wf.goldentree.si Open in urlscan Pro
52.206.163.162 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wf.goldentree.si/
Submission: On December 28 via api (December 28th 2023, 12:58:29 pm UTC) from US — Scanned from US

Summary HTTP 75 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 21 domains to perform 75 HTTP transactions. The main IP is 52.206.163.162, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is wf.goldentree.si.
TLS certificate: Issued by R3 on December 28th 2023. Valid for: 3 months.

This is the only time wf.goldentree.si was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.206.163.162 52.206.163.162	14618 (AMAZON-AES) (AMAZON-AES)
9	2600:9000:21e... 2600:9000:21ea:1a00:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	13.225.210.182 13.225.210.182	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
1 2	91.240.216.164 91.240.216.164	48894 (OPTIMUS-AS) (OPTIMUS-AS)
19	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	108.138.106.126 108.138.106.126	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:2925	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	18.164.96.46 18.164.96.46	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
3	20.10.16.51 20.10.16.51	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	23.51.57.192 23.51.57.192	16625 (AKAMAI-AS) (AKAMAI-AS)
9	148.251.44.50 148.251.44.50	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:440... 2606:4700:4400::ac40:992a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	64.202.112.255 64.202.112.255	23352 (SERVERCEN...) (SERVERCENTRAL)
4	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
75	27

1 52.206.163.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-163-162.compute-1.amazonaws.com

wf.goldentree.si	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:21ea:1a00:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.210.182 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-210-182.ewr50.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.240.216.164 (Slovenia) 1 redirects

ASN48894 (OPTIMUS-AS, SI)

goldentree.si	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.goldentree.si	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2925 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.midas-network.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-46.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.10.16.51 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

z.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.51.57.192 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-192.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 148.251.44.50 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.50.44.251.148.clients.your-server.de

bin.livenetlife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engine.livenetlife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:992a (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	gstatic.com fonts.gstatic.com	551 KB
9	livenetlife.com bin.livenetlife.com — Cisco Umbrella Rank: 493059 engine.livenetlife.com	117 KB
9	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 6575	412 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 z.clarity.ms — Cisco Umbrella Rank: 7336 c.clarity.ms — Cisco Umbrella Rank: 1377	28 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1020 trc.taboola.com — Cisco Umbrella Rank: 648 trc-events.taboola.com — Cisco Umbrella Rank: 2040	24 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2795 tr.outbrain.com — Cisco Umbrella Rank: 2619 wave.outbrain.com — Cisco Umbrella Rank: 2771	9 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	260 KB
3	goldentree.si 1 redirects wf.goldentree.si goldentree.si www.goldentree.si	7 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	69 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29	10 KB
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 8444	421 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 228	765 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	254 B
1	midas-network.com cdn.midas-network.com — Cisco Umbrella Rank: 114995	208 B
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	4 KB
75	21

	Domain	Requested by
19	fonts.gstatic.com	fonts.googleapis.com
9	assets-global.website-files.com	wf.goldentree.si
5	engine.livenetlife.com
4	trc-events.taboola.com	cdn.taboola.com
4	bin.livenetlife.com	wf.goldentree.si bin.livenetlife.com
3	z.clarity.ms	www.clarity.ms
3	www.googletagmanager.com	goldentree.si www.googletagmanager.com
2	tr.outbrain.com	amplify.outbrain.com
2	c.clarity.ms	1 redirects
2	trc.taboola.com	cdn.taboola.com
2	www.youtube.com	wf.goldentree.si www.youtube.com
2	www.clarity.ms	wf.goldentree.si www.clarity.ms
2	connect.facebook.net	wf.goldentree.si connect.facebook.net
1	wave.outbrain.com	amplify.outbrain.com
1	trackcmp.net	wf.goldentree.si
1	amplify.outbrain.com	wf.goldentree.si
1	c.bing.com	1 redirects
1	www.facebook.com	wf.goldentree.si
1	www.google.com	wf.goldentree.si
1	script.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	cdn.midas-network.com	wf.goldentree.si
1	static.hotjar.com	wf.goldentree.si
1	cdn.taboola.com	wf.goldentree.si
1	www.goldentree.si	wf.goldentree.si
1	goldentree.si	1 redirects
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	wf.goldentree.si
1	cdn.jsdelivr.net	wf.goldentree.si
1	ajax.googleapis.com	wf.goldentree.si
1	wf.goldentree.si
75	32

This site contains links to these domains. Also see Links.

Domain
app.goldentree.de

Subject Issuer	Validity	Valid
wf.goldentree.si R3	`2023-12-28` - `2024-03-27`	3 months	crt.sh
*.website-files.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-06` - `2024-01-04`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-12` - `2024-05-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
bin.livenetlife.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-15` - `2024-02-16`	a year	crt.sh
engine.livenetlife.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-15` - `2024-02-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://wf.goldentree.si/
Frame ID: 4B410B638ED71ADA2A8BBBACD45CAF01
Requests: 75 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Golden Tree Webflow Structure

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

75
Requests

97 %
HTTPS

57 %
IPv6

21
Domains

32
Subdomains

27
IPs

3
Countries

1672 kB
Transfer

4141 kB
Size

32
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://app.goldentree.de/flow/ageless-ob4-d2-v3-1/sp/ageless-v1
Title: => VIDEO: How to Look Years Younger Without Plastic Surgeons (Aging Reverse)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://goldentree.si/tracking/tracking.js HTTP 301
https://www.goldentree.si/tracking/tracking.js

