
text/plain 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://humanobservations.substack.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
content-type: application/json

Response headers

date: Thu, 22 Feb 2024 21:21:49 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://humanobservations.substack.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 859a47e9c8a88dc6-MIA

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 103ms
34ms Preflight
text/plain 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://humanobservations.substack.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://humanobservations.substack.com
access-control-max-age: 86400
cf-ray: 859a47e9984a8dc6-MIA
content-encoding: gzip
content-type: text/plain
date: Thu, 22 Feb 2024 21:21:49 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H/1.1 200
OK u7HEjB0NXHONAHcOVUvApeXP8pov6Vm3hFKjD81v.jpg
public-tidycal.s3.us-west-2.amazonaws.com/profile_pictures/ Frame A1BB 23 KB
23 KB 387ms
161ms Image
image/jpeg 3.5.79.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public-tidycal.s3.us-west-2.amazonaws.com/profile_pictures/u7HEjB0NXHONAHcOVUvApeXP8pov6Vm3hFKjD81v.jpg
Requested by: Host: tidycal.com
URL: https://tidycal.com/lrj/probono?embed=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.79.139 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 04b7ed4f95ab3cf6d8a2f6c74b5ba8e79ce668bbc1343b3f18bc9ceafbb8f994

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tidycal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date: Thu, 22 Feb 2024 21:21:50 GMT
Last-Modified: Tue, 13 Feb 2024 21:32:59 GMT
Server: AmazonS3
x-amz-request-id: ECJHHKQP1ER3GMWW
ETag: "805e4a16a69f9677791b2914b39dcdb3"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 23470
x-amz-id-2: E/n0diVwi2z6OcmXDUrqOyZXxD2SQ3L4Joz6ObfOuW3SSVHo1wdkWyurZoQmU5+a4q76hcJRotQ3N8Y42MxTbg==

GET
H2 200 icon-clock.svg
assets.tidycal.com/img/ Frame A1BB 613 B
772 B 63ms
63ms Image
image/svg+xml 2400:52e0:1a00::845:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.tidycal.com/img/icon-clock.svg
Requested by: Host: tidycal.com
URL: https://tidycal.com/lrj/probono?embed=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-845 /
Resource Hash: 8771345dd9e81cc78e8d95528e91f63f371925319a78b2ae0fbf79fcf5ef8c10

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tidycal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 21:21:49 GMT
content-encoding: br
cdn-edgestorageid: 871
cdn-cachedat: 02/15/2024 08:25:56
cdn-pullzone: 440171
last-modified: Wed, 14 Feb 2024 21:12:50 GMT
server: BunnyCDN-IL1-845
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"265-6115df9275880"
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: public, max-age=2592000
cdn-requestid: 16f46966d02bc64c354a13018dc63248
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 available-bookings Show response
tidycal.com/booking-types/3ezddl0/ Frame A1BB 2 B
2 KB 239ms
238ms XHR
application/json 54.191.134.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tidycal.com/booking-types/3ezddl0/available-bookings?start=2024-02-01T10:00:00.000Z&end=2024-03-01T09:59:59.999Z

Requested by

Host: assets.tidycal.com
URL: https://assets.tidycal.com/js/booking-page.js?id=b7710dc87575b075c27c11b755f8ef48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.191.134.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-134-212.us-west-2.compute.amazonaws.com

Software

Apache/2.4.38 (Debian) /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept: application/json, text/plain, */*
Referer: https://tidycal.com/lrj/probono?embed=1
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:21:49 GMT
content-encoding: gzip
server: Apache/2.4.38 (Debian)
x-frame-options: deny
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private

GET
H2 200 controller-9bf6671fa3ac9c3300348d550d4e6d9e.html Show response
js.stripe.com/v3/ Frame D429 325 B
779 B 28ms
27ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-9bf6671fa3ac9c3300348d550d4e6d9e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4dc66ad48548917da735c917f5905f3551e14a033d191fe8940b5ec66498478e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tidycal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 52
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 22 Feb 2024 21:21:49 GMT
etag: "9bf6671fa3ac9c3300348d550d4e6d9e"
last-modified: Thu, 22 Feb 2024 19:26:18 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 22
x-content-type-options: nosniff
x-request-id: b6eebb1d-7879-49be-b955-e9cad9ebb6ad
x-served-by: cache-mia-kmia1760057-MIA

