foresthistory.org Open in urlscan Pro
192.124.249.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://foresthistory.org/
Effective URL:
https://foresthistory.org/
Submission Tags: tranco_l324
Submission: On March 05 via api (March 5th 2024, 11:58:26 am UTC) from DE — Scanned from DE

Summary HTTP 312 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 21 domains to perform 312 HTTP transactions. The main IP is 192.124.249.62, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is foresthistory.org.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 27th 2023. Valid for: a year.

This is the only time foresthistory.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 94	192.124.249.62 192.124.249.62	30148 (SUCURI-SEC) (SUCURI-SEC)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	104.18.40.153 104.18.40.153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 13	2606:4700:10:... 2606:4700:10::6816:32f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.192.79 18.66.192.79	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
4	2606:4700:303... 2606:4700:3038::6815:eaea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	18.173.154.89 18.173.154.89	16509 (AMAZON-02) (AMAZON-02)
67	99.86.4.122 99.86.4.122	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2013	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c02::5c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:272... 2600:9000:2724:8000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	198.202.176.201 198.202.176.201	16509 (AMAZON-02) (AMAZON-02)
20	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
3	52.35.242.184 52.35.242.184	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:275... 2600:9000:275d:f400:b:1d09:f200:93a1	16509 (AMAZON-02) (AMAZON-02)
4	104.19.219.90 104.19.219.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.19.218.90 104.19.218.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
312	36

94 192.124.249.62 (Menifee, United States) 1 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10062.sucuri.net

foresthistory.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.40.153 (None, )

ASN13335 (CLOUDFLARENET, US)

static.ctctcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::6816:32f9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

donorbox.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-79.muc50.r.cloudfront.net

listgrowth.ctctcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3038::6815:eaea (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-89.muc50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 99.86.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-122.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

code.getmdl.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c02::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2724:8000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.202.176.201 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.35.242.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-242-184.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:275d:f400:b:1d09:f200:93a1 (United States)

ASN16509 (AMAZON-02, US)

b.stripecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.218.90 (None, )

ASN13335 (CLOUDFLARENET, US)

newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	foresthistory.org 1 redirects foresthistory.org	5 MB
92	stripe.com js.stripe.com — Cisco Umbrella Rank: 1155 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5082 r.stripe.com — Cisco Umbrella Rank: 2301 m.stripe.com — Cisco Umbrella Rank: 1134	3 MB
32	google.com www.google.com — Cisco Umbrella Rank: 2 cse.google.com — Cisco Umbrella Rank: 2935 clients1.google.com — Cisco Umbrella Rank: 440 pay.google.com — Cisco Umbrella Rank: 2753 play.google.com — Cisco Umbrella Rank: 33	696 KB
30	gstatic.com fonts.gstatic.com www.gstatic.com maps.gstatic.com	2 MB
13	donorbox.org 1 redirects donorbox.org — Cisco Umbrella Rank: 43496	497 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 maps.googleapis.com — Cisco Umbrella Rank: 374	233 KB
6	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 5514 newassets.hcaptcha.com — Cisco Umbrella Rank: 6729 api.hcaptcha.com — Cisco Umbrella Rank: 6866	439 KB
5	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1274	41 KB
4	rsms.me rsms.me — Cisco Umbrella Rank: 10007	327 KB
4	ctctcdn.com static.ctctcdn.com — Cisco Umbrella Rank: 5561 listgrowth.ctctcdn.com — Cisco Umbrella Rank: 6829	60 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	314 KB
3	stripecdn.com b.stripecdn.com — Cisco Umbrella Rank: 11596	43 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1306 syndication.twitter.com — Cisco Umbrella Rank: 1683	132 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2089	21 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1243	16 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1141	72 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	15 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2760 pixel.wp.com — Cisco Umbrella Rank: 2744	5 KB
1	getmdl.io code.getmdl.io — Cisco Umbrella Rank: 59046	135 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 788	7 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14533	45 KB
312	21

	Domain	Requested by
94	foresthistory.org	1 redirects foresthistory.org client
67	js.stripe.com	donorbox.org js.stripe.com
20	r.stripe.com	js.stripe.com
18	www.gstatic.com	www.google.com www.recaptcha.net www.gstatic.com pay.google.com
14	www.google.com	foresthistory.org cse.google.com www.gstatic.com www.google.com
13	donorbox.org	1 redirects foresthistory.org donorbox.org static.cloudflareinsights.com
12	play.google.com	www.gstatic.com
10	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net foresthistory.org
7	maps.googleapis.com	donorbox.org maps.googleapis.com
5	www.recaptcha.net	donorbox.org www.gstatic.com www.recaptcha.net
4	rsms.me	donorbox.org rsms.me
4	www.googletagmanager.com	foresthistory.org www.googletagmanager.com donorbox.org
3	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
3	b.stripecdn.com	js.stripe.com b.stripecdn.com
3	m.stripe.com	m.stripe.network
3	pay.google.com	js.stripe.com pay.google.com www.gstatic.com
3	static.ctctcdn.com	foresthistory.org static.ctctcdn.com
2	api.hcaptcha.com	newassets.hcaptcha.com
2	merchant-ui-api.stripe.com	js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	maps.gstatic.com	donorbox.org
2	platform.twitter.com	foresthistory.org platform.twitter.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cse.google.com	foresthistory.org www.google.com
2	maxcdn.bootstrapcdn.com	foresthistory.org maxcdn.bootstrapcdn.com
2	cdnjs.cloudflare.com	foresthistory.org
2	fonts.googleapis.com	foresthistory.org donorbox.org
1	hcaptcha.com	b.stripecdn.com
1	code.getmdl.io	donorbox.org
1	static.cloudflareinsights.com	donorbox.org
1	cdn.plaid.com	donorbox.org
1	syndication.twitter.com	platform.twitter.com
1	listgrowth.ctctcdn.com	foresthistory.org
1	clients1.google.com	foresthistory.org
1	region1.google-analytics.com	www.googletagmanager.com
1	pixel.wp.com	foresthistory.org
1	stats.wp.com	foresthistory.org
312	37

This site contains links to these domains. Also see Links.

Domain
prestohost26.inmagic.com
environmentalhistory.net
app.etapestry.com
us02web.zoom.us
youtu.be
www.youtube.com
www.constantcontact.com
www.twitter.com
www.facebook.com
www.flickr.com
www.instagram.com

Subject Issuer	Validity	Valid
foresthistory.org Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
static.ctctcdn.com Cloudflare Inc ECC CA-3	`2023-07-04` - `2024-07-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
donorbox.org E1	`2024-01-31` - `2024-04-30`	3 months	crt.sh
listgrowth.ctctcdn.com Amazon RSA 2048 M02	`2023-03-03` - `2024-03-30`	a year	crt.sh
syndication.twitter.com R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
rsms.me E1	`2024-02-26` - `2024-05-26`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
code.getmdl.io GTS CA 1D4	`2024-02-04` - `2024-05-04`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://foresthistory.org/
Frame ID: D94F3A7D2363423633F74118501F7F5A
Requests: 125 HTTP requests in this frame

Frame: https://donorbox.org/embed/forest-history-society-donate
Frame ID: 3D917F68D19E763983CF9840BAC31B22
Requests: 35 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fforesthistory.org
Frame ID: 2E5C87A39766ACF7ACE793F9DA42151B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&co=aHR0cHM6Ly9mb3Jlc3RoaXN0b3J5Lm9yZzo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=gr2obqzd4cv9
Frame ID: 2E97B30074AA5C1EF555560F164DCFEA
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr
Frame ID: ADDBD46DDF8D37AE10B973ECFE97C19F
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: B48055CE3FA954C576E578125360E44F
Requests: 2 HTTP requests in this frame

Frame: https://donorbox.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
Frame ID: AC8175A23DE69601C4223C7FE1A553A6
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
Frame ID: E3DD10331B4E4668F105E4AEA3EB18AD
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html
Frame ID: D560152EB1A7AEE9A3A5CD67DF10A6DB
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html
Frame ID: 731056FAADF07DAD360573ECE474FF5C
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
Frame ID: DDBE3560C51032C3E6C617481F5617B0
Requests: 19 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
Frame ID: 510C4F87D0796F25CDAF74842B211D41
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
Frame ID: E09F8D4590EC3AAAD7C43F996415347C
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
Frame ID: B33A5E62B0341834AE52930F3F2BBB4F
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
Frame ID: 0AABBDA811F7EA6AD5B79860BD20BF6B
Requests: 9 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=rw5vvp89ikz5
Frame ID: 77933704AE146C2F6AF2972E6D7CEC2F
Requests: 9 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=quzw2pbxhaia
Frame ID: B1ADD870FF917F9E19C0E8BA86229168
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: AF2443415BFE41C4E1473892F1EB3C18
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 4C1B04121AE098F783ED81FF5C4860E7
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-1f6c59c3982eff179fc5d02d754852d5.html
Frame ID: A9A4242164BCCE79C084ACD185410B16
Requests: 2 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.20/HCaptchaInvisible.html?id=2445aec7-0b6e-44ff-8e73-68d7c561ac33&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: 48F7D5631F30EB3FCC2DAD2ED00B4B3B
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html
Frame ID: 99A64518A92F63B6D04776D374356F19
Requests: 8 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=t6p7d5g8thg
Frame ID: 7DAA4E2D93DB3C850BA1EA9C3CF91E2C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Forest History Society - By understanding our past, we shape our future. searchclose donate modal

Page URL History Show full URLs

http://foresthistory.org/ HTTP 301
https://foresthistory.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

312
Requests

99 %
HTTPS

66 %
IPv6

21
Domains

37
Subdomains

36
IPs

4
Countries

12764 kB
Transfer

31721 kB
Size

17
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://prestohost26.inmagic.com/Presto/home/home.aspx
Title: Search Databases

Search URL Search Domain Scan URL

URL: http://prestohost26.inmagic.com/Presto/content/AdvancedSearch.aspx?ctID=YzRmOGVlNDAtMmY0YS00YjI2LTk2ZjYtZjgzMmJlNDk1OWY2
Title: Search Database

Search URL Search Domain Scan URL

URL: http://prestohost26.inmagic.com/Presto/content/AdvancedSearch.aspx?ctID=MmFmOTI5ZTEtNzE2YS00M2Y3LTk4NTUtZjVlYWNlNjVjZWE4
Title: Search Database

Search URL Search Domain Scan URL

URL: http://environmentalhistory.net/
Title: Environmental History Journal

Search URL Search Domain Scan URL

URL: http://prestohost26.inmagic.com/Presto/home/FHSDefault.aspx
Title: Search Databases

Search URL Search Domain Scan URL

URL: https://app.etapestry.com/cart/ForestHistorySociety/default/category.php?ref=4633.0.296101932
Title: Purchase Books & Films

Search URL Search Domain Scan URL

URL: https://app.etapestry.com/onlineforms/ForestHistorySociety/donate.html
Title: Donate

Search URL Search Domain Scan URL

URL: https://us02web.zoom.us/webinar/register/WN_OVHs_nuPT4aE6TbN05E1OQ
Title: Register today!

Search URL Search Domain Scan URL

URL: https://us02web.zoom.us/webinar/register/WN_l8lheaEmQce0rfMuxNh56Q
Title: Register today!

Search URL Search Domain Scan URL

URL: https://youtu.be/R6gdGZqe4V0?si=OaQY3WY4PObxf8-K
Title: It's on YouTube now!

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/foresthistory
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.constantcontact.com/legal/service-provider
Title: Emails are serviced by Constant Contact.

Search URL Search Domain Scan URL

URL: http://www.constantcontact.com/index.jsp?cc=forms_inline

Search URL Search Domain Scan URL

URL: http://www.twitter.com/foresthistory/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/foresthistory/

Search URL Search Domain Scan URL

URL: http://www.youtube.com/foresthistory/

Search URL Search Domain Scan URL

URL: http://www.flickr.com/foresthistory/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/foresthistorysociety/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://foresthistory.org/ HTTP 301
https://foresthistory.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 164

https://donorbox.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://donorbox.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

312 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
foresthistory.org/
Redirect Chain

http://foresthistory.org/
https://foresthistory.org/

699 KB
62 KB

127ms
43ms

Document
text/html

192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

f45615ee02a1efcb9087f96b4c49673fa986cd4db913cba03abfe6b2abd97e7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41549
cache-control: must-revalidate
content-encoding: gzip
content-length: 62678
content-security-policy: upgrade-insecure-requests; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 05 Mar 2024 11:58:16 GMT
last-modified: Tue, 05 Mar 2024 00:05:39 GMT
server: nginx
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
vary: Accept-Encoding, User-Agent
x-backend: varnish_ssl
x-cache: cached
x-cache-hit: HIT
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff nosniff
x-fawn-proc-count: 1,2,24
x-frame-options: SAMEORIGIN
x-php-version: 8.0
x-sucuri-cache: HIT
x-sucuri-id: 15012
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 05 Mar 2024 11:58:16 GMT
Location: https://foresthistory.org/
Server: Sucuri/Cloudproxy
X-Sucuri-ID: 15012

GET
H2 200 reset.css
foresthistory.org/wp-content/themes/fhs2016/styles/ 1 KB
1 KB 467ms
458ms Stylesheet
text/css 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/styles/reset.css

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 27536
x-cache: cached
x-sucuri-cache: REVALIDATED
x-cacheproxy-retries: 0/2
content-length: 615
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 26 Jul 2017 16:40:41 GMT
server: nginx
x-php-version: 8.0
etag: "444-5553b1bcf5c1d-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style-fix.css
foresthistory.org/wp-content/themes/fhs2016/styles/ 5 KB
2 KB 475ms
466ms Stylesheet
text/css 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/styles/style-fix.css

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

ebf9c90828af4132825d1a4e66d9b8896e34aa8438d601a1f633d4c3b6d63b21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 27537
x-cache: cached
x-sucuri-cache: REVALIDATED
x-cacheproxy-retries: 0/2
content-length: 1350
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 24 Aug 2017 17:32:47 GMT
server: nginx
x-php-version: 8.0
etag: "146e-5578337861fc8-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
71 KB 169ms
66ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107572205-1

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01bb2213f5d6e3f92508d32981156c1f83a6c9e09cf4cda560f7acf914d1b89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71792
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 11:58:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 169ms
76ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif:400,700|Libre+Baskerville:400i|Raleway:400,500,600,700,800

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec3504f4ea867e0b5cd06baa921986dfc25a419ea4a52158ae5101656f72b469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 11:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 11:58:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 11:58:17 GMT

GET
H2 200 wpo-minify-header-2c8a2c6e.min.css
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 149 KB
24 KB 609ms
600ms Stylesheet
text/css 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-2c8a2c6e.min.css

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

ce744b894119cc2291561e32baa9eb3322411daeba20f628686a3cf977241abb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 23941
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:41 GMT
server: nginx
x-php-version: 8.0
etag: "252c1-612d70f1f8007-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7-layout.css
foresthistory.org/wp-content/uploads/bb-plugin/cache/ 61 KB
10 KB 486ms
477ms Stylesheet
text/css 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/uploads/bb-plugin/cache/7-layout.css

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

b19772ae9445174ee2d5898ce3b5db794a576162f488ad8d7d5d4f3e18c2682e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 9794
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Tue, 05 Mar 2024 11:51:40 GMT
server: nginx
x-php-version: 8.0
etag: "f3b4-612e8771ba6d9-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-header-88734379.min.css
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 58 KB
12 KB 74ms
66ms Stylesheet
text/css 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-88734379.min.css

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

664fec8cb505055cbe9784b804934c15e380642f3fcdeee800859977cc6ec921

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7069
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 11774
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:16 GMT
server: nginx
x-php-version: 8.0
etag: W/"e8f2-612d70da2d45c-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-header-23fd3bfe.min.css
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 260 KB
43 KB 74ms
66ms Stylesheet
text/css 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-23fd3bfe.min.css

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

604d1a1fd443aafd3143839c74524b73b3670e9d08c548656b73b2a5ea0aa9f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 6625
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 43837
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:39 GMT
server: nginx
x-php-version: 8.0
etag: "4116c-612d70f08d71a-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-header-jquery-core3.7.1.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 86 KB
30 KB 75ms
67ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-jquery-core3.7.1.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

cc6ff37976d1b8447fe846d1815ef5a365b5f5f87bec3f68beb352bf4d5a7ab1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7069
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 30374
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:16 GMT
server: nginx
x-php-version: 8.0
etag: W/"15605-612d70da55119-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-header-jquery-migrate3.4.1.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 13 KB
5 KB 74ms
67ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-jquery-migrate3.4.1.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

9217562c3b9d070ce8971ad1cef82e0bfd8e02a82466798313b8ca3ec6c2f831

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7069
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 4877
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:16 GMT
server: nginx
x-php-version: 8.0
etag: W/"350c-612d70da564a1-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-header-wp-polyfill-inert3.1.2.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 8 KB
3 KB 87ms
80ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-wp-polyfill-inert3.1.2.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

017708743c1840f532bcfa5fc151990362d260eedc3c36e594a5cc88e5793fbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7069
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 2491
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:16 GMT
server: nginx
x-php-version: 8.0
etag: W/"1fef-612d70da56889-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-header-regenerator-runtime0.14.0.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 6 KB
3 KB 87ms
80ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-regenerator-runtime0.14.0.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

f3489cb3face5ed9acb78e4d75cdb0ca31239912bd4188a1fb674e6638e0eb5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7069
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 2510
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:16 GMT
server: nginx
x-php-version: 8.0
etag: W/"19e6-612d70da56c71-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-header-wp-polyfill-inertregenerator-runtimewp-polyfill3.1.20.14.03.15.0.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 112 KB
36 KB 87ms
80ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-wp-polyfill-inertregenerator-runtimewp-polyfill3.1.20.14.03.15.0.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

d233c21fb2a8888b3c91ae4a18649f8e7fd3207a909b05eb22ed06c720feee97

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7069
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 35896
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:16 GMT
server: nginx
x-php-version: 8.0
etag: W/"1c1bb-612d70da57441-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-header-wp-polyfillwp-hooks3.15.0c6aec9a8d4e5a5d543a1.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 5 KB
2 KB 87ms
81ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-wp-polyfillwp-hooks3.15.0c6aec9a8d4e5a5d543a1.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

ae233461c72f5111f981e4865fc7d1c6426ab6153f9a2295eab72b7f2e3384f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7069
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 1571
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:16 GMT
server: nginx
x-php-version: 8.0
etag: W/"1217-612d70da58bb1-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 w.js Show response
stats.wp.com/ 12 KB
5 KB 120ms
39ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/w.js
Requested by: Host: foresthistory.org
URL: https://foresthistory.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 79674b01741c3978417b6b9b4b98d125755e7bb468979d5cd593eac4b94cdb91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Tue, 05 Mar 2024 11:58:17 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/12827-1705538370238.4058
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Fri, 17 Jan 2025 00:49:51 GMT

GET
H2 200 wpo-minify-header-jqueryfue-account-subscriptions3.7.14.9.19.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 542 B
980 B 87ms
81ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-jqueryfue-account-subscriptions3.7.14.9.19.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

b75680733c963f1aa84867ffb7f24efbdee876dadca952f4de484aff1069dd3e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7069
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 344
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:16 GMT
server: nginx
x-php-version: 8.0
etag: W/"21e-612d70da5aed9-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-header-jqueryjquery-blockui3.7.12.7.0-wc.8.6.1.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 9 KB
4 KB 87ms
81ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-jqueryjquery-blockui3.7.12.7.0-wc.8.6.1.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

7586d3325066bd1d3428d409000bb2d3d6c4993a1267522d17e05c729e1e16df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7069
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 3542
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:16 GMT
server: nginx
x-php-version: 8.0
etag: W/"25a8-612d70da5b6a9-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-header-jqueryjquery-blockuiwc-add-to-cart3.7.12.7.0-wc.8.6.18.6.1.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 3 KB
2 KB 87ms
81ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-jqueryjquery-blockuiwc-add-to-cart3.7.12.7.0-wc.8.6.18.6.1.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

01401db122e54a4e6b1c3feb9657ca9c35935e74ac224d9bd1baf18c6f59b378

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7069
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 1113
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:16 GMT
server: nginx
x-php-version: 8.0
etag: W/"bf6-612d70da5be79-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-header-js-cookie2.1.4-wc.8.6.1.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 2 KB
2 KB 88ms
82ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-js-cookie2.1.4-wc.8.6.1.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

c24ffe84a340b34a957c3a4cdd1c501aae9009bedb69377912e766ea0ecb336a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7069
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 984
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:16 GMT
server: nginx
x-php-version: 8.0
etag: W/"739-612d70da5c261-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-header-jqueryjquery-blockuijs-cookiewoocommerce3.7.12.7.0-wc.8.6.12.1.4-wc.8.6.18.6.1.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 2 KB
1 KB 88ms
82ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-jqueryjquery-blockuijs-cookiewoocommerce3.7.12.7.0-wc.8.6.12.1.4-wc.8.6.18.6.1.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

ed7bceabcb074133a80989e56eadf8870fc7a473a405859ed2481c0c28fd8aa9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7069
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 804
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:16 GMT
server: nginx
x-php-version: 8.0
etag: W/"85f-612d70da5ca31-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 responsive.css
foresthistory.org/wp-content/themes/fhs2016/ 31 KB
6 KB 481ms
476ms Stylesheet
text/css 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/responsive.css