Request Chain 53

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1139377579A44BDFB9D46D60C0AF736D&RedC=c.clarity.ms&MXFR=2837BB18F4C566DC3F70A8EDF0C56879 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1139377579A44BDFB9D46D60C0AF736D&MUID=26A8FF49684760441665ECBC69CD61BE

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wf.goldentree.si/ 15 KB
6 KB 1023ms
841ms Document
text/html 52.206.163.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.206.163.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-163-162.compute-1.amazonaws.com
Software: /
Resource Hash: 3323eddfa3e3c2f26f2176d781d5cf5bcee2a75979a47307b8b91b1ab92d174a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 5857
content-type: text/html
date: Thu, 28 Dec 2023 12:58:21 GMT
vary: x-wf-forwarded-proto, Accept-Encoding
x-cache: MISS
x-cache-hits: 0
x-cluster-name: us-east-1-prod-hosting-red
x-lambda-id: e6766f9f-87a3-44e0-a0fb-402dff1e0da7
x-served-by: cache-iad-kiad7000028-IAD
x-timer: S1703768301.534637,VS0,VE796

GET
H2 200 goldentree.c10261880.css
assets-global.website-files.com/65190c015016f10da9f0e5be/css/ 305 KB
42 KB 160ms
76ms Stylesheet
text/css 2600:9000:21ea:1a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/65190c015016f10da9f0e5be/css/goldentree.c10261880.css
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:1a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4d734c8dc9b78c5effcb03af55a48e1a20acfc0042e5cbb0c3fcb31f34f1829

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
content-encoding: gzip
via: 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront)
x-amz-version-id: AKBQxgQaiViVxQn9vKwZgD7no8JrKJKP
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 42131
last-modified: Thu, 28 Dec 2023 12:35:53 GMT
server: AmazonS3
etag: "b9fc05f3f3747307efa6806cc858f3d3"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 0L0TOErDGzcNg1pDaIyKOPoa97h0yKKUBWC1jk4G2EqGci29IRtvCQ==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 87ms
24ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: wf.goldentree.si
URL: https://wf.goldentree.si/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 11:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Dec 2024 11:21:42 GMT

GET
H2 200 richtext.js Show response
cdn.jsdelivr.net/npm/@finsweet/attributes-richtext@1/ 8 KB
4 KB 106ms
28ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@finsweet/attributes-richtext@1/richtext.js

Requested by

Host: wf.goldentree.si
URL: https://wf.goldentree.si/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c699eb55ae3fe61b3d783c8936ab1eb949c596a5c89118f703e328ede2b8308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Dec 2023 12:58:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 31118
x-jsd-version: 1.10.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3918
x-served-by: cache-fra-etou8220054-FRA, cache-nyc-kteb1890063-NYC
x-jsd-version-type: version
etag: W/"2147-I41v+oq443LPQB6aPqMil27q9QY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 109ms
32ms Script
application/javascript 13.225.210.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=65190c015016f10da9f0e5be
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.210.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-210-182.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://wf.goldentree.si/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 21:12:16 GMT
content-encoding: gzip
via: 1.1 64142199656297b56ef863f9ccc0c102.cloudfront.net (CloudFront)
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
age: 56769
x-amz-cf-pop: EWR50-C1
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-id: nnw-ArxzLI3-kcjM4wKBnTn0U07qSa3ta1k0qM5ExX39hMYA_QvxEw==

GET
H2 200 goldentree.5e27ef89f.js Show response
assets-global.website-files.com/65190c015016f10da9f0e5be/js/ 694 KB
109 KB 112ms
29ms Script
text/javascript 2600:9000:21ea:1a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/65190c015016f10da9f0e5be/js/goldentree.5e27ef89f.js
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:1a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4e554cbe3c916b973ca8bb27b8451a59596f4091800061637e6c65073b76b1e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 05:53:13 GMT
content-encoding: gzip
via: 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront)
x-amz-version-id: th7lUyXiMyGO5gh0Dw3PHb81h6OgZlqn
age: 25509
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 110786
last-modified: Wed, 27 Dec 2023 22:23:57 GMT
server: AmazonS3
etag: "8c6ee02d809658c150f3c323ed4b1a11"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: D4-RbgDCk8Eq4uVjCxR1HTkHugfuhElScYRRhYTYRClbBAwcEo4Kdg==

GET
H2 200 css
fonts.googleapis.com/ 112 KB
4 KB 99ms
43ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,300italic,400,400italic,700,700italic,900,900italic%7COpen+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CPT+Serif:400,400italic,700,700italic%7CGreat+Vibes:400%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CNoto+Serif:regular,700%7COutfit:regular,600

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67913e48fb740e981f661b2807b8124f010cafddd35eb5a4105abe1ac563d8f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 12:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 12:58:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 12:58:21 GMT

GET
H2

200

tracking.js Show response
www.goldentree.si/tracking/
Redirect Chain

https://goldentree.si/tracking/tracking.js
https://www.goldentree.si/tracking/tracking.js