GET
H2 200 shared-3d9a25cbbae24ed90d7eb674acc0cc52.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D429 535 KB
130 KB 27ms
27ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-3d9a25cbbae24ed90d7eb674acc0cc52.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-9bf6671fa3ac9c3300348d550d4e6d9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

06d57ddcd179276bb5d09241861e15f7bd7aa6e83ef0fa40e672a8bf5a7f555f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/controller-9bf6671fa3ac9c3300348d550d4e6d9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 21:21:49 GMT
via: 1.1 varnish
age: 6771
x-cache: HIT
content-length: 133283
x-request-id: f33e01aa-9d4a-4db2-bd2d-5f78976ad22f
x-served-by: cache-mia-kmia1760057-MIA
last-modified: Thu, 22 Feb 2024 19:26:32 GMT
server: Fastly
etag: "9dce295e627bc6c1a0d60679543368cd"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10

GET
H2 200 controller-1f81ac3092ff970714f92c47a552779a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D429 697 KB
182 KB 37ms
36ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-1f81ac3092ff970714f92c47a552779a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-9bf6671fa3ac9c3300348d550d4e6d9e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

91427f73f984595ec43f106020baeb81425a03b0773d1586e525226cb929ad96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/controller-9bf6671fa3ac9c3300348d550d4e6d9e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 21:21:49 GMT
via: 1.1 varnish
age: 6771
x-cache: HIT
content-length: 186187
x-request-id: b4f250e9-717f-479c-93b5-1be7e869176a
x-served-by: cache-mia-kmia1760057-MIA
last-modified: Thu, 22 Feb 2024 19:26:29 GMT
server: Fastly
etag: "052e5a80ff7bbed04fabac0110538818"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/ Frame 8E5A 2 KB
2 KB 172ms
66ms Script
text/javascript 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/?random=1708636909199&cv=11&fst=1708636909199&bg=ffffff&guid=ON&async=1&gtm=45be42h0v887153041za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhumanobservations.substack.com%2Fembed&ref=https%3A%2F%2Flarsjanowski.com%2F&top=https%3A%2F%2Flarsjanowski.com%2F&hn=www.googleadservices.com&frm=2&tiba=Human%20observations%20and%20other%20intellectual%20challenges%20%7C%20Lars%20Janowski%20%7C%20Substack&npa=0&pscdl=noapi&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ad0bc33f95a9e5a8400f22ca1f6816e6c6278624118dd9820f80fdd8d00c9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame D429 474 B
612 B 82ms
27ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3d9a25cbbae24ed90d7eb674acc0cc52.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1aa2629f393db5974070bf430ec1ea37673b68c7f04f10b4f8165a0780eb7682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-9bf6671fa3ac9c3300348d550d4e6d9e.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 22 Feb 2024 21:21:49 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 44
x-cache: HIT
content-length: 296
x-request-id: 00917bfa-69fb-471f-88a1-58c455bf40a7
x-served-by: cache-mia-kmia1760064-MIA
last-modified: Thu, 22 Feb 2024 19:59:36 GMT
server: Fastly
etag: "fe8ccdc3c57308323fbb34d1b3f4be6e"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 32

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame D429 474 B
371 B 69ms
28ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3d9a25cbbae24ed90d7eb674acc0cc52.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1aa2629f393db5974070bf430ec1ea37673b68c7f04f10b4f8165a0780eb7682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-9bf6671fa3ac9c3300348d550d4e6d9e.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 22 Feb 2024 21:21:49 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 44
x-cache: HIT
content-length: 296
x-request-id: 45dde58e-07d0-402a-8f50-97a44026cf88
x-served-by: cache-mia-kmia1760064-MIA
last-modified: Thu, 22 Feb 2024 19:59:36 GMT
server: Fastly
etag: "fe8ccdc3c57308323fbb34d1b3f4be6e"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 33

GET
H2 200 available-bookings Show response
tidycal.com/booking-types/3ezddl0/ Frame A1BB 2 KB
2 KB 277ms
277ms XHR
application/json 54.191.134.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tidycal.com/booking-types/3ezddl0/available-bookings?start=2024-03-01T10:00:00.000Z&end=2024-04-01T09:59:59.999Z