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

e3a97c419af00df3f3a305892c79a4acfa2d32e01f0d4f481c4d07a29051361c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 29626
x-cache: cached
x-sucuri-cache: REVALIDATED
x-cacheproxy-retries: 0/2
content-length: 5238
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 24 Aug 2017 17:30:55 GMT
server: nginx
x-php-version: 8.0
etag: "7a29-5578330dc66d2-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.png
foresthistory.org/wp-content/themes/fhs2016/images/ 19 KB
19 KB 88ms
82ms Image
image/png 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/images/logo.png

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

011be1a7d06d64e9a64d43718e308b8948667bb8c9990f1e30fbb24bc8acc792

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 51591
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 19333
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 26 Jul 2017 16:41:25 GMT
server: nginx
x-php-version: 8.0
etag: "4b85-5553b1e6fb214"
x-frame-options: SAMEORIGIN
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
foresthistory.org/wp-content/themes/fhs2016/ 172 KB
25 KB 477ms
471ms Stylesheet
text/css 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/style.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

cd5bec1bbd16068173c15eb357598ed79583e19ceb4163290e77a13736efc497

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 27537
x-cache: cached
x-sucuri-cache: REVALIDATED
x-cacheproxy-retries: 0/2
content-length: 25191
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 12 May 2022 15:19:48 GMT
server: nginx
x-php-version: 8.0
etag: "2b159-5ded216a7f06c-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 intro-image.jpg
foresthistory.org/wp-content/uploads/2016/10/ 132 KB
133 KB 63ms
62ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2016/10/intro-image.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

718952c911402ec66b9fa79cef94802492545f8bdf1b789802542f32e552a888

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:16 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 6288
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 135436
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Tue, 25 Jul 2017 14:19:04 GMT
server: nginx
x-php-version: 8.0
etag: "2110c-55525038328bf"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FHS6571-249x300-portrait-68263f819aee6afdacd5ea8b099c7129-.jpg
foresthistory.org/wp-content/uploads/bb-plugin/cache/ 19 KB
20 KB 601ms
601ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/bb-plugin/cache/FHS6571-249x300-portrait-68263f819aee6afdacd5ea8b099c7129-.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

ff29027eaba5c7183da31a4ff49f9fbaa7708bed36cdf3f91e5f15a8b30c838e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 19868
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 01 Jun 2023 18:51:23 GMT
server: nginx
x-php-version: 8.0
etag: "4d9c-5fd15ec460613"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1910fires-250x300-portrait-3a03b02b7c6539a6e2854fc6d291ff52-.jpg
foresthistory.org/wp-content/uploads/bb-plugin/cache/ 21 KB
22 KB 600ms
599ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/bb-plugin/cache/1910fires-250x300-portrait-3a03b02b7c6539a6e2854fc6d291ff52-.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

b78d169887f33e2c74931f488025a395b10da2de4429654c04f738667dba71b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 21567
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 01 Jun 2023 18:51:23 GMT
server: nginx
x-php-version: 8.0
etag: "543f-5fd15ec467b44"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FHS4767-284x300-portrait-46a74d0fcb4659e7c93e7775d4a11eb5-.jpg
foresthistory.org/wp-content/uploads/bb-plugin/cache/ 17 KB
18 KB 279ms
272ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/bb-plugin/cache/FHS4767-284x300-portrait-46a74d0fcb4659e7c93e7775d4a11eb5-.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

91efe0c645666e35375765c90be70de312586b792922e8c755927e6ae80f0124

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 17537
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 01 Jun 2023 18:51:23 GMT
server: nginx
x-php-version: 8.0
etag: "4481-5fd15ec46f074"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FHS4821-1-284x300-portrait-a6b7f5443f2b291519478dca95b40af8-.jpg
foresthistory.org/wp-content/uploads/bb-plugin/cache/ 21 KB
21 KB 644ms
641ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/bb-plugin/cache/FHS4821-1-284x300-portrait-a6b7f5443f2b291519478dca95b40af8-.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

f59523fc9af0a5e3a873ab795e17eca71e41a82187fc63be3af158847aeeaa48

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 21312
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 01 Jun 2023 18:51:23 GMT
server: nginx
x-php-version: 8.0
etag: "5340-5fd15ec4765a5"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 WeeksAct_1-300x242-portrait-7dc5cbfd78af8e7f30a1ed2568ed866d-.jpg
foresthistory.org/wp-content/uploads/bb-plugin/cache/ 15 KB
16 KB 644ms
641ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/bb-plugin/cache/WeeksAct_1-300x242-portrait-7dc5cbfd78af8e7f30a1ed2568ed866d-.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

833e3d43ac734d24021aa896389a7ea2ec96119dfa15410659799aa5b29eb853

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 15545
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 01 Jun 2023 18:51:23 GMT
server: nginx
x-php-version: 8.0
etag: "3cb9-5fd15ec47c74e"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 log-drive-play_1-214x300-portrait-0dead0456d4abd98514d3db0c21648e2-.jpg
foresthistory.org/wp-content/uploads/bb-plugin/cache/ 22 KB
22 KB 533ms
531ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/bb-plugin/cache/log-drive-play_1-214x300-portrait-0dead0456d4abd98514d3db0c21648e2-.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

7fe31173952fddf73f89e1989949faef573a93f6b48c9431c5145962004a70b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 22233
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 01 Jun 2023 18:51:23 GMT
server: nginx
x-php-version: 8.0
etag: "56d9-5fd15ec483c7e"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 signup-form-widget.min.js Show response
static.ctctcdn.com/js/signup-form-widget/current/ 972 KB
53 KB 138ms
66ms Script
application/javascript 104.18.40.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.min.js
Requested by: Host: foresthistory.org
URL: https://foresthistory.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc75487ea5ae5e6cab27c457ee4bcb5a39ac8938159e46283ca447c516aa9782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 15:34:18 GMT
server: cloudflare
age: 544970
vary: Accept-Encoding,User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 85f9eef149546a78-TXL
content-length: 54153
expires: Thu, 27 Feb 2025 04:09:29 GMT

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 42 KB
10 KB 159ms
53ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1237294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9284
last-modified: Sat, 06 Jan 2024 19:26:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65999b46-2444"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiRrsUGK9Ohhx5nqM62szIyqUSSeu5DIxEVLB1NDRHkLO2zhiYWkEqwVhY2hxvQ501NzHQ2%2Fk2Jq0b8dZlqe4ai6qy6p9PzSFa%2FC%2BgpQNcdXZ2q8G4ow1Z9r2LB0O%2Bhy8nbU5PVg502RErCluv4noRSg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85f9eef18e8b2bd5-FRA
expires: Sun, 23 Feb 2025 11:58:17 GMT

GET
H2 200 wpo-minify-footer-13514626.min.css
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 123 KB
14 KB 301ms
295ms Stylesheet
text/css 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-13514626.min.css

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

012e697e2b92724cfc10b4b5f727215a7ebc1e1e2acb82dcaeb44828de15cecf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 13331
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:43 GMT
server: nginx
x-php-version: 8.0
etag: "1ea87-612d70f3a574c-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 fullscreen-min.js
foresthistory.org/wp-content/plugins/envira-fullscreen/assets/js/min/ 0
0 1179ms
1172ms Script
text/html 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/plugins/envira-fullscreen/assets/js/min/fullscreen-min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: EXPIRED
x-cacheproxy-retries: 0/2
x-xss-protection: 1; mode=block, 1; mode=block
x-php-version: 8.0
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-cache-hit: MISS
x-sucuri-id: 15012
x-fawn-proc-count: 2,7,24
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 wpo-minify-footer-fl-gallery-grid2.7.4.4.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 784 B
1 KB 277ms
271ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-fl-gallery-grid2.7.4.4.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

d29e959c2b240d4c29ff1c54dc20ca64d8d628559710153f911712dd34a2ec28

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 426
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:42 GMT
server: nginx
x-php-version: 8.0
etag: "310-612d70f34ae0a-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-jquery-easing1.4.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 2 KB
1 KB 472ms
466ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-jquery-easing1.4.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

11fed311b8bbc6c0d40c0073999b2202271432931a7d316908d22355f41c79c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 824
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:42 GMT
server: nginx
x-php-version: 8.0
etag: "9ee-612d70f34c57a-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-jquery-fitvids1.2.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 2 KB
1 KB 474ms
468ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-jquery-fitvids1.2.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

90d6dbd3062567180f50cef5cb8d945d122bf82bc214ff2a467f31480863925d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 804
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:42 GMT
server: nginx
x-php-version: 8.0
etag: "6f9-612d70f34d903-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-jquery-bxslider2.7.4.4.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 31 KB
7 KB 475ms
469ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-jquery-bxslider2.7.4.4.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

8ccb44f6ac675a4e2fc8205541c2eedc2f193a162c77e5f8034e0e8c0c53302f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 6964
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:42 GMT
server: nginx
x-php-version: 8.0
etag: "7d03-612d70f358cb4-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7-layout.js Show response
foresthistory.org/wp-content/uploads/bb-plugin/cache/ 52 KB
13 KB 48ms
42ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/uploads/bb-plugin/cache/7-layout.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

ddb556af7474e46dda28fa2a2ffb4d2a5ca42345a33fb936149e639b74d46bc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 192618
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 13009
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 02 Mar 2024 00:50:17 GMT
server: nginx
x-php-version: 8.0
etag: "d09b-612a2e055c3fa-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-recaptcha-v22.4.4.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 2 KB
2 KB 49ms
43ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-recaptcha-v22.4.4.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

5be2bf85b705232bc685e7c86946aef65d7a41c7221380d5980d61c87f481182

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 944
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"76b-612d70dba0dd3-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 156ms
54ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderReCaptcha&render=explicit&ver=2.4.4

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c1cc9ec8126f7ff5055aa2336049adf0899660e88db4815622427f4e6f4820e5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 11:58:17 GMT

GET
H2 200 wpo-minify-footer-ctct_frontend_forms2.4.4.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 4 KB
2 KB 50ms
44ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-ctct_frontend_forms2.4.4.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

7991f4002b3d5ff9b64e26e5107367b88bcc059e21671d73841cb0ec91d955e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 1377
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"e32-612d70dba215b-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-swv5.8.7.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 11 KB
4 KB 51ms
45ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-swv5.8.7.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

b78cd144a4197660e028517c79a8e5d13c0dc38a07d5a57caebc24bacc185412

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 3219
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"2b71-612d70dba7363-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-contact-form-75.8.7.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 13 KB
5 KB 82ms
77ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-contact-form-75.8.7.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

35e22c683e4b0ace93a102c512be16d583558c2cf6bfe2e874894981f3d92903

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 4198
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"3382-612d70dbac56c-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-qppr_frontend_scripts5.2.4.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 2 KB
1 KB 83ms
78ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-qppr_frontend_scripts5.2.4.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

07edf301190a5745c3056264bafb12407c68cc770eab2712698e86c1dedf342a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 544
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"63a-612d70dbae4ac-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-spacexchimp_p008-frontend-js4.46.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 362 B
876 B 84ms
78ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-spacexchimp_p008-frontend-js4.46.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

1b08ac384e54019b85cf1465915d394d303ac0dce344ca1aad37602de17be103

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 240
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"16a-612d70dbb1774-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-fue-front-script4.9.19.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 476 B
908 B 84ms
79ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-fue-front-script4.9.19.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

7a72c35c384e58f7ba4e3a9ec93581e99a45cc1fa2e9ea5f763dbaa1cdd34c59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 272
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"1dc-612d70dbb36b5-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-sourcebuster-js8.6.1.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 14 KB
5 KB 85ms
80ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-sourcebuster-js8.6.1.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

c2588b010b8c97cf994ee71528bda0da3332226d47f7158bb6b96a11d08f2fc4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 4550
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"38a8-612d70dbb4e25-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-wc-order-attribution8.6.1.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 1 KB
1 KB 85ms
80ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-wc-order-attribution8.6.1.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

d4223c8af6559b07a0bdd0fcf6409e763ad8b332128ffade1052a3b0bd02c44f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 778
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"5e9-612d70dbb6d65-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-woocommerce_shipping_table_rate_checkout3.0.37.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 193 B
792 B 88ms
83ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-woocommerce_shipping_table_rate_checkout3.0.37.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

b8c4b192ff81d7aafad1c56a5b7f68f324945bdb63615d0bb62e9fb6ffa008f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 156
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"c1-612d70dbb84d5-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-do-etfw-twitter-widgets1.0.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 416 B
928 B 89ms
85ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-do-etfw-twitter-widgets1.0.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

5a2f054cbb759bf8e3b602a7c2e416054d44603007f84e9718157d26f30bf9a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 292
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"1a0-612d70dbba02d-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-ubermenu3.8.1.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 40 KB
10 KB 91ms
86ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-ubermenu3.8.1.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

33c8d878a61eecb8089da1d263052802341a4162a394d5b28fd4abc197382549

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 9888
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"a1c0-612d70dbbb79d-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-shiftnav1.7.2.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 16 KB
5 KB 92ms
88ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-shiftnav1.7.2.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

51655549ea6c53fd5cd07fdb64041a68f4dd0cb08b1d5a9c251b86e30eb8b64e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 4711
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"414d-612d70dbbd2f6-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-berocket_lmp_js1.2.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 20 KB
5 KB 94ms
89ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-berocket_lmp_js1.2.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

d4c9d8af8973013a915dcc237811fa3cf10f4819aaa39b9b9b3065410d1c548b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7067
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 4050
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:17 GMT
server: nginx
x-php-version: 8.0
etag: W/"5087-612d70dbc4c0e-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-soliloquy-script2.6.6.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 29 KB
9 KB 543ms
539ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-soliloquy-script2.6.6.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

2e79351c933bdf83979b4b7b8aa2d7f0ae14949bf669fa3def952046dc285f05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 9033
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:42 GMT
server: nginx
x-php-version: 8.0
etag: "75b5-612d70f35b7ac-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-envira-gallery-script1.9.10.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 180 KB
50 KB 645ms
641ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-envira-gallery-script1.9.10.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

73f584400ea87e094d291f0e5ac7541f97a4abff5613ff72f5d3f1e3afef97b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 50347
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:42 GMT
server: nginx
x-php-version: 8.0
etag: "2cf1d-612d70f35e2a4-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-envira-albums-script1.7.10.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 15 KB
5 KB 537ms
533ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-envira-albums-script1.7.10.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

8da6c6cad34d3ea1ab694d4ab6f92aa4932aafeef8a47623ff101ef846943ed5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 4483
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:42 GMT
server: nginx
x-php-version: 8.0
etag: "3c19-612d70f361d3d-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-envira-slideshow-script1.3.9.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 431 B
891 B 540ms
536ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-envira-slideshow-script1.3.9.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

0ee9e2147125f0888ff09c3324a0956350e62732fb6a2b08dabcb43020d94321

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 254
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:42 GMT
server: nginx
x-php-version: 8.0
etag: "1af-612d70f390759-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-footer-ajax-load-more7.0.3.min.js Show response
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 141 KB
43 KB 671ms
667ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-ajax-load-more7.0.3.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

3821543a0d5803edf8859a6a965d2b343363dafa34536a284908719384063ddc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 43330
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:42 GMT
server: nginx
x-php-version: 8.0
etag: "234b2-612d70f392a82-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 footer-logo.png
foresthistory.org/wp-content/themes/fhs2016/images/ 21 KB
22 KB 92ms
90ms Image
image/png 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/images/footer-logo.png

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

d5eba8577bf45f4377bf844b6bedecd4e19e869a5e6b12943d98640dd7231eaa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 51592
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 21484
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 26 Jul 2017 16:41:12 GMT
server: nginx
x-php-version: 8.0
etag: "53ec-5553b1da143f3"
x-frame-options: SAMEORIGIN
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.equalheights.min.js Show response
foresthistory.org/wp-content/themes/fhs2016/Scripts/ 467 B
956 B 524ms
520ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/Scripts/jquery.equalheights.min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

9b814101cf60ce8c628991f20ebbb274e1b183600c94ab38c0d31162bbdef34c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 27538
x-cache: cached
x-sucuri-cache: REVALIDATED
x-cacheproxy-retries: 0/2
content-length: 313
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 26 Jul 2017 16:40:28 GMT
server: nginx
x-php-version: 8.0
etag: "1d3-5553b1b05ffb8-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 equalheights-init.js Show response
foresthistory.org/wp-content/themes/fhs2016/Scripts/ 241 B
794 B 528ms
525ms Script
text/javascript 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/Scripts/equalheights-init.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

20057c526da6f66e9c1c2b587c85499ae6615ffaba5b7645ef6272ce913a3c1d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 27538
x-cache: cached
x-sucuri-cache: REVALIDATED
x-cacheproxy-retries: 0/2
content-length: 152
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 26 Jul 2017 16:40:29 GMT
server: nginx
x-php-version: 8.0
etag: "f1-5553b1b1110be-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 161ms
57ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1047
age: 9886117
cdn-cachedat: 10/31/2023 18:58:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 636c547408716b12e0429001e52d27d0
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 85f9eef189cc5c44-FRA
cdn-requestpullsuccess: True

GET
H2 200 print.css
foresthistory.org/wp-content/themes/fhs2016/styles/ 6 KB
2 KB 533ms
531ms Stylesheet
text/css 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/styles/print.css

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

d8777c5a09b351235e2409ecd376c48fb201d11cf4abc9a0d68ddac6c045109a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 27538
x-cache: cached
x-sucuri-cache: REVALIDATED
x-cacheproxy-retries: 0/2
content-length: 1772
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 19 Jan 2023 19:48:59 GMT
server: nginx
x-php-version: 8.0
etag: "17d7-5f2a3395b1f52-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wpo-minify-header-8c531305.min.css
foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/ 7 KB
2 KB 95ms
93ms Stylesheet
text/css 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-8c531305.min.css

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-encoding: gzip
x-cacheable: YES
x-backend: varnish_ssl
age: 7069
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 1181
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 04 Mar 2024 15:05:16 GMT
server: nginx
x-php-version: 8.0
etag: W/"1b83-612d70da2ebcd-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 42ms
40ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.2275569387864158
Requested by: Host: foresthistory.org
URL: https://foresthistory.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 05 Mar 2024 11:58:17 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 193ms
94ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=002211764287670219682:cy2t20h_cd8

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

14c72abd41464695f9e138c16be7560263b368c5668db6580746d370a1f752d8

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-yGCFQwvcitWOGUoGEqzXWQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-yGCFQwvcitWOGUoGEqzXWQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Tue, 05 Mar 2024 11:58:17 GMT
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3080
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=

GET
H2 200 more-arrow.png
foresthistory.org/wp-content/uploads/2016/12/ 2 KB
2 KB 519ms
519ms Image
image/png 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2016/12/more-arrow.png

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/uploads/bb-plugin/cache/7-layout.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

2bad60d9004c514fda44139715edfa08c65e7838883bd084146af6e38b611885

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/uploads/bb-plugin/cache/7-layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 1872
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Tue, 25 Jul 2017 15:02:34 GMT
server: nginx
x-php-version: 8.0
etag: "750-555259f0c181e"
x-frame-options: SAMEORIGIN
content-type: image/png
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FHT_2020_Front_Cover.jpg
foresthistory.org/wp-content/uploads/2021/03/ 406 KB
407 KB 622ms
621ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2021/03/FHT_2020_Front_Cover.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/uploads/bb-plugin/cache/7-layout.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

78e9905ef747cd7be12545688d415c75a17ea6ebe44b75d9f80abead56ab52e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/uploads/bb-plugin/cache/7-layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 415629
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 01 Mar 2024 23:47:14 GMT
server: nginx
x-php-version: 8.0
etag: "6578d-612a1fed4550d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 DSC_8111.jpg
foresthistory.org/wp-content/uploads/2016/12/ 342 KB
343 KB 648ms
648ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2016/12/DSC_8111.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/uploads/bb-plugin/cache/7-layout.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

0a0790d6a4bb58199698d88dd5e401c5b36efe408c9a19c605e7a1b040bada13

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/uploads/bb-plugin/cache/7-layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 350264
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Tue, 25 Jul 2017 14:30:23 GMT
server: nginx
x-php-version: 8.0
etag: "55838-555252bf83462"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 more-arrow-white.png
foresthistory.org/wp-content/uploads/2016/12/ 2 KB
3 KB 75ms
74ms Image
image/png 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2016/12/more-arrow-white.png