369 B
533 B

163ms
132ms

Script
application/javascript

91.240.216.164
OPTIMUS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.goldentree.si/tracking/tracking.js

Requested by

Host: wf.goldentree.si
URL: https://wf.goldentree.si/

Protocol

Server

91.240.216.164 , Slovenia, ASN48894 (OPTIMUS-AS, SI),

Reverse DNS

Software

Apache /

Resource Hash

97fb4dcf1a8aeaf190f8d2669fc3e6dcd4ec0bd6a7aebadb189cda76cee9eda0

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
content-encoding: gzip
last-modified: Thu, 28 Dec 2023 05:09:39 GMT
server: Apache
etag: "171-60d8aec29451d-gzip"
vary: Accept-Encoding,User-Agent
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
cache-control: max-age=25920000, public
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 305

Redirect headers

location: https://www.goldentree.si/tracking/tracking.js
date: Thu, 28 Dec 2023 12:58:21 GMT
server: Apache
content-length: 254
content-type: text/html; charset=iso-8859-1

GET
H2 200 65190d6a61008515c90235ec_goldentree-logo.png
assets-global.website-files.com/65190c015016f10da9f0e5be/ 5 KB
5 KB 101ms
95ms Image
image/png 2600:9000:21ea:1a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/65190c015016f10da9f0e5be/65190d6a61008515c90235ec_goldentree-logo.png
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:1a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d62a59bb1ab4f01d288ad2160f9b17006748d0ff60e72dfb72122294f3fdd459

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
x-amz-version-id: 9TcP2nLaqS.lBs_TUZFD73SC8rpghyIC
via: 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront)
last-modified: Sun, 01 Oct 2023 06:10:52 GMT
server: AmazonS3
x-amz-cf-pop: EWR50-C1
etag: "441ae29ca51afb9179147df5ac37c156"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 5063
x-amz-cf-id: TL_9me2nPt_cK8GawVTwWAMxnr82yzhlTyfbG40GsW0kxKVuFMOlzQ==

GET
H2 200 6519101dea7612a0d206e43f_ageless-p2.jpeg
assets-global.website-files.com/65190c015016f10da9f0e5be/ 45 KB
45 KB 34ms
27ms Image
image/jpeg 2600:9000:21ea:1a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/65190c015016f10da9f0e5be/6519101dea7612a0d206e43f_ageless-p2.jpeg
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:1a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e63fcc8c6f678feb743f780ec5d5fc10f7b8d2e5c77cb4bcfc9fb22c1a9e597a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 16:08:52 GMT
x-amz-version-id: Eq0rg_6Fe9Plxre3AnuCSLCjwwku2xfL
via: 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront)
age: 74970
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 45847
last-modified: Sun, 01 Oct 2023 06:22:22 GMT
server: AmazonS3
etag: "0e18ac47a83b4da99ebcf063e1e01476"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: qVBGLWJUcIz6Y3YNSzeaK5Hc-WN5YiSrVbfeOpMzaa61YDtQN4BCCQ==

GET
H2 200 65191084ab38a999a5c4f6ca_ageless-pn.jpeg
assets-global.website-files.com/65190c015016f10da9f0e5be/ 30 KB
30 KB 96ms
90ms Image
image/jpeg 2600:9000:21ea:1a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/65190c015016f10da9f0e5be/65191084ab38a999a5c4f6ca_ageless-pn.jpeg
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:1a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b268dc197b98ad4a55b62573377fb3aa18cc354e7af56e32cab2810feb8ebcdb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
x-amz-version-id: 6X3VPYV7A6sByuVSAKUg9JwJnT.lUrxc
via: 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront)
last-modified: Sun, 01 Oct 2023 06:24:05 GMT
server: AmazonS3
x-amz-cf-pop: EWR50-C1
etag: "37badb8eed00e1f85852785f2c7f42de"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 30310
x-amz-cf-id: lNcrg2dpoMB9YXC2OohtMRiQyajyrFXXtt6nIpwAh0kAr1scUoinCQ==

GET
H2 200 65191114fb1dc81e9516ac85_ageless-pvsl.jpeg
assets-global.website-files.com/65190c015016f10da9f0e5be/ 30 KB
30 KB 70ms
65ms Image
image/jpeg 2600:9000:21ea:1a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/65190c015016f10da9f0e5be/65191114fb1dc81e9516ac85_ageless-pvsl.jpeg
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:1a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df4360be77e5a10b5ff27db726a4953ba7e4428bae7ad26c29b8d69e1518664a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
x-amz-version-id: 3obcGabUP.t0Bip_pH.jIbKCn7SR2o8X
via: 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 15:48:53 GMT
server: AmazonS3
x-amz-cf-pop: EWR50-C1
etag: "0ac3ef31d54fb759b07ac5f5ab3c4c8c"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-length: 30721
x-amz-cf-id: gk4SE94izvvgP3pk24DyRLNpE0lQ7vuWEHA9e7HLJ6P1v2b0ISoKvg==

GET
H2 200 65190c015016f10da9f0e61a_check-checkbox.svg
assets-global.website-files.com/65190c015016f10da9f0e5be/ 1 KB
954 B 99ms
94ms Image
image/svg+xml 2600:9000:21ea:1a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/65190c015016f10da9f0e5be/65190c015016f10da9f0e61a_check-checkbox.svg
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:1a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87294b73558298711a2bd246cce1cf529356056bbcad9f1922c258979addf117