Requested by

Host: assets.tidycal.com
URL: https://assets.tidycal.com/js/booking-page.js?id=b7710dc87575b075c27c11b755f8ef48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.191.134.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-191-134-212.us-west-2.compute.amazonaws.com

Software

Apache/2.4.38 (Debian) /

Resource Hash

5e72506f607ab491b1bb134e1398a0787d68ea6e9fabc54b3e47c6e8d7bba93c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept: application/json, text/plain, */*
Referer: https://tidycal.com/lrj/probono?embed=1
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:21:49 GMT
content-encoding: gzip
server: Apache/2.4.38 (Debian)
x-frame-options: deny
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private

GET
H2 200 /
www.google.com/pagead/1p-user-list/316245675/ Frame 8E5A 42 B
455 B 173ms
65ms Image
image/gif 2607:f8b0:4004:c17::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/316245675/?random=1708636909199&cv=11&fst=1708635600000&bg=ffffff&guid=ON&async=1&gtm=45be42h0v887153041za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fhumanobservations.substack.com%2Fembed&ref=https%3A%2F%2Flarsjanowski.com%2F&frm=2&tiba=Human%20observations%20and%20other%20intellectual%20challenges%20%7C%20Lars%20Janowski%20%7C%20Substack&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_lwvngCNUjPmKKaGIcGRmaT3sfbQJug&random=757978706&rmt_tld=0&ipr=y

Requested by

Host: larsjanowski.com
URL: https://larsjanowski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://humanobservations.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 21:21:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame A1BB 0
185 B 181ms
61ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1011799288887290&ev=PageView&dl=https%3A%2F%2Ftidycal.com%2Flrj%2Fprobono%3Fembed%3D1&rl=https%3A%2F%2Flarsjanowski.com%2F&if=true&ts=1708636909468&sw=1600&sh=1200&v=2.9.147&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1708636909465.441305918&cs_est=true&ler=other&cdl=API_unavailable&it=1708636908936&coo=false&tm=1&exp=e3&rqm=GET

Requested by

Host: tidycal.com
URL: https://tidycal.com/lrj/probono?embed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tidycal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 22 Feb 2024 21:21:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 19CC 200 B
935 B 28ms
27ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tidycal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3853508
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 22 Feb 2024 21:21:49 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 392580
x-content-type-options: nosniff
x-request-id: 8ff35c70-95c0-4e2c-a763-6e6aa8e34d89
x-served-by: cache-mia-kmia1760057-MIA

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 19CC 526 B
495 B 30ms
28ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 21:21:49 GMT
via: 1.1 varnish
age: 2641553
x-cache: HIT
content-length: 315
x-request-id: c7c7832a-286f-451f-a5a8-ff493a805c6e
x-served-by: cache-mia-kmia1760057-MIA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 371000

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 15BE 930 B
1 KB 28ms
27ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 293
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 22 Feb 2024 21:21:49 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 397
x-content-type-options: nosniff
x-request-id: 6ed4cd68-4469-4bec-a35a-545bd1321b89
x-served-by: cache-mia-kmia1760057-MIA
x-timer: S1708636910.733831,VS0,VE0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 15BE 87 KB
15 KB 31ms
30ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 22 Feb 2024 21:21:49 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 195
x-cache: HIT
content-length: 15509
x-request-id: 6de26a8f-24ed-4c66-af7a-184cf4cb2dca
x-served-by: cache-mia-kmia1760057-MIA
server: Fastly
x-timer: S1708636910.771461,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 284

POST
H2 200 6 Show response
m.stripe.com/ Frame 15BE 156 B
669 B 325ms
110ms XHR
application/json 44.240.111.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.111.178 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-111-178.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

1d0c208ed4c9252b3a6c43c13f38f31f711a2c35b274ca2b8dfc3c28781b9cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 22 Feb 2024 21:21:50 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1708636910111031
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1708636910110545
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 b Show response
r.stripe.com/ Frame D429 0
274 B 328ms
112ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3d9a25cbbae24ed90d7eb674acc0cc52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 22 Feb 2024 21:21:50 GMT
x-stripe-server-envoy-start-time-us: 1708636910641107
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1708636910640629
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame D429 0
275 B 324ms
110ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3d9a25cbbae24ed90d7eb674acc0cc52.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 22 Feb 2024 21:21:50 GMT
x-stripe-server-envoy-start-time-us: 1708636910640780
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1708636910640557
access-control-allow-credentials: true
content-length: 0