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/uploads/bb-plugin/cache/7-layout.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

66eceeb4019d22fb070062d56c33b18128e6c0ba28fec8fa51a5672e80ead65b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/uploads/bb-plugin/cache/7-layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 188450
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 2155
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Tue, 25 Jul 2017 14:44:29 GMT
server: nginx
x-php-version: 8.0
etag: "86b-555255e64483f"
x-frame-options: SAMEORIGIN
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 DSC_7948.jpg
foresthistory.org/wp-content/uploads/2016/12/ 325 KB
325 KB 647ms
647ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2016/12/DSC_7948.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/uploads/bb-plugin/cache/7-layout.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

616c53481d8c7ba1e75e24299da526ff46f0bb421c4a6a5fac883a13e549e305

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/uploads/bb-plugin/cache/7-layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 332331
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Tue, 25 Jul 2017 14:48:27 GMT
server: nginx
x-php-version: 8.0
etag: "5122b-555256c8f2ac7"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 more-arrow.png
foresthistory.org/wp-content/themes/fhs2016/images/ 3 KB
3 KB 503ms
503ms Image
image/png 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/images/more-arrow.png

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/themes/fhs2016/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

8d76d1ced7617819b9840686bfbd54fdf03c7239893c208ba45c4b94a21560d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/themes/fhs2016/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 2963
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 26 Jul 2017 16:41:34 GMT
server: nginx
x-php-version: 8.0
etag: "b93-5553b1ef27e13"
x-frame-options: SAMEORIGIN
content-type: image/png
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 256ms
170ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif:400,700|Libre+Baskerville:400i|Raleway:400,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://foresthistory.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:49:40 GMT
x-content-type-options: nosniff
age: 11317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 08:49:40 GMT

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v19/ 25 KB
25 KB 255ms
169ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif:400,700|Libre+Baskerville:400i|Raleway:400,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://foresthistory.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 13:02:18 GMT
x-content-type-options: nosniff
age: 600959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25980
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:47:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 13:02:18 GMT

GET
H2 200 kmKhZrc3Hgbbcjq75U4uslyuy4kn0qNcWxEQDA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 30 KB
31 KB 132ms
46ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKhZrc3Hgbbcjq75U4uslyuy4kn0qNcWxEQDA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif:400,700|Libre+Baskerville:400i|Raleway:400,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d809e5e194d9762855a81f8e4002da916b66a81ddc4b3fbdaf770ce4aa0fb560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://foresthistory.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:17:52 GMT
x-content-type-options: nosniff
age: 38425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30696
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:09:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 01:17:52 GMT

GET
H2 200 fontawesome-webfont.woff2
foresthistory.org/wp-content/plugins/shiftnav-responsive-mobile-menu/assets/css/fontawesome/fonts/ 75 KB
76 KB 74ms
73ms Font
font/woff2 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-content/plugins/shiftnav-responsive-mobile-menu/assets/css/fontawesome/fonts/fontawesome-webfont.woff2

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-23fd3bfe.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-23fd3bfe.min.css
Origin: https://foresthistory.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 62590
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 77160
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 06 Jan 2023 07:13:46 GMT
server: nginx
x-php-version: 8.0
etag: "12d68-5f1932893ced5"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v19/ 22 KB
22 KB 187ms
101ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif:400,700|Libre+Baskerville:400i|Raleway:400,500,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://foresthistory.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 14:29:59 GMT
x-content-type-options: nosniff
age: 77298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22476
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:19:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 14:29:59 GMT

GET
H2 200 hero-main-1-1420x800_c.jpg
foresthistory.org/wp-content/uploads/2016/10/ 1 MB
1 MB 57ms
57ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2016/10/hero-main-1-1420x800_c.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

cc75d3aea323f5d652afd2918cec8037507d87c799272361aba90d62dfb0cfe3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 44096
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 1057297
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 09 Aug 2017 21:15:18 GMT
server: nginx
x-php-version: 8.0
etag: "102211-5565893aede5b"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 holder.gif
foresthistory.org/wp-content/plugins/soliloquy/assets/css/images/ 35 B
626 B 57ms
57ms Image
image/gif 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/plugins/soliloquy/assets/css/images/holder.gif

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

62b658bca472f4eb438c6384ed624f42a08b19472b29f34cedaad0e2a6372ace

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 20566
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 35
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 16 Jul 2022 23:59:11 GMT
server: nginx
x-php-version: 8.0
etag: "23-5e3f4ebcbb9aa"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Forsling409-1024x986.jpg
foresthistory.org/wp-content/uploads/2022/06/ 122 KB
123 KB 58ms
57ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2022/06/Forsling409-1024x986.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

707c8f473ba1a9a5eb42d1f6f7f452bd888963152e7ae46fd1621dd1f6c635f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 61984
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 125352
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 02 Mar 2024 06:39:41 GMT
server: nginx
x-php-version: 8.0
etag: "1e9a8-612a7c1e02e2d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 EH_Jul2018_cr-1024x674.jpg
foresthistory.org/wp-content/uploads/2017/03/ 105 KB
106 KB 58ms
57ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2017/03/EH_Jul2018_cr-1024x674.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

d0077522bcd4d7b7196bfec21c7e830d80d4515b2f4cba54ab5f24d2190159ae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 107980
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 05 Sep 2018 17:37:33 GMT
server: nginx
x-php-version: 8.0
etag: "1a5cc-575233ac4d78c"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 DSC_7938-1024x684.jpg
foresthistory.org/wp-content/uploads/2016/12/ 90 KB
91 KB 58ms
58ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2016/12/DSC_7938-1024x684.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

6aa0e7d73209d195a5f8b80cebe7a2b5707c5799aac9d17bacfc3c403a0dd690

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 1
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 92671
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Tue, 25 Jul 2017 14:45:13 GMT
server: nginx
x-php-version: 8.0
etag: "169ff-5552561088aa2"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Jamie-Lewis-1-1024x528.jpg
foresthistory.org/wp-content/uploads/2022/06/ 43 KB
44 KB 58ms
58ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2022/06/Jamie-Lewis-1-1024x528.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

faa4182d37f4a876fdefa28b7fca2aa96828bee459d25bbeeee133d16ea767d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 62078
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 44274
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 02 Mar 2024 05:19:09 GMT
server: nginx
x-php-version: 8.0
etag: "acf2-612a6a1dd895a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/8435450f13508ca1/ 318 KB
106 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=002211764287670219682:cy2t20h_cd8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c8cc3cef0d65c2d9912b24f27bd2f42a79d10be8e00439562a3984f90f05bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108214
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 05 Mar 2024 11:58:17 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/8435450f13508ca1/ 41 KB
9 KB 78ms
78ms Stylesheet
text/css 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/8435450f13508ca1/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=002211764287670219682:cy2t20h_cd8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9068
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 05 Mar 2024 11:58:17 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 50ms
50ms Stylesheet
text/css 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=002211764287670219682:cy2t20h_cd8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 05 Mar 2024 12:09:06 GMT

GET
H2 200 underscore-min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/ 16 KB
6 KB 57ms
57ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.8.3/underscore-min.js

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-jquery-core3.7.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 997564
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5303
last-modified: Mon, 04 May 2020 16:17:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04015-4041"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClfrY0KSo5QyIg74mrBC%2FqONbdvR6%2FTxAVaGEhlGXc0SbgLAfa8CtRqQO%2BDXeuBkROpj3uTdDJKGT6%2BZU88%2F4hZcJbqupx5ebl5g8PpaQBKeNB80E%2Bma7osCghutw3aD3PNHOEjDVT5CLHGxLuWly4b3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85f9eef2588e2bd5-FRA
expires: Sun, 23 Feb 2025 11:58:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
82 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-12E6RRK290&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107572205-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37f59c2402a664140fb71c8363102bcd0188fea7f3061685626b84d551ad3a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84263
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 11:58:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 133ms
39ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107572205-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 11:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1176
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Mar 2024 13:38:42 GMT

GET
H2 200 preloader.gif
foresthistory.org/wp-content/plugins/soliloquy/assets/css/images/ 1 KB
2 KB 219ms
212ms Image
image/gif 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/plugins/soliloquy/assets/css/images/preloader.gif

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-13514626.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

e24a1c9677d5df5c74d2691fccf1e65cbb638963ab0fb0feaeb3c38ff880b391

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-13514626.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 1069
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 16 Jul 2022 23:59:10 GMT
server: nginx
x-php-version: 8.0
etag: "42d-5e3f4ebc879d4"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
883 B 50ms
49ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=ctctOnLoadCallback&render=explicit

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-jquery-core3.7.1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

261cbb6d861fa5d0d050d3eb697b87372bbe782a8421fba9db51b3a8a2d0e532

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 11:58:18 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 494 KB
197 KB 137ms
39ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=ctctOnLoadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://foresthistory.org/
Origin: https://foresthistory.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 06:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201116
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 06:44:48 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 151ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-12E6RRK290&gtm=45je42t1v9114855906za220&_p=1709639897577&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1383941077.1709639898&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1709639898&sct=1&seg=0&dl=https%3A%2F%2Fforesthistory.org%2F&dt=Forest%20History%20Society%20-%20By%20understanding%20our%20past%2C%20we%20shape%20our%20future.&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1774
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-12E6RRK290&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 11:58:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://foresthistory.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 46ms
45ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=94627963&t=pageview&_s=1&dl=https%3A%2F%2Fforesthistory.org%2F&ul=en-us&de=UTF-8&dt=Forest%20History%20Society%20-%20By%20understanding%20our%20past%2C%20we%20shape%20our%20future.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1012902218&gjid=348951898&cid=1383941077.1709639898&tid=UA-107572205-1&_gid=347389830.1709639898&_r=1&gtm=457e42t1za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=1731830520

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://foresthistory.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 11:58:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://foresthistory.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 197ms
48ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: foresthistory.org
URL: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-do-etfw-twitter-widgets1.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 11:58:19 GMT
Content-Encoding: gzip
Age: 880
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/674C)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffc8c5bf522003e4762af762c814b29df1f60fd4585029b896d442f7b6dee625

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 admin-ajax.php Show response
foresthistory.org/wp-admin/ 65 B
759 B 935ms
935ms XHR
application/json 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://foresthistory.org/wp-admin/admin-ajax.php?action=alm_get_posts&query_type=standard&id=&post_id=0&slug=home&canonical_url=https%253A%252F%252Fforesthistory.org%252F&posts_per_page=4&page=0&offset=0&post_type=post&repeater=default&seo_start_page=1&category=blog&order=DESC&orderby=date

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-ajax-load-more7.0.3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

5e41fe18034e0aafdb9c29af5228eb621a7d508b0fea8106e6867782566e5324

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://foresthistory.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES:Forced
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: BYPASS
x-cacheproxy-retries: 0/2
content-length: 65
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-php-version: 8.0
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: User-Agent
content-type: application/json; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-cache-hit: MISS
x-sucuri-id: 15012
x-fawn-proc-count: 2,7,24
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 forest-history-society-donate Show response
donorbox.org/embed/ Frame 3D91 67 KB
17 KB 774ms
686ms Document
text/html 2606:4700:10::6816:32f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/embed/forest-history-society-donate

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:32f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5592d8f3d2f11a11caf928faef4d9e00b04b1aaa381d070e8b16b1423447a024

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://foresthistory.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, public, must-revalidate, s-maxage=10800
cf-cache-status: EXPIRED
cf-ray: 85f9eef91efa65bc-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:58:19 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
permissions-policy: speaker-selection=(),ambient-light-sensor=(),magnetometer=(),display-capture=(),midi=()
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709639899&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=G3yFKEiFN2Wg5NUUWWHi%2FsiikUdr1u0s6LBxE1cKOas%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709639899&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=G3yFKEiFN2Wg5NUUWWHi%2FsiikUdr1u0s6LBxE1cKOas%3D
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept, Accept-Language, Origin, Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-dbox-cache-lang: de-DE,de;q=0.9
x-dbox-cache-url: https://donorbox.org/embed/forest-history-society-donate?cf_cache_lang=de
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-request-id: 75234c1f-2bbd-4f19-858b-b54b949636aa
x-runtime: 0.091319
x-xss-protection: 1; mode=block

GET
H2 200 donate.png
foresthistory.org/wp-content/themes/fhs2016/images/ 3 KB
4 KB 45ms
43ms Image
image/png 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/images/donate.png

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/themes/fhs2016/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

92b8d968b3003432ed999ee6e01551e5e268f72bbddd3a63c44d7172958dcfeb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/themes/fhs2016/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 51593
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 3243
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 26 Jul 2017 16:41:00 GMT
server: nginx
x-php-version: 8.0
etag: "cab-5553b1cf48531"
x-frame-options: SAMEORIGIN
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 join-support.png
foresthistory.org/wp-content/themes/fhs2016/images/ 9 KB
9 KB 46ms
44ms Image
image/png 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/images/join-support.png

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/themes/fhs2016/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

45c488cdf0e80b073ed2c729a8f5836101976f8e66d2ea87df605b09d0f4baa3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/themes/fhs2016/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 51593
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 8926
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 26 Jul 2017 16:41:15 GMT
server: nginx
x-php-version: 8.0
etag: "22de-5553b1dd414a4"
x-frame-options: SAMEORIGIN
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mag-glass.png
foresthistory.org/wp-content/themes/fhs2016/images/ 5 KB
5 KB 47ms
45ms Image
image/png 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/images/mag-glass.png

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/themes/fhs2016/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

8653fc7f73da76d37385e380ac2d27748a8204d6ba7ad63421ce583f12f054d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/themes/fhs2016/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 51593
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 4612
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 26 Jul 2017 16:40:54 GMT
server: nginx
x-php-version: 8.0
etag: "1204-5553b1c974b99"
x-frame-options: SAMEORIGIN
content-type: image/png
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 160ms
75ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://foresthistory.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
cdn-cachedat: 10/31/2023 18:48:08
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 66624
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0ec3c15823072cda4b0fa44d37cbf0b6
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 85f9eef91ce22bdc-FRA
cdn-requestpullsuccess: True

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 138 KB
51 KB 74ms
72ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b40916b7251105c0dd82dc3829efd6c9f76dc2729526e51703a861bf000ef79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "14798804679501297626"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Tue, 05 Mar 2024 11:58:19 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/en/ 2 KB
2 KB 40ms
39ms Image
image/png 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ca8050d203fbcb8613c5b13d0bf8cfccb60e97f82334702edd7a48d09489d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:56:11 GMT
x-content-type-options: nosniff
age: 57727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1556
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 21:00:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 04 Mar 2025 19:56:11 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 134ms
46ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: foresthistory.org
URL: https://foresthistory.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 signup-form-widget.css
static.ctctcdn.com/js/signup-form-widget/current/ 36 KB
3 KB 53ms
52ms Stylesheet
text/css 104.18.40.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.css
Requested by: Host: static.ctctcdn.com
URL: https://static.ctctcdn.com/js/signup-form-widget/current/signup-form-widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04ec0263d406e2e385454d1856eec5285a9033f5e4a38c19cebade6e99eb57d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 15 Feb 2023 15:34:18 GMT
server: cloudflare
age: 545593
cf-polished: origSize=51270
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=900, public
x-robots-tag: noindex
cf-ray: 85f9eef8bc4d6a78-TXL
expires: Thu, 27 Feb 2025 04:07:09 GMT

GET
H2 200 a69378770f1bd2787b51c3a42212c6e5.json Show response
listgrowth.ctctcdn.com/v1/ 2 KB
2 KB 802ms
447ms XHR
application/json 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://listgrowth.ctctcdn.com/v1/a69378770f1bd2787b51c3a42212c6e5.json
Requested by: Host: foresthistory.org
URL: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-jquery-core3.7.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-79.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5a7986184453ab9eddadd80c56f0cfd10ac22196192ae6b468919a942fe6ba9

Request headers

Accept: */*
Referer: https://foresthistory.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: qudeapNQrYZLxM2.cX6h.62_z6sf492p
content-encoding: gzip
via: 1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
date: Tue, 05 Mar 2024 11:58:20 GMT
x-amz-request-id: 5H3MMMJBCEZ8RQJ0
x-amz-cf-pop: MUC50-P1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: 6YfF1btVhYNyaGFfIfHiFzBD4LEBInfrJqSFT9DqqsHgqgqvcUNQZR733Yd9bzpH5ZXPnLBaKNA=
recaptcha-key: 6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr
last-modified: Wed, 10 Feb 2021 00:40:55 GMT
server: AmazonS3
etag: W/"d7db4027989f5fa4dae169d70fd4b1dd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: recaptcha-key
cache-control: max-age=5
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: bxIsu3P6P7p7r-gFIQKXln-5gq6mwug0IY_BGZKV8z_X0DvKAXLoKw==

GET
H2 200 bx_loader.gif
foresthistory.org/wp-content/plugins/bb-plugin/img/bxslider/ 8 KB
9 KB 196ms
191ms Image
image/gif 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/plugins/bb-plugin/img/bxslider/bx_loader.gif

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-2c8a2c6e.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-header-2c8a2c6e.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 8581
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Thu, 29 Feb 2024 18:06:30 GMT
server: nginx
x-php-version: 8.0
etag: "2185-612891e6b2d40"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slider-arrows.png
foresthistory.org/wp-content/themes/fhs2016/images/ 1 KB
2 KB 190ms
190ms Image
image/png 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/images/slider-arrows.png

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/themes/fhs2016/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

b7f75c9a1469a382c2286b4373588afe0255b86b3418803531bc05a0510f9d02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/themes/fhs2016/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 1342
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 26 Jul 2017 16:41:29 GMT
server: nginx
x-php-version: 8.0
etag: "53e-5553b1eb0a2b4"
x-frame-options: SAMEORIGIN
content-type: image/png
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 circle.png
foresthistory.org/wp-content/plugins/soliloquy/assets/css/images/ 196 B
798 B 189ms
188ms Image
image/png 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/plugins/soliloquy/assets/css/images/circle.png

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-13514626.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

31aa4e6fc6bf55de7f8db1bba3a1a2b7801f8033e78c3e303fc39cd5719357c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-13514626.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 196
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 16 Jul 2022 23:59:10 GMT
server: nginx
x-php-version: 8.0
etag: "c4-5e3f4ebc9e4ee"
x-frame-options: SAMEORIGIN
content-type: image/png
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 circle-hover.png
foresthistory.org/wp-content/plugins/soliloquy/assets/css/images/ 180 B
782 B 469ms
468ms Image
image/png 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/plugins/soliloquy/assets/css/images/circle-hover.png

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-13514626.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

6a26acdce0067282383fca3761b5d5cbcaf2486bb745cfc53b10d654f44499c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/cache/wpo-minify/1709564712/assets/wpo-minify-footer-13514626.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 180
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 16 Jul 2022 23:59:10 GMT
server: nginx
x-php-version: 8.0
etag: "b4-5e3f4ebc85144"
x-frame-options: SAMEORIGIN
content-type: image/png
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2024-Amygodine-HP-slider-1420x800_c.jpg
foresthistory.org/wp-content/uploads/2024/02/ 200 KB
201 KB 729ms
728ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2024/02/2024-Amygodine-HP-slider-1420x800_c.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

64ae2d4107bb537565785e5fb320b787cd3a0d4701bb22db1866ded28797a750

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 204841
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 02 Mar 2024 06:52:56 GMT
server: nginx
x-php-version: 8.0
etag: "32029-612a7f13b0f16"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Home-slider-final-gimp-blank-1-1420x800_c.jpg
foresthistory.org/wp-content/uploads/2016/10/ 566 KB
568 KB 728ms
728ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2016/10/Home-slider-final-gimp-blank-1-1420x800_c.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

1e5c66e74558c3d802ed1771873252457ea4a164ccd44aa8f635e66751cdc8fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 579885
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 02 Mar 2024 06:52:24 GMT
server: nginx
x-php-version: 8.0
etag: "8d92d-612a7ef561f58"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2024-JasonBrown-HP-slider-1420x800_c.jpg
foresthistory.org/wp-content/uploads/2024/02/ 184 KB
185 KB 729ms
728ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2024/02/2024-JasonBrown-HP-slider-1420x800_c.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

a1ba38ebc00e90c8e6807f9b55d41bf3c53484448b5ea5f0b1a5ba80081ca3ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 188737
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 02 Mar 2024 06:53:05 GMT
server: nginx
x-php-version: 8.0
etag: "2e141-612a7f1c0f162"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2024-Katie-Levin-HP-slider-1420x800_c.jpg
foresthistory.org/wp-content/uploads/2016/10/ 239 KB
240 KB 729ms
729ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2016/10/2024-Katie-Levin-HP-slider-1420x800_c.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