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
x-amz-version-id: ax8bd_.NZFv8GAOBFFL2mLR85lcCFeq2
content-encoding: br
last-modified: Sun, 01 Oct 2023 06:04:51 GMT
server: AmazonS3
via: 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR50-C1
etag: W/"a89d974571da62db6351870eccd70048"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: Gvrj9pZWlqpTZsfIYjzHOmR_QDEnJxMocYPMwCixmsPFaPHC7AJlZA==

GET
H2 200 651a63b6cdf8f5f54ccfe6a2_gtn-fabjan-v2.png
assets-global.website-files.com/65190c015016f10da9f0e5be/ 99 KB
100 KB 38ms
33ms Image
image/png 2600:9000:21ea:1a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/65190c015016f10da9f0e5be/651a63b6cdf8f5f54ccfe6a2_gtn-fabjan-v2.png
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:1a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5dd3de6b20f817c0b18778650a946e94df6a275a7ee824453acdf377317f12db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 03:13:10 GMT
x-amz-version-id: RqOLI0GwhHz6S9KhDmaJ2FParII4YBXU
via: 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront)
age: 121512
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 101802
last-modified: Mon, 02 Oct 2023 15:47:44 GMT
server: AmazonS3
etag: "16c718bd9a4e14797e8a7d2019212954"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 2MwP6MIzk5r67P1F9Tk1dXkXvvRCvBvKENQsgFu6zSYKqRfgIOSrlA==

GET
H2 200 651a63b611b4ed7aad90e165_fabjan-proof.jpg
assets-global.website-files.com/65190c015016f10da9f0e5be/ 49 KB
49 KB 37ms
32ms Image
image/jpeg 2600:9000:21ea:1a00:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/65190c015016f10da9f0e5be/651a63b611b4ed7aad90e165_fabjan-proof.jpg
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ea:1a00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 079f4b6a0775850511a0917ff0cbe3e4bb0e94acb93cd9c9f7ccc7615df550d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:55:15 GMT
x-amz-version-id: _cRagjeYc4adPu8cex7dnelJcIePWD_s
via: 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront)
age: 7387
x-amz-cf-pop: EWR50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 49945
last-modified: Mon, 02 Oct 2023 15:48:39 GMT
server: AmazonS3
etag: "6162ae91397e9c9227d9c5cf619fd23e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: DvqSaruQJbCbK0Jp4QY4S5njM3rrQPJCDjMMejDI1md0MREcp4fFNA==

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 207ms
139ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300italic,400,400italic,700,700italic,900,900italic%7COpen+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CPT+Serif:400,400italic,700,700italic%7CGreat+Vibes:400%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CNoto+Serif:regular,700%7COutfit:regular,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:31:47 GMT
x-content-type-options: nosniff
age: 174394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19752
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 12:31:47 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 185ms
118ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 15:46:16 GMT
x-content-type-options: nosniff
age: 162725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19720
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:47:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 15:46:16 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 122ms
57ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 20:31:19 GMT
x-content-type-options: nosniff
age: 145622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 20:31:19 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 90ms
24ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 15:05:41 GMT
x-content-type-options: nosniff
age: 165160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19780
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 15:05:41 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 103ms
39ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 18:22:24 GMT
x-content-type-options: nosniff
age: 153357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 18:22:24 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 162ms
98ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 06:34:31 GMT
x-content-type-options: nosniff
age: 109430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19900
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 06:34:31 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 157ms
93ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 11:06:36 GMT
x-content-type-options: nosniff
age: 179505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19816
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:08:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 11:06:36 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 129ms
66ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 03:37:36 GMT
x-content-type-options: nosniff
age: 120045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 03:37:36 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 148ms
85ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 07:51:34 GMT
x-content-type-options: nosniff
age: 104807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 07:51:34 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 136ms
74ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 03:54:47 GMT
x-content-type-options: nosniff
age: 119014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 03:54:47 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
32 KB 190ms
128ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 15:34:06 GMT
x-content-type-options: nosniff
age: 163455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 15:34:06 GMT

GET
H2 200 EJRTQgYoZZY2vCFuvAFT_r21cg.woff2
fonts.gstatic.com/s/ptserif/v18/ 34 KB
34 KB 196ms
134ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRTQgYoZZY2vCFuvAFT_r21cg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb373bde18855c82a0ebf2946ea661ebd0be58a7fbabdf20f7744ecd9c0a9cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:02:33 GMT
x-content-type-options: nosniff
age: 136548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34896
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:54:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 23:02:33 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 29 KB
29 KB 184ms
122ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 08:10:01 GMT
x-content-type-options: nosniff
age: 103700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29588
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:28:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 08:10:01 GMT

GET
H2 200 EJRQQgYoZZY2vCFuvAFT9gaQZynfoA.woff2
fonts.gstatic.com/s/ptserif/v18/ 28 KB
28 KB 185ms
124ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRQQgYoZZY2vCFuvAFT9gaQZynfoA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cb3cfab3c562cbbb5a53accf433f65ed1cd0403ea3bdd6ceeb73bf87f23521c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:22:46 GMT
x-content-type-options: nosniff
age: 174935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28516
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:35:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 12:22:46 GMT