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A1BB 176 B
447 B 27ms
27ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tidycal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 21:21:54 GMT
via: 1.1 varnish
age: 1957328
x-cache: HIT
content-length: 127
x-request-id: e9dcb8bb-ed4f-451c-9ea8-0b6b63cae3bf
x-served-by: cache-mia-kmia1760057-MIA
last-modified: Thu, 21 Dec 2023 18:13:43 GMT
server: Fastly
etag: "96f5b26d366f47393b3ff36fe7471474"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 42834

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.larsjanowski.com/	1970-01-21 04:13:16	Name: _ga_1YN7SHXRGK Value: GS1.1.1708636907.1.0.1708636907.0.0.0
.larsjanowski.com/	1970-01-21 04:13:16	Name: _ga Value: GA1.1.855064978.1708636907
.substack.com/	1970-01-20 18:37:18	Name: __cf_bm Value: 8nk5.n23G1hWxWpWEBB8dohuZWOE83IC9NekJF7eWyQ-1708636907-1.0-Ac3XoWFvU8z9mvRQh2T7UebsV3tYUcXtJkjQc+RhJU00MuRmQBIRD2XXMXHYa/htegixHT3N0h0orvoe2XkrwYI=
humanobservations.substack.com/	1970-01-20 18:47:21	Name: AWSALBTGCORS Value: hPyJa5+89dCgrHNNZbXLmv2ly7FUmTcF+1eQzZSwywOFYSM6yVqPeSiUNVZwvzEdodgr8zQSUczsk6PwiuhUd5n6kkhmiQwmG9+/wWHTX2Lr7OfJmrfNPSMLm3ut9VYZuSOwIMEkD6E+If95qYv6y9IOfCxcxkzoO9Y+Uu4qMzMr
.doubleclick.net/	1970-01-20 18:37:17	Name: test_cookie Value: CheckForPermission
m.stripe.com/	1970-01-21 04:13:16	Name: m Value: d88c205f-a0e4-47b4-840d-e3187fd8d7187b8de9