7ac43843183a82259cf5119ed253909aceff5bf9d4e022d7334a4ec8edb1a98a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 245073
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Sat, 02 Mar 2024 06:52:47 GMT
server: nginx
x-php-version: 8.0
etag: "3bd51-612a7f0b8594f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FHS4062-1-1420x800_c.jpg
foresthistory.org/wp-content/uploads/2016/10/ 645 KB
646 KB 729ms
729ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2016/10/FHS4062-1-1420x800_c.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

a0e66d0e41616f58c789e161601de897c7938ba5940ac5346648a31d0d2315ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 660582
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 09 Aug 2017 21:15:18 GMT
server: nginx
x-php-version: 8.0
etag: "a1466-5565893b79279"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 R9_162572-180x250_c.jpg
foresthistory.org/wp-content/uploads/2017/02/ 30 KB
30 KB 81ms
80ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2017/02/R9_162572-180x250_c.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

48f28b53674103f55c0db3450e3e5ffe8b9bd97ffebea1835b16c6546320bf57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 44097
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 30309
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 06 Dec 2021 23:31:08 GMT
server: nginx
x-php-version: 8.0
etag: "7665-5d282a6bdddd0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FHS3256-180x250_c.jpg
foresthistory.org/wp-content/uploads/2017/02/ 28 KB
28 KB 83ms
82ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2017/02/FHS3256-180x250_c.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

2a8f4f190683b43293be4f24e69de0c56d2dba037a7ae8943162cedc5221045b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 44097
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 28244
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 28 Dec 2018 18:27:07 GMT
server: nginx
x-php-version: 8.0
etag: "6e54-57e1935e6961b"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FHS3688-180x250_c.jpg
foresthistory.org/wp-content/uploads/2017/01/ 33 KB
34 KB 84ms
83ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2017/01/FHS3688-180x250_c.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

d8e11fd0943858cacc2efe95e013aa6674903af281ba8fa1a92a390f391779d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 193521
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 33771
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Fri, 28 Dec 2018 18:35:22 GMT
server: nginx
x-php-version: 8.0
etag: "83eb-57e195369aefe"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FHS494-180x250_c.jpg
foresthistory.org/wp-content/uploads/2017/02/ 27 KB
28 KB 86ms
84ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2017/02/FHS494-180x250_c.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

cd2166f9cb6e6d8b914d6a2e2f9b53f7638e654cad3b7644d8abaa8b1759c0a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 171706
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 27814
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 06 Dec 2021 23:31:15 GMT
server: nginx
x-php-version: 8.0
etag: "6ca6-5d282a728b8b4"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FHS3208-180x250_c.jpg
foresthistory.org/wp-content/uploads/2017/10/ 34 KB
35 KB 86ms
86ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2017/10/FHS3208-180x250_c.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

ad84ac80d6b7a8005c8f4ecaec83a6ffc1a5b5790b95dbc412568d8b08cdc9ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 44097
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 34785
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 06 Dec 2021 23:31:16 GMT
server: nginx
x-php-version: 8.0
etag: "87e1-5d282a7365ec1"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 FHS6401-180x250_c.jpg
foresthistory.org/wp-content/uploads/2017/11/ 33 KB
34 KB 87ms
87ms Image
image/jpeg 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/uploads/2017/11/FHS6401-180x250_c.jpg

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

aad054d9bcd13d27ae995c481a859df62b5f0cfd73cf82afbb278dd490d09d8c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:18 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 44097
x-cache: cached
x-sucuri-cache: HIT
x-cacheproxy-retries: 0/2
content-length: 34047
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Mon, 06 Dec 2021 23:31:17 GMT
server: nginx
x-php-version: 8.0
etag: "84ff-5d282a7478610"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cache-hit: HIT
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame 2E5C 319 KB
104 KB 58ms
56ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fforesthistory.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://foresthistory.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 7324594
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Tue, 05 Mar 2024 11:58:19 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 2E5C 869 B
658 B 252ms
156ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=fe603ebbf6f5fd3616314120ac18bbba5fb22a52

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fforesthistory.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time: 116
date: Tue, 05 Mar 2024 11:58:18 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 05 Mar 2024 11:58:19 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 903b600e6034471f
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: 6141479f475574cafe10aba084682054ca1d437b5c8a104f657b4d06c0f1c099
content-length: 337

GET
H2 200 inter.css
rsms.me/inter/ Frame 3D91 7 KB
1 KB 175ms
62ms Stylesheet
text/css 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 3b68b4ae31aa584ba266867902c725c117c5bf90
date: Tue, 05 Mar 2024 11:58:19 GMT
via: 1.1 varnish
content-encoding: br
expires: Tue, 05 Mar 2024 05:29:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 198
x-cache: HIT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-vie6344-VIE
last-modified: Mon, 20 Nov 2023 16:23:05 GMT
server: cloudflare
x-github-request-id: 2386:4538:19E65E:1A3E29:655B88AF
x-timer: S1701146237.973689,VS0,VE1
etag: W/"655b87e9-1b8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSqWDKJWnNq4TnXvLVnO9%2BqM6XxnCyqzgo%2B4Ux4BQ01sRsRiosDQSPs%2B8Lkr1jQJbZ66ucQhYgm%2BRwHjoc7Jn%2BJUBm7svnk7SmiW6OkhKEaTr3UIafKj%2FHcUTO1lqyecJskISPFb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 85f9eefe4d79c212-VIE
x-cache-hits: 1

GET
H2 200 application_embed-a4e06c89a55da316ccaad373fd5691c959ca6b1d9673c3ebe923a7f0f6c0676c.css
donorbox.org/assets/ Frame 3D91 476 KB
66 KB 74ms
71ms Stylesheet
text/css 2606:4700:10::6816:32f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/assets/application_embed-a4e06c89a55da316ccaad373fd5691c959ca6b1d9673c3ebe923a7f0f6c0676c.css

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:32f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dbff7662e9c81c2ccfb66649890710c47fcb8349713648f61ce04bcf35c9658

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/forest-history-society-donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security: max-age=63072000; includeSubDomains
age: 3288
content-length: 67520
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709629381&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=M8iajd%2BMJwJ%2BE4F2fn0q4yrGjS18UXnMKN9Itoadgrg%3D
last-modified: Fri, 16 Feb 2024 18:43:58 GMT
server: cloudflare
vary: Accept-Encoding, Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709629381&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=M8iajd%2BMJwJ%2BE4F2fn0q4yrGjS18UXnMKN9Itoadgrg%3D"}]}
content-type: text/css
accept-ranges: bytes
cf-ray: 85f9eefd8daa65bc-FRA

GET
H2 200 apple-pay-logo-8defa2d27c9ce10d3ff68fd1e9d452aacf5a9f2dd68b4c185a45dbab9c1b1380.png
donorbox.org/assets/ Frame 3D91 3 KB
3 KB 121ms
117ms Image
image/png 2606:4700:10::6816:32f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/apple-pay-logo-8defa2d27c9ce10d3ff68fd1e9d452aacf5a9f2dd68b4c185a45dbab9c1b1380.png

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:32f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbb15691847a9d00cccde29feffb123265276d22f209d0371183dd19af854a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/forest-history-society-donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Thu, 06 Oct 2022 15:22:24 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
age: 3288
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709629379&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=WW4xuNwIDzPaQF5gm9yTnRLCt9A1BYPdTxRpVOEk0PU%3D"}]}
content-type: image/png
accept-ranges: bytes
cf-ray: 85f9eefd8daf65bc-FRA
content-length: 2634
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709629379&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=WW4xuNwIDzPaQF5gm9yTnRLCt9A1BYPdTxRpVOEk0PU%3D

GET
H2 200 google-pay-logo-5741c955d2352ce45c46aea3079731bf4cb4e7554086a0b9131bd8b0e111f0fb.png
donorbox.org/assets/ Frame 3D91 3 KB
3 KB 121ms
118ms Image
image/png 2606:4700:10::6816:32f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/google-pay-logo-5741c955d2352ce45c46aea3079731bf4cb4e7554086a0b9131bd8b0e111f0fb.png

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:32f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab7f07d2c342be5bc2dde8a358ddbf84adf615590e22bc2a5a0cde7daee383a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/forest-history-society-donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Thu, 06 Oct 2022 15:22:24 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
age: 3288
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709629381&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=M8iajd%2BMJwJ%2BE4F2fn0q4yrGjS18UXnMKN9Itoadgrg%3D"}]}
content-type: image/png
accept-ranges: bytes
cf-ray: 85f9eefd8db265bc-FRA
content-length: 3404
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709629381&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=M8iajd%2BMJwJ%2BE4F2fn0q4yrGjS18UXnMKN9Itoadgrg%3D

GET
H2 200 cc-cb5445759a11316084fef676f9f2f1f049f630a7db8322e1f6df9a5bb4ac91d6.svg
donorbox.org/assets/widget-tab-icons/ Frame 3D91 554 B
621 B 72ms
69ms Image
image/svg+xml 2606:4700:10::6816:32f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/widget-tab-icons/cc-cb5445759a11316084fef676f9f2f1f049f630a7db8322e1f6df9a5bb4ac91d6.svg

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:32f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07b30766cc1afb6bbf525cfd253b5004ba328d55c66231a4eff57994d7786d7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/forest-history-society-donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Mon, 17 Jul 2023 12:56:47 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
age: 3288
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709629379&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=WW4xuNwIDzPaQF5gm9yTnRLCt9A1BYPdTxRpVOEk0PU%3D"}]}
content-type: image/svg+xml
content-encoding: gzip
cf-ray: 85f9eefd8db565bc-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709629379&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=WW4xuNwIDzPaQF5gm9yTnRLCt9A1BYPdTxRpVOEk0PU%3D

GET
H2 200 bank-c3e7c9c1d57b401c43d2146596304afc3bc47ee7ee9a933566df903c2d06ee0d.svg
donorbox.org/assets/widget-tab-icons/ Frame 3D91 1003 B
747 B 70ms
67ms Image
image/svg+xml 2606:4700:10::6816:32f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/widget-tab-icons/bank-c3e7c9c1d57b401c43d2146596304afc3bc47ee7ee9a933566df903c2d06ee0d.svg

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:32f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3427cd17c2fd03b97361719b425535ed77398fc90dbc7d2851eed28f8cbc416

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/forest-history-society-donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Mon, 17 Jul 2023 12:56:47 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
age: 3160
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709629419&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=pFrVBcHqcGVXsrcQ0yWg07TWW74c%2BFr4Gy3FXlEdW%2FI%3D"}]}
content-type: image/svg+xml
content-encoding: gzip
cf-ray: 85f9eefd8db865bc-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709629419&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=pFrVBcHqcGVXsrcQ0yWg07TWW74c%2BFr4Gy3FXlEdW%2FI%3D

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ Frame 3D91 1 KB
1 KB 148ms
53ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

72ef5c242e9e720a8a938edd8fe0d9aefdafaa945336ed66b9d15a50022be958

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 11:58:19 GMT

GET
H2 200 cc-cvc-f02c13e7dcec5aa08988cad4a936831264fee830bc3a98ad3168f102587bcdf1.png
donorbox.org/assets/ Frame 3D91 4 KB
4 KB 120ms
117ms Image
image/png 2606:4700:10::6816:32f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/cc-cvc-f02c13e7dcec5aa08988cad4a936831264fee830bc3a98ad3168f102587bcdf1.png

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:32f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93378c6a055ba88a98e4103e5e69223de732a96d649bf122de263af0748c639c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/forest-history-society-donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Thu, 06 Oct 2022 15:22:24 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
age: 3288
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709629379&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=WW4xuNwIDzPaQF5gm9yTnRLCt9A1BYPdTxRpVOEk0PU%3D"}]}
content-type: image/png
accept-ranges: bytes
cf-ray: 85f9eefd9db965bc-FRA
content-length: 4098
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709629379&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=WW4xuNwIDzPaQF5gm9yTnRLCt9A1BYPdTxRpVOEk0PU%3D

GET
H2 200 bank-icon-e3f22a674a6ff85431709152c9344c959c165406d2fffcc761758de934d7d25d.svg
donorbox.org/assets/ Frame 3D91 2 KB
1 KB 118ms
115ms Image
image/svg+xml 2606:4700:10::6816:32f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donorbox.org/assets/bank-icon-e3f22a674a6ff85431709152c9344c959c165406d2fffcc761758de934d7d25d.svg

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:32f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

119b33a47a786d9976e315e08f3b2989b21c13616e08db3ec7fa934037eb8ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/forest-history-society-donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Thu, 06 Oct 2022 15:22:24 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: cloudflare
age: 3126
vary: Origin, Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709629565&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=dTYJ5778X99TgSf5mepTIrKb%2FTQBsRs5BbAao6nd0eM%3D"}]}
content-type: image/svg+xml
content-encoding: gzip
cf-ray: 85f9eefd9dbd65bc-FRA
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709629565&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=dTYJ5778X99TgSf5mepTIrKb%2FTQBsRs5BbAao6nd0eM%3D

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame 3D91 147 KB
45 KB 178ms
80ms Script
text/javascript 18.173.154.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-89.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 622239c153d4bfc68dcc20e8fc09c55efe5c8153cb5b75ba2105ef3bb907f12d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 22:09:25 GMT
x-amz-version-id: 2J0dgOv4DdDvfeLXrRem2Idh2TqGOM2y
content-encoding: gzip
via: 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront)
x-amz-request-id: 63BR8G3RN8JN4J0Z
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
age: 49735
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: NOBuBgWPvIPSi7FXxSdbh051NZMTiDROkEDTcULLhIhoX0UGK31lW5q2rDl21FMt+A4qa0c+Rhy3tIeS5PBSIA==
last-modified: Mon, 04 Mar 2024 19:45:15 GMT
server: AmazonS3
etag: W/"4805c6042f3f793b8075a8bb9b1b3a2d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: RGYjVwdKVWgnJc3BqcmOihaYJwp7IRYRr53fYZWQ_oAMgkH2s73mzA==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 3D91 603 KB
148 KB 147ms
52ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0030f5a99c7993b12e2fabfd97fc80fca835db69e270cb872bfa8e8821af3d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:49:32 GMT
server: Cloudfront
etag: W/"68bcc669e847f4536a08e4ba24b5a206"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: oxlDWnCnkwvHW2zGzCW1m8s7d6SBCkBfFYRSIYvagRLcVnwR4LVIbg==

GET
H2 200 donor_app_v1_5-72ce11f41c7e0e9511da5605d5ffa498c7b79e7daff0537edf52ba6eea721a82.js Show response
donorbox.org/assets/ Frame 3D91 1 MB
397 KB 119ms
117ms Script
application/javascript 2606:4700:10::6816:32f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/assets/donor_app_v1_5-72ce11f41c7e0e9511da5605d5ffa498c7b79e7daff0537edf52ba6eea721a82.js

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:32f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98817a0981dd9664088a43613d59798402260c213c8856899c593bb69da62303

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/embed/forest-history-society-donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-encoding: gzip
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security: max-age=63072000; includeSubDomains
age: 3288
content-length: 405381
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709629381&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=M8iajd%2BMJwJ%2BE4F2fn0q4yrGjS18UXnMKN9Itoadgrg%3D
last-modified: Tue, 05 Mar 2024 01:42:54 GMT
server: cloudflare
vary: Accept-Encoding, Origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709629381&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=M8iajd%2BMJwJ%2BE4F2fn0q4yrGjS18UXnMKN9Itoadgrg%3D"}]}
content-type: application/javascript
accept-ranges: bytes
cf-ray: 85f9eefd9dbb65bc-FRA

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 3D91 231 KB
76 KB 158ms
63ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCHFWewggwQts_-Bc0fJr7uQUZEJs8pF1A&libraries=places&callback=geocoderCB

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

f8dcd2719735d9aa79c4e7a41005b9a3c3ba50b5e9a92d0a037439d35d056c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77356
x-xss-protection: 0

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 3D91 20 KB
7 KB 170ms
85ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://donorbox.org/
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 85f9eefe1d6a39c2-FRA

GET
H2 200 more-arrow-white.png
foresthistory.org/wp-content/themes/fhs2016/images/ 3 KB
4 KB 185ms
184ms Image
image/png 192.124.249.62
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://foresthistory.org/wp-content/themes/fhs2016/images/more-arrow-white.png

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/wp-content/themes/fhs2016/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10062.sucuri.net

Software

nginx /

Resource Hash

81edb1d59e4c4f339aa63e0fd46147601db7648c579eea7de8a6b744ec8b30fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/wp-content/themes/fhs2016/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-security-policy: upgrade-insecure-requests;, upgrade-insecure-requests
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
x-cacheable: YES
x-backend: varnish_ssl
age: 0
x-cache: uncached
x-sucuri-cache: MISS
x-cacheproxy-retries: 0/2
content-length: 3523
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Wed, 26 Jul 2017 16:41:03 GMT
server: nginx
x-php-version: 8.0
etag: "dc3-5553b1d22363e"
x-frame-options: SAMEORIGIN
content-type: image/png
x-cache-hit: MISS
cache-control: max-age=315360000
x-sucuri-id: 15012
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 2E97 46 KB
28 KB 62ms
62ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&co=aHR0cHM6Ly9mb3Jlc3RoaXN0b3J5Lm9yZzo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=gr2obqzd4cv9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7e6ffec65c3e8e28310f6eb6a5a8310efff02d0c80b2d24ed247f7f97acd0e99

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FyBOfXbtF-vbtNoELTBLnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://foresthistory.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FyBOfXbtF-vbtNoELTBLnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 11:58:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 logo-ctct-white.svg
static.ctctcdn.com/lp/images/standard/logos/ 5 KB
1 KB 48ms
47ms Image
image/svg+xml 104.18.40.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ctctcdn.com/lp/images/standard/logos/logo-ctct-white.svg?v=2020
Requested by: Host: foresthistory.org
URL: https://foresthistory.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.153 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab163536256f997eaa5c8abba61c5fede7b55d4022d1b765fc67dd9c2929c4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://foresthistory.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 20 Jul 2020 21:20:13 GMT
server: cloudflare
age: 8681026
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 85f9eefdc8976a78-TXL
content-length: 1273
expires: Fri, 01 Nov 2024 08:00:24 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 2E97 55 KB
24 KB 125ms
40ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&co=aHR0cHM6Ly9mb3Jlc3RoaXN0b3J5Lm9yZzo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=gr2obqzd4cv9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 11:50:40 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 2E97 494 KB
196 KB 124ms
40ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 06:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201116
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 06:44:48 GMT

GET
H2 200 icon
fonts.googleapis.com/ Frame 3D91 569 B
462 B 54ms
50ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: donorbox.org
URL: https://donorbox.org/assets/application_embed-a4e06c89a55da316ccaad373fd5691c959ca6b1d9673c3ebe923a7f0f6c0676c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 11:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 11:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 11:58:19 GMT

GET
H2 200 material.indigo-pink.min.css
code.getmdl.io/1.1.1/ Frame 3D91 135 KB
135 KB 349ms
59ms Stylesheet
text/css 2a00:1450:4001:809::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://code.getmdl.io/1.1.1/material.indigo-pink.min.css

Requested by

Host: donorbox.org
URL: https://donorbox.org/assets/application_embed-a4e06c89a55da316ccaad373fd5691c959ca6b1d9673c3ebe923a7f0f6c0676c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

adc89d7d695381bf2118da87e677a2af4057f40e466cf6c1a9af963d3921e1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 02 Mar 2024 08:44:07 GMT
last-modified: Wed, 03 Feb 2016 15:50:37 GMT
server: Google Frontend
age: 270853
etag: W/"2386ea5247b09703963cf983f8428147"
allow: GET, HEAD, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 8738d8a0e3b49d7642e415c17dab4f68
cache-control: public,max-age=2592000
x-appengine-log-flush-count: 0
content-length: 138128

GET
H3 200 722MIWu_TMZiQau3mAaarHtCk2pd6rTYw5oNsH4wR_g.js Show response
www.google.com/js/bg/ Frame 2E97 17 KB
7 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/722MIWu_TMZiQau3mAaarHtCk2pd6rTYw5oNsH4wR_g.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef6d8c216bbf4cc66241abb798069aac7b42936a5deab4d8c39a0db07e3047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&co=aHR0cHM6Ly9mb3Jlc3RoaXN0b3J5Lm9yZzo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=gr2obqzd4cv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:50:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6963
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:50:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 2E97 102 B
135 B 50ms
49ms Other
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e6ccfa30b73831d6528662ece5421627caab9f02289cf4902a0a4d67cdc1dd8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr&co=aHR0cHM6Ly9mb3Jlc3RoaXN0b3J5Lm9yZzo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=gr2obqzd4cv9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 11:58:20 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 3D91 186 KB
67 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W4D44WC

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3255c6bb221d23258351c0570963f50d51a2234dc7dfc7e6e43f165d81841403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68330
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 11:58:20 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 3D91 494 KB
197 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://donorbox.org/
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 06:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201116
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 06:44:48 GMT