GET
H2 200 RWmMoKWR9v4ksMfaWd_JN9XFiaQ.woff2
fonts.gstatic.com/s/greatvibes/v18/ 34 KB
34 KB 196ms
135ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/greatvibes/v18/RWmMoKWR9v4ksMfaWd_JN9XFiaQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4828fd073a3b3ae17675d358262414d34cee95b4b94a4ab41a8e335a2015eb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:32:02 GMT
x-content-type-options: nosniff
age: 174379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34860
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:37:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 12:32:02 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 198ms
137ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 17:06:49 GMT
x-content-type-options: nosniff
age: 157892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 17:06:49 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 33 KB
34 KB 166ms
106ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 18:40:53 GMT
x-content-type-options: nosniff
age: 152248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 18:40:53 GMT

GET
H2 200 ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 42 KB
42 KB 175ms
115ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 21:03:39 GMT
x-content-type-options: nosniff
age: 143682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43212
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 00:59:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 21:03:39 GMT

GET
H2 200 QGYvz_MVcBeNP4NJtEtq.woff2
fonts.gstatic.com/s/outfit/v11/ 32 KB
32 KB 170ms
111ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/outfit/v11/QGYvz_MVcBeNP4NJtEtq.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45447a2b45991ea4e67ff0866444ca07fcf62c28dbfd5fa072ab76d3d0c46390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wf.goldentree.si
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 06:40:33 GMT
x-content-type-options: nosniff
age: 109068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32272
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:30:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 06:40:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 313 KB
94 KB 120ms
60ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRZF24T4

Requested by

Host: goldentree.si
URL: https://goldentree.si/tracking/tracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3b27e1411f2e288dd4ea77183f1687596b6e025a6d71c6b9f8a7d8dcd068fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95652
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Dec 2023 12:58:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 50ms
49ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RWGHZWP3P8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRZF24T4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d12bef9c2ea4df95c3f963f14eaf50371454a1275c0efb1f5536f38a0ac4b9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89428
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Dec 2023 12:58:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
79 KB 58ms
56ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-864228793

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRZF24T4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b84faf99322aae9aba102ede90db7d5df8664271bbe8e2e854a003bc1ab0ade2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80911
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Dec 2023 12:58:22 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1317669/ 64 KB
20 KB 155ms
92ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1317669/tfa.js
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2a472e022aebfa7c0061803af872e3e4885e7128f05a0f492be1a5f28cd6d50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 4Nsoud46cJYX9YC_gHFNvruyYGU7d8s6
content-encoding: gzip
via: 1.1 varnish
date: Thu, 28 Dec 2023 12:58:22 GMT
x-amz-request-id: TRZ2F1YC995JNPAV
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 19979
x-amz-id-2: QGQFBWuDINsWntCq1RavrADAYuTs0P3AN/QkSMiEf0HBaIW2L0a2/NWmPBhoiYqN5jBbKWWBm8Q=
x-served-by: cache-yyz4575-YYZ
last-modified: Sun, 24 Dec 2023 12:02:39 GMT
server: AmazonS3
x-timer: S1703768302.435032,VS0,VE63
etag: "f1956a1d239631c6c7bbfe624dc6814e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 64
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 hotjar-21226.js Show response
static.hotjar.com/c/ 10 KB
4 KB 112ms
38ms Script
application/javascript 108.138.106.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-21226.js?sv=6

Requested by

Host: wf.goldentree.si
URL: https://wf.goldentree.si/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-126.jfk50.r.cloudfront.net

Software

Resource Hash

66706f2ba853c1ca648012a6747f18e9da624b00fd3e7b765c177c48ac989b7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 28 Dec 2023 12:58:22 GMT
via: 1.1 c824f42276c55792245504036b5383fa.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 29
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/9fdcf1aa426986cbb26c3ff45126a07d
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: CpvqpPkUCAEJ-LOgPL5amKxyWonAw8TacP-dVyf6rACtf9jFmrv6Tg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 108ms
35ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: wf.goldentree.si
URL: https://wf.goldentree.si/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Dec 2023 12:58:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: t6/shXmnEGJBXy+ePICx5XYgXkl+kvFoVMoZ3el8T8cUGJsNvohqumisz4qa0JEmTJTqFRoNiuQ8+WnnuXZ6eA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jbhvm70vgd Show response
www.clarity.ms/tag/ 650 B
1012 B 146ms
43ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jbhvm70vgd
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fa661522c998ad713422db059c973ca219b01443e2faf0d826f9f52c9e2c86f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: -1
date: Thu, 28 Dec 2023 12:58:22 GMT
x-azure-ref: 20231228T125822Z-1tba2tvbnd1yt00r95mauwnp5000000002pg000000003g1z
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 154ms
52ms Script
text/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: wf.goldentree.si
URL: https://wf.goldentree.si/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 28 Dec 2023 12:58:22 GMT

GET
H2 200 695635df-7489-403c-bc59-4c01a8879a51
cdn.midas-network.com/MidasPixel/IndexAsync/ 0
208 B 383ms
294ms Image
text/plain 2606:4700:10::ac43:2925
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.midas-network.com/MidasPixel/IndexAsync/695635df-7489-403c-bc59-4c01a8879a51
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2925 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cache-control: private
cf-ray: 83c9f9725cb04bd8-BUF
content-length: 0
request-context: appId=cid-v1:a2c4a87b-281c-449d-94a9-899669266ec7