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://larsjanowski.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://larsjanowski.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://larsjanowski.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://larsjanowski.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://larsjanowski.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1011799288887290?v=2.9.147&r=stable&domain=larsjanowski.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://larsjanowski.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.tidycal.com
cloudflareinsights.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
humanobservations.substack.com
janoshi.com
js.sentry-cdn.com
js.stripe.com
larsjanowski.com
m.stripe.com
m.stripe.network
public-tidycal.s3.us-west-2.amazonaws.com
r.stripe.com
static.cloudflareinsights.com
substackcdn.com
tidycal.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
151.101.192.176
2001:8d8:100f:f000::200
23.21.157.88
23.21.234.173
2400:52e0:1a00::845:1
2600:9000:21a2:4200:4:b4b9:d3c0:93a1
2606:4700:4400::ac40:9a0b
2606:4700::6810:3865
2606:4700::6810:3965
2607:f8b0:4004:c06::71
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c08::9d
2607:f8b0:4004:c17::93
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1f::5f
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:600::729
3.162.6.155
3.5.79.139
44.240.111.178
54.187.159.182
54.191.134.212
04b7ed4f95ab3cf6d8a2f6c74b5ba8e79ce668bbc1343b3f18bc9ceafbb8f994
06d57ddcd179276bb5d09241861e15f7bd7aa6e83ef0fa40e672a8bf5a7f555f
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
11f2d9aec4e259de3e1317b7b76e53aec52228afc18ea17e73bd48f719a014c9
13f0997571731d237690b234f455dba9bccb50bf42bab9e24eb127c3f99013dd
1a6b7f22dc9ec5b3d5a19da3772f31f76035e8e5647552fab157506d48270724
1aa2629f393db5974070bf430ec1ea37673b68c7f04f10b4f8165a0780eb7682
1aa9358165c6154b88459c068430e7f623a02ce37a1cf05c7302a2569a18a8b4
1ad0bc33f95a9e5a8400f22ca1f6816e6c6278624118dd9820f80fdd8d00c9d0
1afc001215a95b3bd0260ccd632a90c4898b03ba13d3e7a0ee492327bc111083
1d0c208ed4c9252b3a6c43c13f38f31f711a2c35b274ca2b8dfc3c28781b9cd2
245905c63307f09a323222a6b08041c22eebf61d906f89475fe8a81cab7ffeff
2c527008110cf34dbad5604822040e4d448102d705047b073fdb810ee9d28748
3028779df9f10ef75c862676aaa54657c588b76b2b3f45a669203fb2fd2144d9
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
37d75804fd70121fe0e302d16b4a8f6e7fefe9ebdac601e904146e799a059b66
42ef3fa579e4449fde3c8d420571e3cdb3d942efc2e7e42518d3056c0ff932bf
478eee9ac68ef242aeda59b8b37b388003eb3eac12af90b8c38fa65d3a34f3a9
48f288997574a7deec02314a237b4e68765bb729d3f6f8e8981b6336909d1644
49c1ca6fb11c6947ac2b5ff6674206b052e1628744ec426cefb32caefd4a80be
4dc66ad48548917da735c917f5905f3551e14a033d191fe8940b5ec66498478e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f705e541d7be19eec63c9a27b59ac42ac8d7b4309ac0b7a2fb6c51e172addc0
50ecc86ccfd23b0094d32b038af2568d539250d51fab937d62c5d1d2aef2f163
5dbcd152ce18d0290e86aaea4172a8b21a639eeb7f9f98ae034cd72e17415cb7
5e72506f607ab491b1bb134e1398a0787d68ea6e9fabc54b3e47c6e8d7bba93c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c105f3b2ce5777d7437091af98d9bfdea12cdec52778f7fa8708d60c7efb0bf
6f13176dc5a27aa4b80f4ce04050e8d36f2fbbbe59d9149e61a1924e8245ade6
75e152667e0b179ebe40d6b6b850962a75c5430df5d5c96500620d5862b01fb5
7c59b09511f172d20fbf5feaf7aff9e844460cdb286d8930a1f546b39ed1a5e1
7ca37416c2a4b826c73407f24a0199740f297eac85698d76af81c43180d1e72d
8771345dd9e81cc78e8d95528e91f63f371925319a78b2ae0fbf79fcf5ef8c10
8b58ff6eb06f1afaeb19519b431f36b097ef5366467862bc0c80ff0b397c0fd8
8e7c7d74ce120561e56d4dc31f1b556113c069abfbc5d3c74b4cc098c213d8f1
91427f73f984595ec43f106020baeb81425a03b0773d1586e525226cb929ad96
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
99fbce4b721663e0d094d32a99ca0f2fd8e82d3828ee36765000e3594d259818
9fb58c85d1f5933e929f572204df3cf9b5b31fef32c8aca3a6c2b8e853acb903
ad1424dc5197263fd8ca4e2eac06ae19f9198b25a820ca4e3c4eb8ea8eab2767
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
cb8761bf3adb57942e0f6bdea353ba81e8a57a44b2c8600cd50387fb3c8fa14a
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
d291bca5eba3bc07bca000d0fd774bb7302688af17fb0a2cf3b6233c2f27ee2d
d2ef39a78f17a36b14468be9ac57001248b9a9b79b3fb951431a1a8232399f43
d73592368d2c63854a67c5aecb7b6c93e663bd513164e437058da1f423a3afa2
d792414c87399fc84822e61710fbe7852fe0855c691bd6edd468b2ebde81551b
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b103ca3661d5ee4b9a86bdd73d6087bb700f56b5b1151f63ea6e91fc767c6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3da456ef26b5fdaee9c131d0fac8b6fe2c7b259cebc1f51915ddf1348d6ac1a
f586810ce4dc7b54b762fcee61b781ba9d97fef6ddcaab757b7e3e5eb7489124
fd75f8a07fe97547a72567714651409cb00381c822320f534a05a0ff93c2b1fd

larsjanowski.com Open in urlscan Pro 23.21.157.88 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

65 %IPv6

19 Domains

23 Subdomains

22 IPs

2 Countries

2572 kBTransfer

9598 kBSize

6 Cookies

8 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

larsjanowski.com Open in urlscan Pro
23.21.157.88 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

65 %
IPv6

19
Domains

23
Subdomains

22
IPs

2
Countries

2572 kB
Transfer

9598 kB
Size

6
Cookies

61 HTTP transactions
1 data transactions