GET
H3 200 Inter-Regular.woff2
rsms.me/inter/font-files/ Frame 3D91 106 KB
107 KB 396ms
301ms Font
font/woff2 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Regular.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 9a3ed77a2f3cdf30244580517e55572694ef2008
date: Tue, 05 Mar 2024 11:58:20 GMT
via: 1.1 varnish
expires: Thu, 22 Feb 2024 04:09:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1881
x-cache: HIT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 108488
x-served-by: cache-vie6350-VIE
last-modified: Mon, 20 Nov 2023 16:23:03 GMT
server: cloudflare
x-github-request-id: 346C:924E:199DB5:19F450:655B88BB
x-timer: S1700499796.566124,VS0,VE0
etag: "655b87e7-1a7c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtCFkQA4WEOelaniom05Taj7aTPEyEmBF3PH1zYJwqsZ8D5VBssb4O0fHvUqN7bPtc8yizg%2FjJMWXe3GhOwk1IHzBVvMqQJZvqklxNm2IZDz5N3cslGt3xcWwjxu9ISDu0NSwSZi"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 85f9ef027a113259-VIE
x-cache-hits: 4

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v141/ Frame 3D91 125 KB
126 KB 42ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v141/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 03:38:29 GMT
x-content-type-options: nosniff
age: 548391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:11:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 03:38:29 GMT

GET
H3 200 Inter-Medium.woff2
rsms.me/inter/font-files/ Frame 3D91 109 KB
110 KB 158ms
64ms Font
font/woff2 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Medium.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 1c1b346963e490bacd848900273e623bb641e6bb
date: Tue, 05 Mar 2024 11:58:20 GMT
via: 1.1 varnish
expires: Tue, 27 Feb 2024 04:13:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 300
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 111380
x-served-by: cache-vie6373-VIE
last-modified: Mon, 20 Nov 2023 16:23:03 GMT
server: cloudflare
x-github-request-id: 2E72:26CDCC:2E01525:2EBE0DA:6594D24C
x-timer: S1704445300.659134,VS0,VE0
etag: "655b87e7-1b314"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymrCeXtt8dKBM1nkH7t94%2BMiImq1I9%2BZ7PeXkoX5UHerGU6Z1nJmOm%2FhfStgoyLZ%2Fa1k2Ixe93wNnZjYezrUbB0GHOYy39VF8JRe04WZcZ8drm75hopIEOPYlAZIig7TXEkSmNxt"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 85f9ef027a0d3259-VIE
x-cache-hits: 10

GET
H3 200 Inter-SemiBold.woff2
rsms.me/inter/font-files/ Frame 3D91 109 KB
110 KB 208ms
115ms Font
font/woff2 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-SemiBold.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e52a861dc26ff4608c50bd7ff89b65d0d6216a2afe7b47ce5d84544811ca400

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: cad40ca15c748e552b0928a5ca7b7033bc47d4e9
date: Tue, 05 Mar 2024 11:58:20 GMT
via: 1.1 varnish
expires: Thu, 22 Feb 2024 02:09:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4371
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 111588
x-served-by: cache-vie6357-VIE
last-modified: Mon, 20 Nov 2023 16:23:03 GMT
server: cloudflare
x-github-request-id: 6CAA:7B63:1A2E64:1A85E5:655B88BB
x-timer: S1701326037.387593,VS0,VE2
etag: "655b87e7-1b3e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayyoeUaM13LzWr1onxT4beIupIEN12GGBaB%2FV7yQ00sfrxHEhL8USmsYdbqvBmnpHPPwUcG43Oz6pBvP60WcljEppIoPGXSz8UW9ZQk2wA0Xy4bvymLCmXqtG5E%2B7YhT%2BDb5l3uA"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 85f9ef027a0b3259-VIE
x-cache-hits: 1

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame ADDB 7 KB
1 KB 57ms
51ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca498fd237426005efacf7a449f17a3bb377e6a0cfa10ff187a29dccee9abe5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q0GKn1VhzmtMIeXilevroQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://foresthistory.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Q0GKn1VhzmtMIeXilevroQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 11:58:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame ADDB 55 KB
24 KB 42ms
41ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 11:50:40 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame ADDB 494 KB
196 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 06:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201116
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 06:44:48 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 3D91 3 B
45 B 148ms
50ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCHFWewggwQts_-Bc0fJr7uQUZEJs8pF1A&libraries=places&callback=geocoderCB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://donorbox.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/ Frame 3D91 255 KB
56 KB 46ms
42ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCHFWewggwQts_-Bc0fJr7uQUZEJs8pF1A&libraries=places&callback=geocoderCB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b61d60ac69b3abd7c5f216c24b77cd4b75379568e039ab5640a23c7bc3460d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 09:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56846
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 19:28:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 09:00:47 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/ Frame 3D91 180 KB
56 KB 60ms
57ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCHFWewggwQts_-Bc0fJr7uQUZEJs8pF1A&libraries=places&callback=geocoderCB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

673c1136f9b83e60edec4d2cae19a26f9f0d3ecab07e2dd36c91a0e4d53fe35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 20:30:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56804
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 19:28:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 20:30:39 GMT

GET
H2 200 geocoder.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/ Frame 3D91 4 KB
2 KB 86ms
84ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/geocoder.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCHFWewggwQts_-Bc0fJr7uQUZEJs8pF1A&libraries=places&callback=geocoderCB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5662a4faf4feb1773b40fc4101c5013a2a6a6cc80d0fb04d0ceadd8d5fc10ad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1834
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 19:28:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 05:23:32 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/ Frame 3D91 94 KB
25 KB 88ms
86ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCHFWewggwQts_-Bc0fJr7uQUZEJs8pF1A&libraries=places&callback=geocoderCB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c240ebcb869a7fa19c90fd91f9a88fda1aa2b9364175398ef2bc2788b407385f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 06:28:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25206
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 19:28:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 06:28:36 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/ Frame 3D91 55 KB
18 KB 74ms
72ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCHFWewggwQts_-Bc0fJr7uQUZEJs8pF1A&libraries=places&callback=geocoderCB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5818466ac0ee2fa096794eb6d12b681dcd95632e277df64cb62f8e2f70470a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:41:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18034
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 19:28:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 18:41:51 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame B480 200 B
1 KB 42ms
42ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3174
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:05:27 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Thu, 29 Feb 2024 21:07:05 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: q7dK5e-R2nRljeVixI5olTlLsCGkoZYnXNMl9rUi0wuis19jV8t7FQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2

200

main.js Show response
donorbox.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/ Frame AC81
Redirect Chain

https://donorbox.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://donorbox.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

8 KB
4 KB

46ms
45ms

Script
application/javascript

2606:4700:10::6816:32f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Server

2606:4700:10::6816:32f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a46abb09577d5a9c00060d6095f4c636794ce3290a7a0d56d0e2e53da3bd093

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 85f9ef038de765bc-FRA

Redirect headers

date: Tue, 05 Mar 2024 11:58:20 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/a0d8959cb7d0/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 85f9ef02fd1d65bc-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3D91 282 KB
94 KB 74ms
74ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G889RTCN5N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4D44WC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

711ea7d9e07452c8a699193af7c064b19a37ca298bb2aaf8913315ec8c3dd0b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96133
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 11:58:20 GMT

GET
H2 200 controller-1b517d3dc8887d756b42ce62fc15d620.html Show response
js.stripe.com/v3/ Frame E3DD 297 B
1 KB 48ms
48ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

04dd08cd5be76d0779ac2b77f734115d0fa01d5b6f14db00adca5433bdf30065

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7
cache-control: max-age=60, stale-while-revalidate=900
content-length: 297
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:58:14 GMT
etag: "1b517d3dc8887d756b42ce62fc15d620"
last-modified: Mon, 04 Mar 2024 21:05:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: jY-ZKUMj4l597IFgDL9Hv2M_dSNucLQ2JVROyWYr6YrCTMFt055YJQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html Show response
js.stripe.com/v3/ Frame D560 408 B
1 KB 43ms
43ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

375cd0866100903ea8dd941ab323f78564bfc406a6055c729d8c14b284f1ca5e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2161
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:22:59 GMT
etag: "0ad4ab4836fd48b704f9836c381309d4"
last-modified: Mon, 04 Mar 2024 21:05:38 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: iTSgA_YSo94npupCuiQ_xDbThMoXy2NQTqkWgJegIT4oka1zKkehyw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html Show response
js.stripe.com/v3/ Frame 7310 344 B
2 KB 43ms
43ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f86da5e9aacdcab57c6381b2053c36e9ef22ffe815d128b1a80083dbda3f480d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26
cache-control: max-age=60, stale-while-revalidate=900
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:57:56 GMT
etag: "bd09705d396c9abb97489a362b8310e0"
last-modified: Mon, 04 Mar 2024 21:05:38 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: ehE3DGpKQzke7PC_fO6a8KSz_26Dhg1hAjjoLW_ZpnfV5sELKgmLzw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-1b517d3dc8887d756b42ce62fc15d620.html Show response
js.stripe.com/v3/ Frame DDBE 297 B
1 KB 43ms
42ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

04dd08cd5be76d0779ac2b77f734115d0fa01d5b6f14db00adca5433bdf30065

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7
cache-control: max-age=60, stale-while-revalidate=900
content-length: 297
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:58:14 GMT
etag: "1b517d3dc8887d756b42ce62fc15d620"
last-modified: Mon, 04 Mar 2024 21:05:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: mOZl11MkS2MpirQ-VcDBpGPIvTbKnTiIUPlk-6qjZCvdS22lPHqJ2w==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-441445cbb512a63599ab0df61abfb641.html Show response
js.stripe.com/v3/ Frame 510C 798 B
2 KB 46ms
45ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

73526c7c8cb533a80c1437cfcaa300b2a8775da0bb4541fc2ce20da10d48df33

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2945
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:09:16 GMT
etag: "441445cbb512a63599ab0df61abfb641"
last-modified: Mon, 04 Mar 2024 21:05:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: oeUfYUeNdFwEKAIzmWHHpYadZDEMZdHcnKhvVmPNkY1qKeiaVmwKCQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-441445cbb512a63599ab0df61abfb641.html Show response
js.stripe.com/v3/ Frame E09F 798 B
2 KB 45ms
45ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

73526c7c8cb533a80c1437cfcaa300b2a8775da0bb4541fc2ce20da10d48df33

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2945
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:09:16 GMT
etag: "441445cbb512a63599ab0df61abfb641"
last-modified: Mon, 04 Mar 2024 21:05:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: ZIluTv7MTF2RXvetesCmLMpZgEB5IndJin_VANTRvkCJ8T-8AzKCFg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-441445cbb512a63599ab0df61abfb641.html Show response
js.stripe.com/v3/ Frame B33A 798 B
2 KB 45ms
41ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

73526c7c8cb533a80c1437cfcaa300b2a8775da0bb4541fc2ce20da10d48df33

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2945
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:09:16 GMT
etag: "441445cbb512a63599ab0df61abfb641"
last-modified: Mon, 04 Mar 2024 21:05:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: KTZFxo1hymPs0ovhjXuF93zkWBL69wJKGxFoh3k6OqqDfgnoJTaIJQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-441445cbb512a63599ab0df61abfb641.html Show response
js.stripe.com/v3/ Frame 0AAB 798 B
2 KB 42ms
42ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

73526c7c8cb533a80c1437cfcaa300b2a8775da0bb4541fc2ce20da10d48df33

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2945
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:09:16 GMT
etag: "441445cbb512a63599ab0df61abfb641"
last-modified: Mon, 04 Mar 2024 21:05:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: xLxGkci148-_DZNpzwGv4QcHsAkzWJJFN2OpZp40XmltZjjF84WxmQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 7793 45 KB
29 KB 70ms
69ms Document
text/html 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=rw5vvp89ikz5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d1add71086f306aa505025c2c760c20070edecb5bf7a4191ff3baf376528aa9f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cZBf8ikGBJ__A_nMpXdvjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cZBf8ikGBJ__A_nMpXdvjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 11:58:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame B1AD 7 KB
1 KB 80ms
56ms Document
text/html 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=normal&cb=quzw2pbxhaia

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9902076f205c2c8238bf6e1f41bbb430b9191d57462f0467942ded5bd56b0069

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kh3W4XytXPt27UrpJsh62Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Kh3W4XytXPt27UrpJsh62Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 11:58:20 GMT
expires: Tue, 05 Mar 2024 11:58:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B480 526 B
1 KB 42ms
41ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:22:50 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 2130
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 526
last-modified: Thu, 29 Feb 2024 21:07:03 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: wyG_5L8R80rjaGxkxxKRBWZrUscXJu-QhGNuokjIx8okQ5P1LNxNfQ==

GET
H2 200 shared-ef74aa054e59fdac81b538dfec92a050.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E3DD 537 KB
117 KB 56ms
49ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:43 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2919
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"d49550815942227dc97b7500620f7224"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ucaiKsH99mCQX7vmKSConfiXBstHW6uHw8YeV1AZDk3Gi3FSC7oxiQ==

GET
H2 200 controller-04d5ca8de94b7905dcf997a15299c7fc.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E3DD 699 KB
164 KB 102ms
98ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-04d5ca8de94b7905dcf997a15299c7fc.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2977f53d6b12e6f52f665d17184d9d978ea0fcc0409cfad267cc1ac88b337543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:43 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2919
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:34 GMT
server: Cloudfront
etag: W/"f10c423591daea093ee5530eda913c19"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: MrxJSKf5iZ0oea_6P89Hlu6xerR0WeHnsopMv1mHYKUYKq9fjDXeiQ==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame D560 117 KB
36 KB 210ms
96ms Script
application/javascript 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9efb3c3c478916f95dd26b4d6c664a5ff18cbb3df8da939c88b55a5abf0fc81e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-_9aW6dLVLwx2tJvSrMF1Hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:20 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-_9aW6dLVLwx2tJvSrMF1Hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtDikmLw0ZBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_Fw3Jk4Zz2bwI4nbUuYAQjWMVw"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 05 Mar 2024 11:58:20 GMT

GET
H2 200 shared-ef74aa054e59fdac81b538dfec92a050.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D560 537 KB
117 KB 130ms
127ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:43 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2919
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"d49550815942227dc97b7500620f7224"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: SRsp7Ch1QMvHfybNACNJznXc_WX5LrntRIj1BqYMwnR6-d3ZJOj1NQ==

GET
H2 200 payment-request-inner-google-pay-c83e5fd7cbd25a878b3ffc70ebb53333.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D560 12 KB
5 KB 42ms
42ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-c83e5fd7cbd25a878b3ffc70ebb53333.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

06e9cfa1e2fb5b8269f55ebb7dc5ced06737bc1e3faec047ca535265a9d7ac85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:36:37 GMT
content-encoding: gzip
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1317
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 21:07:03 GMT
server: Cloudfront
etag: W/"7946a1d9a17729b6659d22b18a313c0e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: IszGoXrHHK10b6o6ZqsAPrFkVRo1yLlchMhKbZTYavTPvzBp4sxR1A==

GET
H2 200 shared-ef74aa054e59fdac81b538dfec92a050.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7310 537 KB
117 KB 144ms
141ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:43 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2919
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"d49550815942227dc97b7500620f7224"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: TADkeGcxE6xPgaOgMIAioZLl9v2GnbsYP5HhSvm8fQTyKPrsa5jEyw==

GET
H2 200 payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7310 13 KB
6 KB 155ms
152ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:21:54 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2193
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 21:07:03 GMT
server: Cloudfront
etag: W/"32dba56f50e599b5cc53a055305f8c45"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: rikPn-JUWGd1xFP4fK7z7Wu7xOExtCYGxKLFCIIU6WWCEgh9-cALJg==

GET
H2 200 shared-ef74aa054e59fdac81b538dfec92a050.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DDBE 537 KB
117 KB 75ms
72ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:43 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2919
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"d49550815942227dc97b7500620f7224"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 0RtYqvOhbne87xarnX7DzITw4AWX6zz6_t5z3DSliVdWhZmAtxACDQ==

GET
H2 200 controller-04d5ca8de94b7905dcf997a15299c7fc.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DDBE 699 KB
164 KB 157ms
154ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-04d5ca8de94b7905dcf997a15299c7fc.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2977f53d6b12e6f52f665d17184d9d978ea0fcc0409cfad267cc1ac88b337543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:43 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2919
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:34 GMT
server: Cloudfront
etag: W/"f10c423591daea093ee5530eda913c19"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ryg1KZkwpmO-dGwX3fYaaQSpZ2tvQa4PuWuTRxcuuPqzCp0kTVFOwg==

GET
H2 200 shared-ef74aa054e59fdac81b538dfec92a050.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 510C 537 KB
117 KB 160ms
159ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:43 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2919
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"d49550815942227dc97b7500620f7224"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: FdipQkRIJA4JVoL_3vQyE-Dgc2o_LyQ9Ggpu8K1n-L0z05M4OwVQRw==

GET
H2 200 ui-shared-1bf6ace40c8ba59385d7846cb107d9c6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 510C 414 KB
107 KB 168ms
167ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-1bf6ace40c8ba59385d7846cb107d9c6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9ff1964bffc8efed18dfd92699b69a974e6f354348b0743c31a6784384eb7c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:39:04 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1173
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"1a73e2c92e7625b5ccbedca19583ed45"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ABlQ3DkncpkkGVi5kQk4Zo7PCJacBRpnQ9wDhJRSACV1pg_VBxjIoA==

GET
H2 200 elements-inner-card-026c2480c57711722e470dc9a369461a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 510C 55 KB
14 KB 123ms
123ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-026c2480c57711722e470dc9a369461a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f3a531a933d649e125e1a79d2e43c7f48f71aaf457d2847c1c8efea16e3cc23c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:10:05 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2896
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 18:06:15 GMT
server: Cloudfront
etag: W/"f7df0c4fdb403694dab0d43ab79ed837"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: llrs_YjKyAz_kkJXTTOViNm8cjOrNihf2C_EgTo1h4CyRfV4dB3ESQ==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 510C 20 KB
3 KB 147ms
147ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:17 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2944
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 21:06:52 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: h4xTEjtUdv0Yu1bGssVJ8lh709GMxGE9lK7_U2fq9tJI_Dkv-muT7g==

GET
H2 200 elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css
js.stripe.com/v3/fingerprinted/css/ Frame 510C 14 KB
3 KB 159ms
158ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:17 GMT
content-encoding: gzip
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2944
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 28 Feb 2024 22:56:36 GMT
server: Cloudfront
etag: W/"87bf0041cf7ae5e77d770c423e25828a"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 1BS0dlmppGCRfjHO-aizgmw4xJvSSRfuc8KKyZrFbA91l5QBB5y2MA==

GET
H2 200 shared-ef74aa054e59fdac81b538dfec92a050.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E09F 537 KB
117 KB 172ms
171ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:43 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2919
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"d49550815942227dc97b7500620f7224"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: fAavorWnvd-XBdRCs5mA30SSY4oCeQv-WEFMcwKwlOcSEI5FmaUuaw==

GET
H2 200 ui-shared-1bf6ace40c8ba59385d7846cb107d9c6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E09F 414 KB
107 KB 172ms
171ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-1bf6ace40c8ba59385d7846cb107d9c6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9ff1964bffc8efed18dfd92699b69a974e6f354348b0743c31a6784384eb7c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:39:04 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1173
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"1a73e2c92e7625b5ccbedca19583ed45"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: UULZNO6UbRjqQJDrjDBt-vAH-iflSYaiURuobK7X70oCpAy2E8_ULw==

GET
H2 200 elements-inner-card-026c2480c57711722e470dc9a369461a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E09F 55 KB
14 KB 119ms
117ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-026c2480c57711722e470dc9a369461a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f3a531a933d649e125e1a79d2e43c7f48f71aaf457d2847c1c8efea16e3cc23c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:10:05 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2896
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 18:06:15 GMT
server: Cloudfront
etag: W/"f7df0c4fdb403694dab0d43ab79ed837"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: kpQuxwU0FWHaS8OLTPoH3CRUG4qSFXMCtqZpLW4rR2OCnc-layXp0w==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame E09F 20 KB
3 KB 171ms
170ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:17 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2944
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 21:06:52 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 86UUhJZSSKtbhy7xBz7ScS9zJCDhZD_OFZJvC44JdByf6Teoc7uoNg==

GET
H2 200 elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css
js.stripe.com/v3/fingerprinted/css/ Frame E09F 14 KB
3 KB 171ms
171ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:17 GMT
content-encoding: gzip
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2944
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 28 Feb 2024 22:56:36 GMT
server: Cloudfront
etag: W/"87bf0041cf7ae5e77d770c423e25828a"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: b8N6aKVrP4ReGlKt1ROKO3D36LDr0PBufHbqCu0vAH542giXgnUrVA==