POST
H2 204 collect
www.google-analytics.com/g/ 0
254 B 111ms
38ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-RWGHZWP3P8&gtm=45je3bt0v890510038z89173730597&_p=1703768302126&gcd=11l1l1l1l1&dma=0&cid=332529123.1703768302&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703768302&sct=1&seg=0&dl=https%3A%2F%2Fwf.goldentree.si%2F&dt=Golden%20Tree%20Webflow%20Structure&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2164
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RWGHZWP3P8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 12:58:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wf.goldentree.si
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/864228793/ 2 KB
2 KB 107ms
46ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/864228793/?random=1703768302503&cv=11&fst=1703768302503&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v879416714&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwf.goldentree.si%2F&hn=www.googleadservices.com&frm=0&tiba=Golden%20Tree%20Webflow%20Structure&auid=1031156997.1703768302&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-864228793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26a6009f95ad4490f437035197b738cf078e0afe6aef3f3681e6ab161a7038f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 12:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.618aa075c4d9b6424e07.js Show response
script.hotjar.com/ 220 KB
55 KB 106ms
32ms Script
application/javascript 18.164.96.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.618aa075c4d9b6424e07.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-21226.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-46.jfk50.r.cloudfront.net

Software

Resource Hash

4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 10:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 614896
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55689
last-modified: Thu, 21 Dec 2023 10:09:33 GMT
etag: "6ed2c6300d63320c76677ced187741fc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: CaMBR5KfbDIElvMTeLW6IUTJNucsgDYPH3lZ-ezaaDATCormCLU9aQ==

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 63ms
61ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jbhvm70vgd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
content-encoding: br
last-modified: Wed, 13 Dec 2023 19:57:52 GMT
etag: W/"0x8DBFC15CAB825ED"
vary: Accept-Encoding
x-azure-ref: 20231228T125822Z-1tba2tvbnd1yt00r95mauwnp5000000002pg000000003g24
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 29f81644-a01e-003d-2b55-3758c0000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/da154528/www-widgetapi.vflset/ 216 KB
67 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:36:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 27 Dec 2024 12:36:12 GMT

GET
H2 200 312625448889138 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/312625448889138?v=2.9.138&r=stable&domain=wf.goldentree.si

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39bec9cc2c89c05b5d0613658582f9de392b5311e53339cfda5fe382c30cd57c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Dec 2023 12:58:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: WXXxDXJcPXvErP8ahyAA5ntwc2ggD1UrsSQ9HGtJ5PdhMS+JyAZPELB47SUJ/CLBYN/Zpyc54nsldY0NAp6C3w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1317669/trc/3/ 1 KB
1 KB 63ms
47ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1317669/trc/3/json?tim=1703768302595&data=%7B%22id%22%3A176%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1703768302582%2C%22cv%22%3A%2220231224-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwf.goldentree.si%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpopolnapostavadoo1732%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1703768302593%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwf.goldentree.si%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1317669/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b3185691440d54f4a4ec7d488c203d4b6a0a5255272e9abf08c241d764d961fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 27
date: Thu, 28 Dec 2023 12:58:22 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 14192
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-yyz4575-YYZ
x-log-content-encoding: gzip
server: nginx
x-timer: S1703768303.627604,VS0,VE27
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/864228793/ 42 B
455 B 111ms
43ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/864228793/?random=1703768302503&cv=11&fst=1703764800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v879416714&u_w=1600&u_h=1200&url=https%3A%2F%2Fwf.goldentree.si%2F&frm=0&tiba=Golden%20Tree%20Webflow%20Structure&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_V-woFn9qJGEZTTBBIrqMPY1L9ocBIQ&random=3872659075&rmt_tld=0&ipr=y

Requested by

Host: wf.goldentree.si
URL: https://wf.goldentree.si/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 12:58:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1555347/trc/3/ 3 KB
1 KB 47ms
46ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1555347/trc/3/json?tim=1703768302669&data=%7B%22id%22%3A17%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1703768302582%2C%22cv%22%3A%2220231224-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwf.goldentree.si%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpopolnapostavadoo1732%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1703768302601%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwf.goldentree.si%2F%22%2C%22tos%22%3A9%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1317669/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 60cbc222e9534c4e95e038cd44ba00a46ec567f97b1488b1fb22483009dc018d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms: 28
date: Thu, 28 Dec 2023 12:58:22 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.39325
x-fastly-to-nlb-rtt: 14854
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-yyz4575-YYZ
x-log-content-encoding: gzip
server: nginx
x-timer: S1703768303.683139,VS0,VE28
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
296 B 151ms
38ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://wf.goldentree.si/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://wf.goldentree.si
Date: Thu, 28 Dec 2023 12:58:22 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 333ms
28ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=312625448889138&ev=PageView&dl=https%3A%2F%2Fwf.goldentree.si%2F&rl=&if=false&ts=1703768302774&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703768302773.129259129&ler=empty&it=1703768302578&coo=false&rqm=GET

Requested by

Host: wf.goldentree.si
URL: https://wf.goldentree.si/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 28 Dec 2023 12:58:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1139377579A44BDFB9D46D60C0AF736D&RedC=c.clarity.ms&MXFR=2837BB18F4C566DC3F70A8EDF0C56879
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1139377579A44BDFB9D46D60C0AF736D&MUID=26A8FF49684760441665ECBC69CD61BE