GET
H2 200 shared-ef74aa054e59fdac81b538dfec92a050.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B33A 537 KB
117 KB 162ms
162ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:43 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2919
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"d49550815942227dc97b7500620f7224"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OXB06Nce1lJavUX7dbccOh7uwQzTiM3cWQKeGh0I0z8ygJw-gO58RQ==

GET
H2 200 ui-shared-1bf6ace40c8ba59385d7846cb107d9c6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B33A 414 KB
107 KB 163ms
162ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-1bf6ace40c8ba59385d7846cb107d9c6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9ff1964bffc8efed18dfd92699b69a974e6f354348b0743c31a6784384eb7c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:39:04 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1173
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"1a73e2c92e7625b5ccbedca19583ed45"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: nsR5AihIkQnMitGhWRHNKZU9rAQE6cz3rod48Dt3mZChE8dl9RTMbg==

GET
H2 200 elements-inner-card-026c2480c57711722e470dc9a369461a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B33A 55 KB
14 KB 113ms
111ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-026c2480c57711722e470dc9a369461a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f3a531a933d649e125e1a79d2e43c7f48f71aaf457d2847c1c8efea16e3cc23c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:10:05 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2896
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 18:06:15 GMT
server: Cloudfront
etag: W/"f7df0c4fdb403694dab0d43ab79ed837"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: rqYHrGszExpQekcOiROEN-ui1EM1g5o7INxk60lt5Efz1i5Fih8VSA==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame B33A 20 KB
3 KB 162ms
161ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:17 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2944
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 21:06:52 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: eh0LP1UGfdBZqrfGsrc0FSjfa4tqo3z34tcXUvkpw-ESkDYrhljdXg==

GET
H2 200 elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css
js.stripe.com/v3/fingerprinted/css/ Frame B33A 14 KB
3 KB 162ms
162ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:17 GMT
content-encoding: gzip
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2944
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 28 Feb 2024 22:56:36 GMT
server: Cloudfront
etag: W/"87bf0041cf7ae5e77d770c423e25828a"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: YkC0e97EnqEOJZ-qzRI2Lom51WnZG3rLMxId1y4isVYfNgehTL1Lbw==

GET
H2 200 shared-ef74aa054e59fdac81b538dfec92a050.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0AAB 537 KB
117 KB 143ms
142ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:43 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2919
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"d49550815942227dc97b7500620f7224"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: UkJzTUQ5FudKWg1A6s0ENd-ePdlmpwIN9lm5tdzdVb2jT2ubCoW1Ww==

GET
H2 200 ui-shared-1bf6ace40c8ba59385d7846cb107d9c6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0AAB 414 KB
107 KB 143ms
142ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-1bf6ace40c8ba59385d7846cb107d9c6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9ff1964bffc8efed18dfd92699b69a974e6f354348b0743c31a6784384eb7c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:39:04 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1173
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"1a73e2c92e7625b5ccbedca19583ed45"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: HoScX8ENSHk0D-rs1gCNRAa-WQOtrTFGJ5Wickw92AQVEGnDFIhIZg==

GET
H2 200 elements-inner-card-026c2480c57711722e470dc9a369461a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0AAB 55 KB
14 KB 118ms
118ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-026c2480c57711722e470dc9a369461a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f3a531a933d649e125e1a79d2e43c7f48f71aaf457d2847c1c8efea16e3cc23c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:10:05 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2896
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 18:06:15 GMT
server: Cloudfront
etag: W/"f7df0c4fdb403694dab0d43ab79ed837"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7oGrv_-pbTXAKHVR5oPCCCEEWmlXRkcW-5Ixa36Zi4XF_BKV_6-wPw==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 0AAB 20 KB
3 KB 142ms
142ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:17 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2944
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 21:06:52 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 1KZxoHLg_z6f-73GMGb05p9IXJCqIHZ2DS2FH86W_eAXubwQknhF0w==

GET
H2 200 elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css
js.stripe.com/v3/fingerprinted/css/ Frame 0AAB 14 KB
3 KB 143ms
142ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-53aa57bec7f6d40d72327654fd43a92e.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:17 GMT
content-encoding: gzip
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2944
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 28 Feb 2024 22:56:36 GMT
server: Cloudfront
etag: W/"87bf0041cf7ae5e77d770c423e25828a"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: mZRqdmJDwSaIqzDl_zYk5U1SFYaBW5uvnCqN1sHuAKfedji0uCl-1Q==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 7793 55 KB
24 KB 44ms
43ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=rw5vvp89ikz5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 11:50:40 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 7793 494 KB
196 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 06:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201116
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 06:44:48 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame B1AD 55 KB
24 KB 51ms
43ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 11:50:40 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame B1AD 494 KB
196 KB 58ms
51ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 06:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201116
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 06:44:48 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ Frame 3D91 2 KB
2 KB 170ms
72ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:20 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 05 Mar 2024 11:58:20 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ Frame 3D91 3 KB
3 KB 171ms
72ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Host: donorbox.org
URL: https://donorbox.org/embed/forest-history-society-donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donorbox.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:20 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 05 Mar 2024 11:58:20 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame AF24 930 B
2 KB 138ms
41ms Document
text/html 2600:9000:2724:8000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:8000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 231
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:54:31 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 0140ca34c2d577c2578595f0c9e0050e.cloudfront.net (CloudFront)
x-amz-cf-id: hvVqMQ6vggma9NqsVkOhK1HflHcgUcyX_v1Ta6S7hjd9-gQdMBXWnw==
x-amz-cf-pop: FRA56-P12
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 85f9eef91efa65bc Show response
donorbox.org/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame AC81 0
318 B 97ms
97ms XHR
text/plain 2606:4700:10::6816:32f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donorbox.org/cdn-cgi/challenge-platform/h/g/jsd/r/85f9eef91efa65bc
Requested by: Host: donorbox.org
URL: https://donorbox.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:32f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 11:58:21 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 85f9ef05c89465bc-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E3DD 474 B
916 B 125ms
45ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:57:33 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 50
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 04 Mar 2024 21:49:34 GMT
server: Cloudfront
etag: "741c7a42906bbd9aa745c3aea07bcd08"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: GPvS5yjJ8PWC3aL0CbK6qjANX1eWVPkAm9617gCYLxr-8d3y-octaA==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E3DD 474 B
915 B 119ms
47ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:57:33 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 50
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 04 Mar 2024 21:49:34 GMT
server: Cloudfront
etag: "741c7a42906bbd9aa745c3aea07bcd08"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: HxhJABaFyx4aNQeK_bY2ey5MZdF4uUhgal0QC4BQDpbBCHrgf7T4tg==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame DDBE 474 B
915 B 87ms
49ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:57:33 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 50
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 04 Mar 2024 21:49:34 GMT
server: Cloudfront
etag: "741c7a42906bbd9aa745c3aea07bcd08"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: RZzC3r7DOCKAaSqvw2U4-nCA0xitHM0WvmMmb7V2I-IjA2mKTjvO2Q==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame DDBE 474 B
915 B 85ms
51ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:57:33 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 50
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 04 Mar 2024 21:49:34 GMT
server: Cloudfront
etag: "741c7a42906bbd9aa745c3aea07bcd08"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: FgtH-gpaGjO5CmjGknMhatJZTaojZUO5BpaEJmo0FwcH4Rlfy_WwJw==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E09F 474 B
915 B 108ms
84ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:57:33 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 50
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 04 Mar 2024 21:49:34 GMT
server: Cloudfront
etag: "741c7a42906bbd9aa745c3aea07bcd08"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: oYnEggdPjGJK5Cxlw2jYKifCqusB6-5zaxAVLaBFOHLIJO1YoFok1Q==

GET
H2 200 de-1b3238726ff61c15f040048036c21672.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame E09F 159 KB
30 KB 109ms
93ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/de-1b3238726ff61c15f040048036c21672.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

52570bca4baf88a5a6a894c50b348353dcc38d0f6b68022475be7e3ea7ee1c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:53:28 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 331
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 01 Mar 2024 22:43:19 GMT
server: Cloudfront
etag: W/"1b3238726ff61c15f040048036c21672"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: unsRCi82LbFRTIX4pOBTLa0OCKGykNtukW11XoydE2u-tVhDG1uhcQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 510C 474 B
915 B 91ms
85ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:57:33 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 50
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 04 Mar 2024 21:49:34 GMT
server: Cloudfront
etag: "741c7a42906bbd9aa745c3aea07bcd08"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: UUx65DDVPbuVEvs4eM9t9UpQwNrwEMLslJjT4FZncJVsoouo-PaEOw==

GET
H2 200 de-1b3238726ff61c15f040048036c21672.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 510C 159 KB
30 KB 56ms
53ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/de-1b3238726ff61c15f040048036c21672.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

52570bca4baf88a5a6a894c50b348353dcc38d0f6b68022475be7e3ea7ee1c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:53:28 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 331
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 01 Mar 2024 22:43:19 GMT
server: Cloudfront
etag: W/"1b3238726ff61c15f040048036c21672"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: N5FVYGpdFeXgTIlfkTZiUOtjuSZTYq8wpWVZZQsg6DpQzCKs40QCKg==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame B33A 474 B
916 B 88ms
88ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:57:33 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 50
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 04 Mar 2024 21:49:34 GMT
server: Cloudfront
etag: "741c7a42906bbd9aa745c3aea07bcd08"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: gDL7AAEW3wNiJELmyOvVs8_wxsYI5uNLtILj6XDOLO8Ddj4KRbm3Ew==

GET
H2 200 de-1b3238726ff61c15f040048036c21672.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame B33A 159 KB
30 KB 92ms
92ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/de-1b3238726ff61c15f040048036c21672.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

52570bca4baf88a5a6a894c50b348353dcc38d0f6b68022475be7e3ea7ee1c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:53:28 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 331
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 01 Mar 2024 22:43:19 GMT
server: Cloudfront
etag: W/"1b3238726ff61c15f040048036c21672"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 0kGLQ56Y_o_3XJKL_QzaFb2XfIxQG3qXV24d_RvsOceMxiqDxP3Qaw==

GET
H3 200 722MIWu_TMZiQau3mAaarHtCk2pd6rTYw5oNsH4wR_g.js Show response
www.google.com/js/bg/ Frame 7793 17 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/722MIWu_TMZiQau3mAaarHtCk2pd6rTYw5oNsH4wR_g.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef6d8c216bbf4cc66241abb798069aac7b42936a5deab4d8c39a0db07e3047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:50:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6963
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:50:48 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7793 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 03:45:28 GMT
x-content-type-options: nosniff
age: 29573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 12 Mar 2024 03:45:28 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7793 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 59162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 19:32:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7793 15 KB
15 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:26:30 GMT
x-content-type-options: nosniff
age: 423111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 14:26:30 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 0AAB 474 B
916 B 71ms
70ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:57:33 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 50
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 04 Mar 2024 21:49:34 GMT
server: Cloudfront
etag: "741c7a42906bbd9aa745c3aea07bcd08"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: v62Z8HAWPE6ze5TKDNynC-AyA3LMV-VrVczFfJYHpuDLRlJkuuhF9A==

GET
H2 200 de-1b3238726ff61c15f040048036c21672.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 0AAB 159 KB
30 KB 79ms
78ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/de-1b3238726ff61c15f040048036c21672.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

52570bca4baf88a5a6a894c50b348353dcc38d0f6b68022475be7e3ea7ee1c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:53:28 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 331
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 01 Mar 2024 22:43:19 GMT
server: Cloudfront
etag: W/"1b3238726ff61c15f040048036c21672"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xrxcztCtq8zECMihVdOARZ39JfCus6NqFAC__jKPxqmFya8RvodKJA==

GET
H2 200 countryRanges-9ffc15b92962ca316164b9a5ff4c1917.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 0AAB 145 KB
37 KB 81ms
81ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/countryRanges-9ffc15b92962ca316164b9a5ff4c1917.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

007b4be1404b0f21a158fa83a2ae9375393b2d932a17e9745aa392fcadc7cf2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:15:45 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2580
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 28 Feb 2024 22:56:37 GMT
server: Cloudfront
etag: W/"9ffc15b92962ca316164b9a5ff4c1917"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: -L9xG0mdmf8Z5TulMlAOWppGBB7FoxLE2Zdo9-5pqGZNBzwa7mdbRQ==

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 7793 102 B
135 B 51ms
51ms Other
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e6ccfa30b73831d6528662ece5421627caab9f02289cf4902a0a4d67cdc1dd8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=rw5vvp89ikz5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 11:58:21 GMT

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame AF24 87 KB
15 KB 47ms
47ms Script
text/javascript 2600:9000:2724:8000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:8000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:54:11 GMT
content-encoding: br
via: 1.1 0140ca34c2d577c2578595f0c9e0050e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 251
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA56-P12
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: N_dQGPcrwiiSvDhfcVY-fpsJ4gcQ-y8X3-8oD_r46bbdKrUFINyymw==

GET
H2 200 de-1b3238726ff61c15f040048036c21672.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame E3DD 159 KB
30 KB 44ms
44ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/de-1b3238726ff61c15f040048036c21672.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

52570bca4baf88a5a6a894c50b348353dcc38d0f6b68022475be7e3ea7ee1c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:53:28 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 331
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 01 Mar 2024 22:43:19 GMT
server: Cloudfront
etag: W/"1b3238726ff61c15f040048036c21672"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 36ABApJB2QI4C2q_IvrC9utBpVFIlfvbHWOVZyr8U8hpV1QVgqeKRA==

GET
H2 200 de-1b3238726ff61c15f040048036c21672.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame E3DD 159 KB
30 KB 49ms
49ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/de-1b3238726ff61c15f040048036c21672.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

52570bca4baf88a5a6a894c50b348353dcc38d0f6b68022475be7e3ea7ee1c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:53:28 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 331
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 01 Mar 2024 22:43:19 GMT
server: Cloudfront
etag: W/"1b3238726ff61c15f040048036c21672"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WROVWkjwnBjXE-BGRGHTlWpP9mYP7Lsu0VriurtDJqr2Ik149Uv_xQ==

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame E3DD 2 KB
3 KB 495ms
359ms Fetch
application/json 198.202.176.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3e4ebb76bf144efa926e5642a92d9a76c772e7899cbd42743839d80cd77b6521

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:58:21 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2541
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame ADDB 20 KB
15 KB 77ms
76ms XHR
application/json 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

44911234c76cda6c66b5407ba56cca9a1aa7beaa19b1f1370ecd3189403f654c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 05 Mar 2024 11:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 11:58:21 GMT

GET
H2 200 de-1b3238726ff61c15f040048036c21672.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame DDBE 159 KB
30 KB 44ms
43ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/de-1b3238726ff61c15f040048036c21672.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

52570bca4baf88a5a6a894c50b348353dcc38d0f6b68022475be7e3ea7ee1c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:53:28 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 331
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 01 Mar 2024 22:43:19 GMT
server: Cloudfront
etag: W/"1b3238726ff61c15f040048036c21672"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: t3Py2nE4za_fax_e7e62s-f6Qe8RQvklw2usPO4xSWDMBFxcWKAXDA==

GET
H2 200 de-1b3238726ff61c15f040048036c21672.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame DDBE 159 KB
30 KB 51ms
51ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/de-1b3238726ff61c15f040048036c21672.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

52570bca4baf88a5a6a894c50b348353dcc38d0f6b68022475be7e3ea7ee1c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:53:28 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 331
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 01 Mar 2024 22:43:19 GMT
server: Cloudfront
etag: W/"1b3238726ff61c15f040048036c21672"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: LeDF0VGct6iczoBKDkqZ-kZdNlwlW-dJPuEzsxioegC_EXxp9KwTAA==

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 4C1B 19 KB
8 KB 105ms
104ms Document
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c5af827c820195b021e1750e5e9aa55ac5a62df868028ebe94daaef917251be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ft6u8t4WX3_5LArtzK_-KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ft6u8t4WX3_5LArtzK_-KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 05 Mar 2024 11:58:21 GMT
expires: Tue, 05 Mar 2024 11:58:21 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtDikmLw0ZBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_Fw3J04Zz2bwImdx5uZAAkFMWE"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame DDBE 2 KB
3 KB 305ms
227ms Fetch
application/json 198.202.176.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3355529ad7583934b8dcc0c4659d4285876a7a15661e6c694aecbedeb830c343

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:58:21 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2541
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 200 b Show response
r.stripe.com/ Frame E3DD 0
273 B 981ms
430ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902392535
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709639902391841
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame E3DD 0
273 B 976ms
427ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902392490
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709639902392213
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame DDBE 0
272 B 1184ms
636ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902601118
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709639902600558
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame DDBE 0
273 B 1185ms
638ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902600859
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709639902600593
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame DDBE 0
273 B 1177ms
631ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902597757
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709639902597147
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame DDBE 0
273 B 969ms
425ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902391897
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709639902391615
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame DDBE 0
273 B 971ms
428ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902392480
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709639902391768
access-control-allow-credentials: true
content-length: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 510C 474 B
915 B 42ms
42ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-441445cbb512a63599ab0df61abfb641.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:57:33 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 50
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 04 Mar 2024 21:49:34 GMT
server: Cloudfront
etag: "741c7a42906bbd9aa745c3aea07bcd08"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: kllq3y8NBNb24TMVBelBqBnzTJYz302e8mr6BdVeSVIbtU1bBvFLVA==

POST
H2 200 b Show response
r.stripe.com/ Frame DDBE 0
273 B 1162ms
430ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902601863
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709639902601469
access-control-allow-credentials: true
content-length: 0

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame ADDB 600 B
624 B 42ms
41ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:30:13 GMT
x-content-type-options: nosniff
age: 62888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Mar 2024 18:30:13 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame ADDB 530 B
554 B 44ms
43ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:17:32 GMT
x-content-type-options: nosniff
age: 60049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Mar 2024 19:17:32 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame ADDB 665 B
689 B 48ms
47ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:42:02 GMT
x-content-type-options: nosniff
age: 432979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 07 Mar 2024 11:42:02 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ADDB 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 59162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 19:32:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ADDB 15 KB
15 KB 54ms
53ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 17:34:06 GMT
x-content-type-options: nosniff
age: 66255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 17:34:06 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ADDB 15 KB
15 KB 49ms
48ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:26:30 GMT
x-content-type-options: nosniff
age: 423111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 14:26:30 GMT

GET
H3 200 722MIWu_TMZiQau3mAaarHtCk2pd6rTYw5oNsH4wR_g.js Show response
www.google.com/js/bg/ Frame ADDB 17 KB
7 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/722MIWu_TMZiQau3mAaarHtCk2pd6rTYw5oNsH4wR_g.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef6d8c216bbf4cc66241abb798069aac7b42936a5deab4d8c39a0db07e3047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:50:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6963
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:50:48 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame ADDB 34 KB
35 KB 52ms
52ms Image
image/jpeg 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA6DsXVqh800KY1eNim648v1KsWJ3kGAYy50OCbet7grJW4pabjAvod3qwPhkqg5cwm9KaclqZh07Z63xIOldX9HDeWq_cDLBgrbJfRn5VYs7njuCx8mqZ2egfURmhJcR58jg0-jyjQInfHiSqONXgF3AuXxuzVTVoZw9HulPYNE6iML4LzyP6xR1ofUXCUU2smxaNdC60mKbOhHGqZiU8HWB6kzFg&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr

Requested by

Host: foresthistory.org
URL: https://foresthistory.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec2ac08111f1a25c77387c4212a72c0142a7b9ddaa5c44cc898c495866a9cff6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LfHrSkUAAAAAPnKk5cT6JuKlKPzbwyTYuO8--Vr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:21 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 11:58:21 GMT

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 4C1B 160 KB
56 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgRP0_CdhWFw23qyvGYs9ZgeNJ6tg/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524fea35761d2dd09e0bdc660357cd742cab9daf53c44142b9ad7a3e986bf772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 17:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57770
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 17:33:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 17:22:39 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame AF24 156 B
668 B 645ms
208ms XHR
application/json 52.35.242.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.242.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-242-184.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4b2c4b0143c69486f3bcbff81741ad2e6f6cdae1a6afa60e6294c7d8df4c3faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1709639902208325
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1709639902208060
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame 4C1B 75 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgtLOdNkCake2LIxo8nzYzk3QI_ow/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgRP0_CdhWFw23qyvGYs9ZgeNJ6tg/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

556856423e6f70e130c5d3a9e13b16f1baf03b97dee1badbcff2a3b24fcc79bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27673
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 02:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:58:04 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 4C1B 1 MB
377 KB 108ms
108ms XHR
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

26be127ece0400f85ff5ca3fdf206b094cb4af30d7955fee2fefce9374637a61

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-frnneE-kWN_9ocCxXRSOWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:21 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-frnneE-kWN_9ocCxXRSOWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtDikmLw0ZBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_Fw3J04Zz2bwI07W2YyAwAJ1TGY"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 05 Mar 2024 11:58:21 GMT