42 B
442 B

43ms
33ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1139377579A44BDFB9D46D60C0AF736D&MUID=26A8FF49684760441665ECBC69CD61BE
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 12:58:22 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
server: Microsoft-IIS/10.0
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 12:58:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3D9CA114ED3F431A803213A40BFCE9B2 Ref B: EWR311000103021 Ref C: 2023-12-28T12:58:23Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1139377579A44BDFB9D46D60C0AF736D&MUID=26A8FF49684760441665ECBC69CD61BE
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 26 KB
8 KB 130ms
29ms Script
application/x-javascript 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 65ad11676484334621ffe4b268158ac58a8ac12c41bf51280cbd25eb42b7fa33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 12:58:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Dec 2023 13:05:32 GMT
Server: AkamaiNetStorage
ETag: "9e1e6021011fe5d6f6df980bd868010b:1703078880.424415"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: NA
Cache-Control: max-age=1200
X-CC: US
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7776
Expires: Thu, 28 Dec 2023 13:18:23 GMT

GET
H2 200 / Show response
bin.livenetlife.com/ 429 B
619 B 396ms
109ms Script
application/x-javascript 148.251.44.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bin.livenetlife.com/?CodeId=af6dceca-6e77-4b09-889f-34dc75aa9030&LNLReferer=https%3A%2F%2Fwf.goldentree.si%2F&cb=5137058650800508
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.44.251.148.clients.your-server.de
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c29279b13f29b194b6da1a9a6f40cb67b361a36783580f912102bf89a5a59419

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 12:58:22 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/x-javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-length: 429
expires: -1

GET
H2 200 visit Show response
trackcmp.net/ 0
421 B 193ms
105ms Script
text/javascript 2606:4700:4400::ac40:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/visit?actid=999980028&e=&r=&u=https%3A%2F%2Fwf.goldentree.si%2F
Requested by: Host: wf.goldentree.si
URL: https://wf.goldentree.si/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.24
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.24
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 53
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 83c9f977186c4bc7-BUF
content-length: 0

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 134ms
30ms Ping
image/gif 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=007587821759456292&referrer=&cht=gtm&marketerId=003c8121450e125ee6968af828c4ca107b&name=PAGE_VIEW&dl=https%3A%2F%2Fwf.goldentree.si%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 12:58:23 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 089fdb1be903fafdda518b7e937aad2f
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 119ms
27ms Script
application/javascript 64.202.112.255
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=003c8121450e125ee6968af828c4ca107b
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 12:58:23 GMT
content-encoding: br
X-TraceId: 43e3b521cd607b4e7f6d2deac8adff04
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 003c8121450e125ee6968af828c4ca107b Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 96ms
27ms Script
text/html 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/003c8121450e125ee6968af828c4ca107b
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 12:58:23 GMT
Content-Encoding: gzip
ob-sent-time: 1703739616109
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: NA
Cache-Control: max-age=60
X-CC: US
Connection: keep-alive
X-TraceId: 47f26d897385a1fe87689851329c72d0
Content-Length: 22
Expires: Thu, 28 Dec 2023 12:59:23 GMT

GET
H2 200 GetBaseScript.aspx Show response
bin.livenetlife.com/ 33 KB
9 KB 113ms
112ms Script
application/x-javascript 148.251.44.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bin.livenetlife.com/GetBaseScript.aspx?ETag=1267226427&CodeId=af6dceca-6e77-4b09-889f-34dc75aa9030
Requested by: Host: bin.livenetlife.com
URL: https://bin.livenetlife.com/?CodeId=af6dceca-6e77-4b09-889f-34dc75aa9030&LNLReferer=https%3A%2F%2Fwf.goldentree.si%2F&cb=5137058650800508
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.44.251.148.clients.your-server.de
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d4ef4efd7c302c20341b8e150bc6142cecbcf206930cad0f5932ca18ffb0e8c2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
etag: 1267226427
x-powered-by: ASP.NET
content-type: application/x-javascript
cache-control: public, max-age=86400, s-maxage=86400
content-length: 8909
expires: Fri, 29 Dec 2023 12:58:23 GMT

GET
H2 200 A5590E19E7A9C2332B8120D7C6CF1219.cache.js Show response
bin.livenetlife.com/ 329 KB
106 KB 113ms
112ms Script
application/javascript 148.251.44.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bin.livenetlife.com/A5590E19E7A9C2332B8120D7C6CF1219.cache.js
Requested by: Host: bin.livenetlife.com
URL: https://bin.livenetlife.com/GetBaseScript.aspx?ETag=1267226427&CodeId=af6dceca-6e77-4b09-889f-34dc75aa9030
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.44.251.148.clients.your-server.de
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad745703ff733507ed326327f64fe036a67fcb38fee744c8e00b3f3358c74648

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 12:58:22 GMT
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 17:19:49 GMT
server: Microsoft-IIS/10.0
etag: "80e8e8919f32da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 108592

GET
H2 200 CookiePic.aspx
bin.livenetlife.com/ 120 B
408 B 113ms
112ms Image
image/png 148.251.44.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bin.livenetlife.com/CookiePic.aspx?lnlu=567042b475dfd1e18441c1ad6f90d64bda94ca00&lnlg=0270ab9b704c8d1105f7d797a389082f0150300b&d=31536000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.44.251.148.clients.your-server.de
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e475e3d229c7520f0aaa901aca30f57d54dab5baccaa3ad3ab8420ef6c6d22da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 12:58:23 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
content-length: 120
expires: -1