GET
DATA 200
OK truncated
/ Frame 3D91 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b4fbdc82f135a08fab5643804fc02fcedfe59da66d27949525c9f3c09f7fca8

Request headers

Referer
Origin: https://donorbox.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame 4C1B 10 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgtLOdNkCake2LIxo8nzYzk3QI_ow/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da0f3e2f8aa2ce342250808424eccbefb2129849e955b090e3fa5f4175bec032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4169
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 02:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 18:00:23 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame 4C1B 37 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgtLOdNkCake2LIxo8nzYzk3QI_ow/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4593f8753341196cc2324e4ab0b75837cc33a998fdb36851cd65167dd7c500c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14347
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 02:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 08:57:24 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4C1B 131 B
155 B 185ms
102ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 11:58:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 11:58:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 317ms
69ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 05 Mar 2024 11:58:22 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 4C1B 131 B
155 B 180ms
98ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 11:58:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 11:58:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 317ms
70ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 05 Mar 2024 11:58:22 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 4C1B 131 B
155 B 178ms
96ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 11:58:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 11:58:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 317ms
70ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 05 Mar 2024 11:58:22 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 316ms
71ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 05 Mar 2024 11:58:22 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 4C1B 131 B
155 B 181ms
100ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 11:58:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 11:58:22 GMT

POST
H2 204 rum Show response
donorbox.org/cdn-cgi/ Frame 3D91 0
157 B 91ms
91ms XHR
text/plain 2606:4700:10::6816:32f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donorbox.org/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:32f9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://donorbox.org/embed/forest-history-society-donate
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json

Response headers

date: Tue, 05 Mar 2024 11:58:21 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://donorbox.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 85f9ef0a7e9865bc-FRA

POST
H2 200 b Show response
r.stripe.com/ Frame E3DD 0
272 B 883ms
634ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902601040
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709639902600734
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame DDBE 0
273 B 634ms
428ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902809962
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709639902809675
access-control-allow-credentials: true
content-length: 0

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame 7793 13 KB
9 KB 81ms
81ms XHR
application/json 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d706a1fc6b66610d8cd00fbcdf838c927bb4b861bc25c29b4233ffb8059bf8e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcoYTscAAAAAM9KqIDhNEH8nQY_e9vOyA2M9YJz&co=aHR0cHM6Ly9kb25vcmJveC5vcmc6NDQz&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=rw5vvp89ikz5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 05 Mar 2024 11:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 11:58:21 GMT

GET
H2 200 hcaptcha-invisible-1f6c59c3982eff179fc5d02d754852d5.html Show response
js.stripe.com/v3/ Frame A9A4 71 KB
24 KB 48ms
48ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-1f6c59c3982eff179fc5d02d754852d5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

496a9f211c8a2c4f3d98c05064de0c18af9f8d47f21a73ef373e9764a3c0c712

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-go4NKd0rlVXQUNTp22Cip558xUPdziw0XMec8rVzB7o='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 2915
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-go4NKd0rlVXQUNTp22Cip558xUPdziw0XMec8rVzB7o='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:10:07 GMT
etag: W/"1f6c59c3982eff179fc5d02d754852d5"
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: xO3TQffwm_bGFSM4IGVct84mCAjzzaFYRlVJuoGm7ilUvjEvzaIehw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame DDBE 0
274 B 447ms
213ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902181233
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1709639902181047
access-control-allow-credentials: true
content-length: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame A9A4 474 B
915 B 44ms
44ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-1f6c59c3982eff179fc5d02d754852d5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/hcaptcha-invisible-1f6c59c3982eff179fc5d02d754852d5.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:57:33 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 50
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 04 Mar 2024 21:49:34 GMT
server: Cloudfront
etag: "741c7a42906bbd9aa745c3aea07bcd08"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: QDrPu5mkqL1W02RzIaycbEaP9rXRTK0D4yIi-qPJtIvOo1My58mfHw==

GET
H2 200 HCaptchaInvisible.html Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.20/ Frame 48F7 419 B
1 KB 228ms
43ms Document
text/html 2600:9000:275d:f400:b:1d09:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.20/HCaptchaInvisible.html?id=2445aec7-0b6e-44ff-8e73-68d7c561ac33&origin=https%3A%2F%2Fjs.stripe.com

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-1f6c59c3982eff179fc5d02d754852d5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:f400:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

7046e325bee6e4ffd4581616a2b76772f5749fbd45eb77998a1b5810ed476d2e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; connect-src 'self' https://hcaptcha.com https://.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://.hcaptcha.com; img-src 'self'; object-src 'none'; script-src 'self' https://hcaptcha.com https://.hcaptcha.com; style-src 'self' https://hcaptcha.com https://.hcaptcha.com; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
cache-control: max-age=60, stale-while-revalidate=900
content-length: 419
content-security-policy: base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; object-src 'none'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:58:20 GMT
etag: "4c0d839a05613b0f5d6f591f2ff1422c"
last-modified: Wed, 28 Feb 2024 17:12:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding,Origin
via: 1.1 7daf545331a4f565a58e22b0fa952528.cloudfront.net (CloudFront)
x-amz-cf-id: GuzcwDck9LpKhRZ9o2gMJMIh1ViPt4qb3ty9WLcGYNgkLDdGcUZFwg==
x-amz-cf-pop: FRA56-P11
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H3 200 log Show response
play.google.com/ Frame 4C1B 131 B
155 B 182ms
101ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 11:58:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 11:58:22 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4C1B 131 B
155 B 178ms
97ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 11:58:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 11:58:22 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame E3DD 0
273 B 767ms
436ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902601615
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709639902600919
access-control-allow-credentials: true
content-length: 0

GET
H2 200 elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html Show response
js.stripe.com/v3/ Frame 99A6 820 B
2 KB 42ms
42ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b44b2c7d9284c33b357e892a41d1c396c1d28dba57e5b65f8e86edfd969c73f8

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donorbox.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2310
cache-control: max-age=31536000
content-length: 820
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 11:19:53 GMT
etag: "7cdcfcabc14b295d272b2a3834c63c39"
last-modified: Mon, 04 Mar 2024 21:05:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-id: KVlh_5ffrnB0dDYBpf3zqzuNTqw9hu4nWpcO5h8f_7cRr7xSZ7zNeg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame E3DD 0
272 B 760ms
436ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902601060
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709639902600842
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 189ms
72ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 05 Mar 2024 11:58:22 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 187ms
72ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 05 Mar 2024 11:58:22 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 shared-ef74aa054e59fdac81b538dfec92a050.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 99A6 537 KB
117 KB 47ms
46ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:43 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2921
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"d49550815942227dc97b7500620f7224"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 85dloNBj5raznPktqlmS_Rkoc8pYuf2Jlbw21QXrdEYgOXIbX0apiA==

GET
H2 200 ui-shared-1bf6ace40c8ba59385d7846cb107d9c6.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 99A6 414 KB
107 KB 51ms
50ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-1bf6ace40c8ba59385d7846cb107d9c6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9ff1964bffc8efed18dfd92699b69a974e6f354348b0743c31a6784384eb7c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:39:04 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1175
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"1a73e2c92e7625b5ccbedca19583ed45"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Z96WkWZ2YikY-qEOGMgSZrGazbEVqEsSReZI_loWcjWDcDeHsIGsSQ==

GET
H2 200 elements-inner-payment-request-5045daf48c86b743da2874b548c46415.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 99A6 73 KB
23 KB 50ms
49ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-5045daf48c86b743da2874b548c46415.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

80354fb397ad4656fa5814c41d9fd5464583c402b2b5a95cb649875927931743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:10:07 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2895
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 18:06:16 GMT
server: Cloudfront
etag: W/"654586738640c3c5cbfea23a1dc67e7d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: cf6AVWfUY-d5XOpfK1Lzse4f3cS0-3vHjPJ4rqq-E_soZi7lKHmXfw==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 99A6 20 KB
3 KB 45ms
45ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:09:17 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2946
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 21:06:52 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: nT4bAa08Cvo5We_gRRRlScxEdJSzy2FVeVXpFpGPGSZFBB7c6z-edg==

GET
H2 200 elements-inner-payment-request-30c75c9984170b682d45e5a26a564e7b.css
js.stripe.com/v3/fingerprinted/css/ Frame 99A6 11 KB
3 KB 49ms
49ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-30c75c9984170b682d45e5a26a564e7b.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b86c2a2bbfa9454750609b50a03f9510289842fc2268544bfc53921e1d9e65e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:10:07 GMT
content-encoding: br
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2895
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 18:06:05 GMT
server: Cloudfront
etag: W/"fa32759e8db8ce19c25f0147f1281e2d"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 2bDVg35e27pCaea3bjs_3iAu14FHUvzqXeC4WJ2cLqWO5Y5Vr_F78g==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 99A6 474 B
914 B 41ms
41ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:57:33 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 51
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 04 Mar 2024 21:49:34 GMT
server: Cloudfront
etag: "741c7a42906bbd9aa745c3aea07bcd08"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: SYtf1JSkm1TFK2AtWBzUvhQIAob7lns09xuDZr9ym1vb45JgowlR_Q==

GET
H2 200 de-1b3238726ff61c15f040048036c21672.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 99A6 159 KB
30 KB 46ms
46ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/de-1b3238726ff61c15f040048036c21672.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

52570bca4baf88a5a6a894c50b348353dcc38d0f6b68022475be7e3ea7ee1c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-7cdcfcabc14b295d272b2a3834c63c39.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:53:28 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 332
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 01 Mar 2024 22:43:19 GMT
server: Cloudfront
etag: W/"1b3238726ff61c15f040048036c21672"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 3bzBQ1uajeeXdIiZ3UGfALLH2vSC1EwGl2JLYrTDFZcawGzBDdDXaQ==

POST
H2 200 b Show response
r.stripe.com/ Frame E3DD 0
273 B 505ms
431ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902602337
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709639902601904
access-control-allow-credentials: true
content-length: 0

GET
H2 200 api.js Show response
hcaptcha.com/1/ Frame 48F7 376 KB
107 KB 175ms
60ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.20/HCaptchaInvisible.html?id=2445aec7-0b6e-44ff-8e73-68d7c561ac33&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8372e4920304819a1afe1cb4a33def279a032e5d0154b53df47d05abdfc8077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 1cd1c24523b61d46b093d317bb196d92.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: Y83AnVQfVaYtiCkhua7rz_C8xbCj9kI1
age: 0
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 26 Feb 2024 13:10:44 GMT
server: cloudflare
etag: W/"cf161ae1463888e6b05f1ecd1d11305b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 85f9ef0e2c89bfbe-WAW
x-amz-cf-id: _KrvCeUmZdXbuXTnGEYIuoRUOHJF-W_Cj_ke2I2qshf0qmaVSa8OyA==

GET
H2 200 vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~35711e2c.292fe004c7b932cf1066.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.20/ Frame 48F7 114 KB
35 KB 47ms
47ms Script
text/javascript 2600:9000:275d:f400:b:1d09:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.20/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~35711e2c.292fe004c7b932cf1066.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.20/HCaptchaInvisible.html?id=2445aec7-0b6e-44ff-8e73-68d7c561ac33&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:f400:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

fa38eebb1eca7c94241152ae35cec12209d942905dc49f6d00dbe50636441258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.20/HCaptchaInvisible.html?id=2445aec7-0b6e-44ff-8e73-68d7c561ac33&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 11:10:31 GMT
via: 1.1 7daf545331a4f565a58e22b0fa952528.cloudfront.net (CloudFront)
age: 2872
x-amz-cf-pop: FRA56-P11
x-cache: Hit from cloudfront
last-modified: Wed, 28 Feb 2024 17:12:29 GMT
server: Cloudfront
etag: W/"74e21b04fc13efe6e788fca7016ae74c"
vary: Accept-Encoding,Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
timing-allow-origin: *
x-amz-cf-id: lY-LHE33NIjJunWhPy00Ly3yW-_NGWXVKPuDF4bd0_umSCNDRJ21Mg==

GET
H2 200 HCaptchaInvisible.b27e55a4db75cd3e653a.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.20/ Frame 48F7 18 KB
7 KB 83ms
82ms Script
text/javascript 2600:9000:275d:f400:b:1d09:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.20/HCaptchaInvisible.b27e55a4db75cd3e653a.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.20/HCaptchaInvisible.html?id=2445aec7-0b6e-44ff-8e73-68d7c561ac33&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:f400:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

1a4f525d80a13304cfd01fb38dae9c118c952a65ba41168201849316389edba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.20/HCaptchaInvisible.html?id=2445aec7-0b6e-44ff-8e73-68d7c561ac33&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 11:47:15 GMT
via: 1.1 7daf545331a4f565a58e22b0fa952528.cloudfront.net (CloudFront)
age: 668
x-amz-cf-pop: FRA56-P11
x-cache: Hit from cloudfront
last-modified: Wed, 28 Feb 2024 17:12:28 GMT
server: Cloudfront
etag: W/"5c3a6ff7fd254a2eb476e4e980564068"
vary: Accept-Encoding,Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
timing-allow-origin: *
x-amz-cf-id: tDMTS3tk4roa1uUVKnakjBWFTQGc_FQfTgbglo82lXMogPvgDLeLGQ==

POST
H2 200 6 Show response
m.stripe.com/ Frame AF24 156 B
668 B 210ms
208ms XHR
application/json 52.35.242.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.242.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-242-184.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4b2c4b0143c69486f3bcbff81741ad2e6f6cdae1a6afa60e6294c7d8df4c3faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1709639902428579
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1709639902428397
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame AF24 156 B
668 B 259ms
257ms XHR
application/json 52.35.242.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.242.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-242-184.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4b2c4b0143c69486f3bcbff81741ad2e6f6cdae1a6afa60e6294c7d8df4c3faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1709639902477690
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1709639902477289
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 b Show response
r.stripe.com/ Frame E3DD 0
273 B 378ms
378ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902810380
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709639902809752
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/fadb9c6/static/ Frame 7DAA 2 KB
1 KB 75ms
58ms Document
text/html 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=t6p7d5g8thg

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e839fb7ec6eafa19458f7ad7cfd69905ad6a0dcc15572f501c647558215acc4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 576158
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 85f9ef0f1da0bfbe-WAW
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 11:58:22 GMT
last-modified: Mon, 26 Feb 2024 13:10:44 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 8dea89f951a7387e4ebbfe70f982f4a4.cloudfront.net (CloudFront)
x-amz-cf-id: cMXL4ioDay4_wptJR7Ls0igsC8Ci-bC7qMK-OAkgbOusNLaPLlY8zQ==
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: w380JAJSDRpHmjdLNet.Oei.HbAumRcl
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame DDBE 0
272 B 369ms
369ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902810071
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1709639902809793
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/fadb9c6/ Frame 7DAA 376 KB
106 KB 57ms
56ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/fadb9c6/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=t6p7d5g8thg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8372e4920304819a1afe1cb4a33def279a032e5d0154b53df47d05abdfc8077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=t6p7d5g8thg
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 1cd1c24523b61d46b093d317bb196d92.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: Y83AnVQfVaYtiCkhua7rz_C8xbCj9kI1
age: 576218
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 26 Feb 2024 13:10:44 GMT
server: cloudflare
etag: W/"cf161ae1463888e6b05f1ecd1d11305b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 85f9ef0f7dedbfbe-WAW
x-amz-cf-id: _KrvCeUmZdXbuXTnGEYIuoRUOHJF-W_Cj_ke2I2qshf0qmaVSa8OyA==

POST
H2 200 b Show response
r.stripe.com/ Frame 510C 0
273 B 228ms
228ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902810630
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709639902809909
access-control-allow-credentials: true
content-length: 0

POST
H2 200 checksiteconfig Show response
api.hcaptcha.com/ Frame 7DAA 719 B
807 B 91ms
72ms XHR
application/json 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/checksiteconfig?v=fadb9c6&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e842cad3585edc83461feb487ae597b0a91e524ff1ac4f25589e2e6f0ecf45f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Mar 2024 11:58:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 85f9ef104efdbfbe-WAW
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
alt-svc: h3=":443"; ma=86400

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/4753532/ Frame 7DAA 505 KB
220 KB 65ms
65ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/4753532/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0dc7511f9f3b8369a23f2a94f49b27b025a3719b0fba66b2c20701d6ab82820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=t6p7d5g8thg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 11:58:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: xYmORh03N7Se5zk_65rH8kcKE5HmZuvB
age: 333019
x-amz-cf-pop: VIE50-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 12:49:07 GMT
server: cloudflare
etag: W/"33b2f95bda4299b75e695ffc983fcda5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 85f9ef10cea835c7-WAW
x-amz-cf-id: 2O2z_ca64bt5ZFl30BSFO9LxLL8TWKOqmaTveE7kFSQRTM6_iZexTQ==

POST
H2 200 b Show response
r.stripe.com/ Frame DDBE 0
273 B 213ms
213ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:22 GMT
x-stripe-server-envoy-start-time-us: 1709639902947403
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709639902947264
access-control-allow-credentials: true
content-length: 0

POST
H3 200 463b917e-e264-403f-ad34-34af0ee10294 Show response
api.hcaptcha.com/getcaptcha/ Frame 7DAA 3 KB
4 KB 229ms
229ms XHR
application/octet-stream 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb28f1d04d5fa008b7eeeb5af63d8d30750dc98f11c1bbf66d3cbf147158511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json, application/octet-stream
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 11:58:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 85f9ef136a5b35c7-WAW
alt-svc: h3=":443"; ma=86400
content-length: 3234

POST
H2 200 b Show response
r.stripe.com/ Frame E3DD 0
273 B 215ms
215ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:23 GMT
x-stripe-server-envoy-start-time-us: 1709639903426235
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709639903425868
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame DDBE 0
273 B 214ms
214ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 11:58:24 GMT
x-stripe-server-envoy-start-time-us: 1709639904591927
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709639904591739
access-control-allow-credentials: true
content-length: 0

GET trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ Frame 3D91 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:13:11	Name: _GRECAPTCHA Value: 09AOiBZICC1zyoNUx6BDJnqKZlNvmm1n7jCLiCk7Ovka9c6KRTDyiaXvidFugeqlPKfeHIL3FRT96ncEGU4ttgQ9A
www.recaptcha.net/recaptcha	1970-01-20 23:13:11	Name: _GRECAPTCHA Value: 09AOiBZIBRDgZ2Qmr7I4jOcFNDEqBGtL0Pad3gQ1Hm6DMR1K-TtDccAl3bNJlFI6jKY-PObCQ6PEc0Ad_dC-43wg8
.foresthistory.org/	1970-01-21 04:29:59	Name: _ga_12E6RRK290 Value: GS1.1.1709639898.1.0.1709639898.0.0.0
.foresthistory.org/	1970-01-21 04:29:59	Name: _ga Value: GA1.2.1383941077.1709639898
.foresthistory.org/	1970-01-20 18:55:26	Name: _gid Value: GA1.2.347389830.1709639898
.foresthistory.org/	1970-01-20 18:53:59	Name: _gat_gtag_UA_107572205_1 Value: 1
.foresthistory.org/	1969-12-31 23:59:59	Name: sbjs_migrations Value: 1418474375998%3D1
.foresthistory.org/	1969-12-31 23:59:59	Name: sbjs_current_add Value: fd%3D2024-03-05%2011%3A58%3A18%7C%7C%7Cep%3Dhttps%3A%2F%2Fforesthistory.org%2F%7C%7C%7Crf%3D%28none%29
.foresthistory.org/	1969-12-31 23:59:59	Name: sbjs_first_add Value: fd%3D2024-03-05%2011%3A58%3A18%7C%7C%7Cep%3Dhttps%3A%2F%2Fforesthistory.org%2F%7C%7C%7Crf%3D%28none%29
.foresthistory.org/	1969-12-31 23:59:59	Name: sbjs_current Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29
.foresthistory.org/	1969-12-31 23:59:59	Name: sbjs_first Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29%7C%7C%7Cid%3D%28none%29
.foresthistory.org/	1969-12-31 23:59:59	Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.94%20Safari%2F537.36
.foresthistory.org/	1970-01-20 18:54:01	Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fforesthistory.org%2F
.donorbox.org/	1970-01-21 03:39:35	Name: cf_clearance Value: zwhemkI7Q2D7AIxDG.pGnbWNSZY7Z6txKl90lhbBF0M-1709639901-1.0.1.1-XXkMUBViiA8bgA1ixJKMhNLJidypCu6C6ZEKwpnqyMsg6ZjtABHkw6JXmg0W1p1vXwgSKbIBNkFRta5a901LvA
m.stripe.com/	1970-01-21 04:29:59	Name: m Value: a1bb197b-7373-42d5-a9e1-6fb58a5637c575601a
.google.com/	1970-01-20 23:17:31	Name: NID Value: 512=sO3CTEg_Jf78XPaRI3cLbqtcYMu4skf8aoDvF0NVAUyLRZIs5t3eoWNEqE4tNMzFEQDnIzCj75p6RWt4ARx0a64etc3QBDIl9W4IrEHGHDxuRyTHhIfKdsUx_KPJeHDfGwvAGKWz8Vq2pQiDF9elYqF40c41gCP4tVsOWdFCn_I
api.hcaptcha.com/	1970-01-20 19:37:11	Name: hmt_id Value: 5e16a8a5-ee3b-4a91-bc0d-7e55ea2b1b91

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://foresthistory.org/wp-content/plugins/envira-fullscreen/assets/js/min/fullscreen-min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://foresthistory.org/ Message: Refused to execute script from 'https://foresthistory.org/wp-content/plugins/envira-fullscreen/assets/js/min/fullscreen-min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://foresthistory.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hcaptcha.com
b.stripecdn.com
cdn.plaid.com
cdnjs.cloudflare.com
clients1.google.com
code.getmdl.io
cse.google.com
donorbox.org
fonts.googleapis.com
fonts.gstatic.com
foresthistory.org
hcaptcha.com
js.stripe.com
listgrowth.ctctcdn.com
m.stripe.com
m.stripe.network
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
merchant-ui-api.stripe.com
newassets.hcaptcha.com
pay.google.com
pixel.wp.com
platform.twitter.com
play.google.com
r.stripe.com
region1.google-analytics.com
rsms.me
static.cloudflareinsights.com
static.ctctcdn.com
stats.wp.com
syndication.twitter.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
js.stripe.com
104.18.40.153
104.19.218.90
104.19.219.90
104.244.42.200
18.173.154.89
18.66.192.79
192.0.76.3
192.124.249.62
198.202.176.201
2001:4860:4802:32::36
2600:9000:2724:8000:19:7d10:bd80:93a1
2600:9000:275d:f400:b:1d09:f200:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:32f9
2606:4700:3038::6815:eaea
2606:4700::6810:3965
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:801::200e
2a00:1450:4001:809::2004
2a00:1450:4001:809::2013
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c02::5c
52.35.242.184
54.186.23.98
99.86.4.122
0030f5a99c7993b12e2fabfd97fc80fca835db69e270cb872bfa8e8821af3d82
007b4be1404b0f21a158fa83a2ae9375393b2d932a17e9745aa392fcadc7cf2f
011be1a7d06d64e9a64d43718e308b8948667bb8c9990f1e30fbb24bc8acc792
012e697e2b92724cfc10b4b5f727215a7ebc1e1e2acb82dcaeb44828de15cecf
01401db122e54a4e6b1c3feb9657ca9c35935e74ac224d9bd1baf18c6f59b378
017708743c1840f532bcfa5fc151990362d260eedc3c36e594a5cc88e5793fbe
01bb2213f5d6e3f92508d32981156c1f83a6c9e09cf4cda560f7acf914d1b89c
04dd08cd5be76d0779ac2b77f734115d0fa01d5b6f14db00adca5433bdf30065
04ec0263d406e2e385454d1856eec5285a9033f5e4a38c19cebade6e99eb57d3
06e9cfa1e2fb5b8269f55ebb7dc5ced06737bc1e3faec047ca535265a9d7ac85
07b30766cc1afb6bbf525cfd253b5004ba328d55c66231a4eff57994d7786d7e
07edf301190a5745c3056264bafb12407c68cc770eab2712698e86c1dedf342a
0a0790d6a4bb58199698d88dd5e401c5b36efe408c9a19c605e7a1b040bada13
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ee9e2147125f0888ff09c3324a0956350e62732fb6a2b08dabcb43020d94321
119b33a47a786d9976e315e08f3b2989b21c13616e08db3ec7fa934037eb8ef5
11fed311b8bbc6c0d40c0073999b2202271432931a7d316908d22355f41c79c2
14c72abd41464695f9e138c16be7560263b368c5668db6580746d370a1f752d8
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1a4f525d80a13304cfd01fb38dae9c118c952a65ba41168201849316389edba3
1b08ac384e54019b85cf1465915d394d303ac0dce344ca1aad37602de17be103
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c8cc3cef0d65c2d9912b24f27bd2f42a79d10be8e00439562a3984f90f05bdd
1e5c66e74558c3d802ed1771873252457ea4a164ccd44aa8f635e66751cdc8fe
20057c526da6f66e9c1c2b587c85499ae6615ffaba5b7645ef6272ce913a3c1d
261cbb6d861fa5d0d050d3eb697b87372bbe782a8421fba9db51b3a8a2d0e532
26be127ece0400f85ff5ca3fdf206b094cb4af30d7955fee2fefce9374637a61
2977f53d6b12e6f52f665d17184d9d978ea0fcc0409cfad267cc1ac88b337543
2a8f4f190683b43293be4f24e69de0c56d2dba037a7ae8943162cedc5221045b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4fbdc82f135a08fab5643804fc02fcedfe59da66d27949525c9f3c09f7fca8
2bad60d9004c514fda44139715edfa08c65e7838883bd084146af6e38b611885
2dbff7662e9c81c2ccfb66649890710c47fcb8349713648f61ce04bcf35c9658
2e79351c933bdf83979b4b7b8aa2d7f0ae14949bf669fa3def952046dc285f05
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
31aa4e6fc6bf55de7f8db1bba3a1a2b7801f8033e78c3e303fc39cd5719357c4
3255c6bb221d23258351c0570963f50d51a2234dc7dfc7e6e43f165d81841403
3355529ad7583934b8dcc0c4659d4285876a7a15661e6c694aecbedeb830c343
33c8d878a61eecb8089da1d263052802341a4162a394d5b28fd4abc197382549
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
35e22c683e4b0ace93a102c512be16d583558c2cf6bfe2e874894981f3d92903
375cd0866100903ea8dd941ab323f78564bfc406a6055c729d8c14b284f1ca5e
37f59c2402a664140fb71c8363102bcd0188fea7f3061685626b84d551ad3a8a
3821543a0d5803edf8859a6a965d2b343363dafa34536a284908719384063ddc
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586
3b61d60ac69b3abd7c5f216c24b77cd4b75379568e039ab5640a23c7bc3460d0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4ebb76bf144efa926e5642a92d9a76c772e7899cbd42743839d80cd77b6521
401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349
44911234c76cda6c66b5407ba56cca9a1aa7beaa19b1f1370ecd3189403f654c
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
45c488cdf0e80b073ed2c729a8f5836101976f8e66d2ea87df605b09d0f4baa3
48f28b53674103f55c0db3450e3e5ffe8b9bd97ffebea1835b16c6546320bf57
496a9f211c8a2c4f3d98c05064de0c18af9f8d47f21a73ef373e9764a3c0c712
4b2c4b0143c69486f3bcbff81741ad2e6f6cdae1a6afa60e6294c7d8df4c3faa
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51655549ea6c53fd5cd07fdb64041a68f4dd0cb08b1d5a9c251b86e30eb8b64e
524fea35761d2dd09e0bdc660357cd742cab9daf53c44142b9ad7a3e986bf772
52570bca4baf88a5a6a894c50b348353dcc38d0f6b68022475be7e3ea7ee1c60
556856423e6f70e130c5d3a9e13b16f1baf03b97dee1badbcff2a3b24fcc79bc
5592d8f3d2f11a11caf928faef4d9e00b04b1aaa381d070e8b16b1423447a024
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5662a4faf4feb1773b40fc4101c5013a2a6a6cc80d0fb04d0ceadd8d5fc10ad9
5818466ac0ee2fa096794eb6d12b681dcd95632e277df64cb62f8e2f70470a2f
5a2f054cbb759bf8e3b602a7c2e416054d44603007f84e9718157d26f30bf9a7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be2bf85b705232bc685e7c86946aef65d7a41c7221380d5980d61c87f481182
5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f
5e41fe18034e0aafdb9c29af5228eb621a7d508b0fea8106e6867782566e5324
5e6ccfa30b73831d6528662ece5421627caab9f02289cf4902a0a4d67cdc1dd8
5fb28f1d04d5fa008b7eeeb5af63d8d30750dc98f11c1bbf66d3cbf147158511
604d1a1fd443aafd3143839c74524b73b3670e9d08c548656b73b2a5ea0aa9f7
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
616c53481d8c7ba1e75e24299da526ff46f0bb421c4a6a5fac883a13e549e305
622239c153d4bfc68dcc20e8fc09c55efe5c8153cb5b75ba2105ef3bb907f12d
62b658bca472f4eb438c6384ed624f42a08b19472b29f34cedaad0e2a6372ace
64ae2d4107bb537565785e5fb320b787cd3a0d4701bb22db1866ded28797a750
664fec8cb505055cbe9784b804934c15e380642f3fcdeee800859977cc6ec921
66eceeb4019d22fb070062d56c33b18128e6c0ba28fec8fa51a5672e80ead65b
673c1136f9b83e60edec4d2cae19a26f9f0d3ecab07e2dd36c91a0e4d53fe35d
6a26acdce0067282383fca3761b5d5cbcaf2486bb745cfc53b10d654f44499c7
6aa0e7d73209d195a5f8b80cebe7a2b5707c5799aac9d17bacfc3c403a0dd690
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca8050d203fbcb8613c5b13d0bf8cfccb60e97f82334702edd7a48d09489d68
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
7046e325bee6e4ffd4581616a2b76772f5749fbd45eb77998a1b5810ed476d2e
707c8f473ba1a9a5eb42d1f6f7f452bd888963152e7ae46fd1621dd1f6c635f8
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
711ea7d9e07452c8a699193af7c064b19a37ca298bb2aaf8913315ec8c3dd0b8
718952c911402ec66b9fa79cef94802492545f8bdf1b789802542f32e552a888
72ef5c242e9e720a8a938edd8fe0d9aefdafaa945336ed66b9d15a50022be958
73526c7c8cb533a80c1437cfcaa300b2a8775da0bb4541fc2ce20da10d48df33
73f584400ea87e094d291f0e5ac7541f97a4abff5613ff72f5d3f1e3afef97b3
7586d3325066bd1d3428d409000bb2d3d6c4993a1267522d17e05c729e1e16df
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78e9905ef747cd7be12545688d415c75a17ea6ebe44b75d9f80abead56ab52e2
79674b01741c3978417b6b9b4b98d125755e7bb468979d5cd593eac4b94cdb91
7991f4002b3d5ff9b64e26e5107367b88bcc059e21671d73841cb0ec91d955e7
7a72c35c384e58f7ba4e3a9ec93581e99a45cc1fa2e9ea5f763dbaa1cdd34c59
7ac43843183a82259cf5119ed253909aceff5bf9d4e022d7334a4ec8edb1a98a
7c5af827c820195b021e1750e5e9aa55ac5a62df868028ebe94daaef917251be
7e6ffec65c3e8e28310f6eb6a5a8310efff02d0c80b2d24ed247f7f97acd0e99
7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a
7fe31173952fddf73f89e1989949faef573a93f6b48c9431c5145962004a70b9
80354fb397ad4656fa5814c41d9fd5464583c402b2b5a95cb649875927931743
81edb1d59e4c4f339aa63e0fd46147601db7648c579eea7de8a6b744ec8b30fb
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
833e3d43ac734d24021aa896389a7ea2ec96119dfa15410659799aa5b29eb853
8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d
8653fc7f73da76d37385e380ac2d27748a8204d6ba7ad63421ce583f12f054d5
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8ccb44f6ac675a4e2fc8205541c2eedc2f193a162c77e5f8034e0e8c0c53302f
8d76d1ced7617819b9840686bfbd54fdf03c7239893c208ba45c4b94a21560d7
8da6c6cad34d3ea1ab694d4ab6f92aa4932aafeef8a47623ff101ef846943ed5
8e52a861dc26ff4608c50bd7ff89b65d0d6216a2afe7b47ce5d84544811ca400
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
90d6dbd3062567180f50cef5cb8d945d122bf82bc214ff2a467f31480863925d
91efe0c645666e35375765c90be70de312586b792922e8c755927e6ae80f0124
9217562c3b9d070ce8971ad1cef82e0bfd8e02a82466798313b8ca3ec6c2f831
92b8d968b3003432ed999ee6e01551e5e268f72bbddd3a63c44d7172958dcfeb
93378c6a055ba88a98e4103e5e69223de732a96d649bf122de263af0748c639c
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
98817a0981dd9664088a43613d59798402260c213c8856899c593bb69da62303
9902076f205c2c8238bf6e1f41bbb430b9191d57462f0467942ded5bd56b0069
9a46abb09577d5a9c00060d6095f4c636794ce3290a7a0d56d0e2e53da3bd093
9b814101cf60ce8c628991f20ebbb274e1b183600c94ab38c0d31162bbdef34c
9efb3c3c478916f95dd26b4d6c664a5ff18cbb3df8da939c88b55a5abf0fc81e
9ff1964bffc8efed18dfd92699b69a974e6f354348b0743c31a6784384eb7c3d
a0e66d0e41616f58c789e161601de897c7938ba5940ac5346648a31d0d2315ab
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a1ba38ebc00e90c8e6807f9b55d41bf3c53484448b5ea5f0b1a5ba80081ca3ef
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a5a7986184453ab9eddadd80c56f0cfd10ac22196192ae6b468919a942fe6ba9
aad054d9bcd13d27ae995c481a859df62b5f0cfd73cf82afbb278dd490d09d8c
ab163536256f997eaa5c8abba61c5fede7b55d4022d1b765fc67dd9c2929c4b4
ab7f07d2c342be5bc2dde8a358ddbf84adf615590e22bc2a5a0cde7daee383a1
ad84ac80d6b7a8005c8f4ecaec83a6ffc1a5b5790b95dbc412568d8b08cdc9ed
adc89d7d695381bf2118da87e677a2af4057f40e466cf6c1a9af963d3921e1e4
ae233461c72f5111f981e4865fc7d1c6426ab6153f9a2295eab72b7f2e3384f6
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
b0dc7511f9f3b8369a23f2a94f49b27b025a3719b0fba66b2c20701d6ab82820
b19772ae9445174ee2d5898ce3b5db794a576162f488ad8d7d5d4f3e18c2682e
b40916b7251105c0dd82dc3829efd6c9f76dc2729526e51703a861bf000ef79f
b44b2c7d9284c33b357e892a41d1c396c1d28dba57e5b65f8e86edfd969c73f8
b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a
b75680733c963f1aa84867ffb7f24efbdee876dadca952f4de484aff1069dd3e
b78cd144a4197660e028517c79a8e5d13c0dc38a07d5a57caebc24bacc185412
b78d169887f33e2c74931f488025a395b10da2de4429654c04f738667dba71b3
b7f75c9a1469a382c2286b4373588afe0255b86b3418803531bc05a0510f9d02
b86c2a2bbfa9454750609b50a03f9510289842fc2268544bfc53921e1d9e65e3
b8c4b192ff81d7aafad1c56a5b7f68f324945bdb63615d0bb62e9fb6ffa008f6
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c1cc9ec8126f7ff5055aa2336049adf0899660e88db4815622427f4e6f4820e5
c240ebcb869a7fa19c90fd91f9a88fda1aa2b9364175398ef2bc2788b407385f
c24ffe84a340b34a957c3a4cdd1c501aae9009bedb69377912e766ea0ecb336a
c2588b010b8c97cf994ee71528bda0da3332226d47f7158bb6b96a11d08f2fc4
c4593f8753341196cc2324e4ab0b75837cc33a998fdb36851cd65167dd7c500c
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca498fd237426005efacf7a449f17a3bb377e6a0cfa10ff187a29dccee9abe5d
cc6ff37976d1b8447fe846d1815ef5a365b5f5f87bec3f68beb352bf4d5a7ab1
cc75487ea5ae5e6cab27c457ee4bcb5a39ac8938159e46283ca447c516aa9782
cc75d3aea323f5d652afd2918cec8037507d87c799272361aba90d62dfb0cfe3
cd2166f9cb6e6d8b914d6a2e2f9b53f7638e654cad3b7644d8abaa8b1759c0a6
cd5bec1bbd16068173c15eb357598ed79583e19ceb4163290e77a13736efc497
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
ce744b894119cc2291561e32baa9eb3322411daeba20f628686a3cf977241abb
d0077522bcd4d7b7196bfec21c7e830d80d4515b2f4cba54ab5f24d2190159ae
d1add71086f306aa505025c2c760c20070edecb5bf7a4191ff3baf376528aa9f
d233c21fb2a8888b3c91ae4a18649f8e7fd3207a909b05eb22ed06c720feee97
d29e959c2b240d4c29ff1c54dc20ca64d8d628559710153f911712dd34a2ec28
d4223c8af6559b07a0bdd0fcf6409e763ad8b332128ffade1052a3b0bd02c44f
d4c9d8af8973013a915dcc237811fa3cf10f4819aaa39b9b9b3065410d1c548b
d5eba8577bf45f4377bf844b6bedecd4e19e869a5e6b12943d98640dd7231eaa
d706a1fc6b66610d8cd00fbcdf838c927bb4b861bc25c29b4233ffb8059bf8e3
d809e5e194d9762855a81f8e4002da916b66a81ddc4b3fbdaf770ce4aa0fb560
d8777c5a09b351235e2409ecd376c48fb201d11cf4abc9a0d68ddac6c045109a
d8e11fd0943858cacc2efe95e013aa6674903af281ba8fa1a92a390f391779d8
da0f3e2f8aa2ce342250808424eccbefb2129849e955b090e3fa5f4175bec032
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
ddb556af7474e46dda28fa2a2ffb4d2a5ca42345a33fb936149e639b74d46bc2
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e24a1c9677d5df5c74d2691fccf1e65cbb638963ab0fb0feaeb3c38ff880b391
e3427cd17c2fd03b97361719b425535ed77398fc90dbc7d2851eed28f8cbc416
e3a97c419af00df3f3a305892c79a4acfa2d32e01f0d4f481c4d07a29051361c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e839fb7ec6eafa19458f7ad7cfd69905ad6a0dcc15572f501c647558215acc4e
e842cad3585edc83461feb487ae597b0a91e524ff1ac4f25589e2e6f0ecf45f2
eac1bb2890c6ae6d2cc8653765f594f1209eda9eb0036eef9fde51299e883a5b
ebf9c90828af4132825d1a4e66d9b8896e34aa8438d601a1f633d4c3b6d63b21
ec2ac08111f1a25c77387c4212a72c0142a7b9ddaa5c44cc898c495866a9cff6
ec3504f4ea867e0b5cd06baa921986dfc25a419ea4a52158ae5101656f72b469
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988
ed7bceabcb074133a80989e56eadf8870fc7a473a405859ed2481c0c28fd8aa9
ef6d8c216bbf4cc66241abb798069aac7b42936a5deab4d8c39a0db07e3047f8
f3489cb3face5ed9acb78e4d75cdb0ca31239912bd4188a1fb674e6638e0eb5e
f3a531a933d649e125e1a79d2e43c7f48f71aaf457d2847c1c8efea16e3cc23c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f45615ee02a1efcb9087f96b4c49673fa986cd4db913cba03abfe6b2abd97e7d
f59523fc9af0a5e3a873ab795e17eca71e41a82187fc63be3af158847aeeaa48
f8372e4920304819a1afe1cb4a33def279a032e5d0154b53df47d05abdfc8077
f86da5e9aacdcab57c6381b2053c36e9ef22ffe815d128b1a80083dbda3f480d
f8dcd2719735d9aa79c4e7a41005b9a3c3ba50b5e9a92d0a037439d35d056c8a
fa38eebb1eca7c94241152ae35cec12209d942905dc49f6d00dbe50636441258
faa4182d37f4a876fdefa28b7fca2aa96828bee459d25bbeeee133d16ea767d0
fbb15691847a9d00cccde29feffb123265276d22f209d0371183dd19af854a89
fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c
ff29027eaba5c7183da31a4ff49f9fbaa7708bed36cdf3f91e5f15a8b30c838e
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
ffc8c5bf522003e4762af762c814b29df1f60fd4585029b896d442f7b6dee625

foresthistory.org Open in urlscan Pro 192.124.249.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

312 Requests

99 %HTTPS

66 %IPv6

21 Domains

37 Subdomains

36 IPs

4 Countries

12764 kBTransfer

31721 kBSize

17 Cookies

18 Outgoing links

Page URL History

Redirected requests

312 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

foresthistory.org Open in urlscan Pro
192.124.249.62 Public Scan

Screenshot
Live screenshot

Full Image

312
Requests

99 %
HTTPS

66 %
IPv6

21
Domains

37
Subdomains

36
IPs

4
Countries

12764 kB
Transfer

31721 kB
Size

17
Cookies

312 HTTP transactions
2 data transactions