POST
H2 200 StoreTextContent.aspx Show response
engine.livenetlife.com/ 36 B
176 B 480ms
224ms XHR
text/html 148.251.44.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.livenetlife.com/StoreTextContent.aspx
Requested by: Host:
URL: 0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.44.251.148.clients.your-server.de
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 133e726a5af4af9aefaba6ae608d29732a4cbe426d9baa91f9aede6e6a0362b2

Request headers

Referer: https://wf.goldentree.si/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 28 Dec 2023 12:58:23 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
296 B 35ms
35ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://wf.goldentree.si/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://wf.goldentree.si
Date: Thu, 28 Dec 2023 12:58:24 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 204 unip Show response
trc-events.taboola.com/1317669/log/3/ 0
246 B 127ms
33ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1317669/log/3/unip?en=pre_d_eng_tb&tos=1567&scd=0&ssd=1&est=1703768302591&ver=36&isls=true&src=i&invt=1500&msa=3475&rv=1&tim=1703768304159&vi=1703768302582&ri=9d9ad720a6e9428cd2f2be63636bd691&ref=null&cv=20231224-9-RELEASE&item-url=https%3A%2F%2Fwf.goldentree.si%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1317669/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://wf.goldentree.si
pragma: no-cache
date: Thu, 28 Dec 2023 12:58:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1555347/log/3/ 0
247 B 125ms
31ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1555347/log/3/unip?en=pre_d_eng_tb&tos=1568&scd=0&ssd=1&est=1703768302591&ver=36&isls=true&src=i&invt=1500&msa=3475&rv=1&tim=1703768304160&vi=1703768302582&ri=5863356e45d486009e8daa2eedad9a67&ref=null&cv=20231224-9-RELEASE&item-url=https%3A%2F%2Fwf.goldentree.si%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1317669/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://wf.goldentree.si
pragma: no-cache
date: Thu, 28 Dec 2023 12:58:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 200 Ping.aspx Show response
engine.livenetlife.com/ 0
34 B 112ms
112ms XHR
text/html 148.251.44.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.livenetlife.com/Ping.aspx
Requested by: Host:
URL: 0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.44.251.148.clients.your-server.de
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wf.goldentree.si/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 28 Dec 2023 12:58:23 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html

POST
H2 200 Ping.aspx Show response
engine.livenetlife.com/ 341 B
399 B 112ms
112ms XHR
text/html 148.251.44.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.livenetlife.com/Ping.aspx
Requested by: Host:
URL: 0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.44.251.148.clients.your-server.de
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb29fe6ed9dc4c151f7dcbd726d9fdb6012dacb199abb146abe5ae83c1c870ba

Request headers

Referer: https://wf.goldentree.si/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 28 Dec 2023 12:58:24 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
296 B 35ms
35ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://wf.goldentree.si/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://wf.goldentree.si
Date: Thu, 28 Dec 2023 12:58:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

POST
H2 200 Ping.aspx Show response
engine.livenetlife.com/ 341 B
399 B 112ms
112ms XHR
text/html 148.251.44.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.livenetlife.com/Ping.aspx
Requested by: Host:
URL: 0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.44.251.148.clients.your-server.de
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb29fe6ed9dc4c151f7dcbd726d9fdb6012dacb199abb146abe5ae83c1c870ba

Request headers

Referer: https://wf.goldentree.si/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 28 Dec 2023 12:58:25 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8

GET
H2 204 unip Show response
trc-events.taboola.com/1317669/log/3/ 0
246 B 35ms
31ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1317669/log/3/unip?en=pre_d_eng_tb&tos=4569&scd=0&ssd=1&est=1703768302591&ver=36&isls=true&src=i&invt=3000&msa=3475&rv=1&tim=1703768307161&vi=1703768302582&ri=9d9ad720a6e9428cd2f2be63636bd691&ref=null&cv=20231224-9-RELEASE&item-url=https%3A%2F%2Fwf.goldentree.si%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1317669/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://wf.goldentree.si
pragma: no-cache
date: Thu, 28 Dec 2023 12:58:27 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1555347/log/3/ 0
246 B 34ms
32ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1555347/log/3/unip?en=pre_d_eng_tb&tos=4570&scd=0&ssd=1&est=1703768302591&ver=36&isls=true&src=i&invt=3000&msa=3475&rv=1&tim=1703768307162&vi=1703768302582&ri=5863356e45d486009e8daa2eedad9a67&ref=null&cv=20231224-9-RELEASE&item-url=https%3A%2F%2Fwf.goldentree.si%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1317669/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wf.goldentree.si/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://wf.goldentree.si
pragma: no-cache
date: Thu, 28 Dec 2023 12:58:27 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 200 Ping.aspx Show response
engine.livenetlife.com/ 341 B
399 B 113ms
113ms XHR
text/html 148.251.44.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.livenetlife.com/Ping.aspx
Requested by: Host:
URL: 0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.44.50 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.50.44.251.148.clients.your-server.de
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb29fe6ed9dc4c151f7dcbd726d9fdb6012dacb199abb146abe5ae83c1c870ba

Request headers

Referer: https://wf.goldentree.si/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 28 Dec 2023 12:58:27 GMT
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.goldentree.si/	1970-01-20 19:25:44	Name: _gcl_au Value: 1.1.1031156997.1703768302
.goldentree.si/	1970-01-20 17:19:01	Name: last_contact_utm_source Value: direct
.goldentree.si/	1970-01-20 17:19:01	Name: last_contact_utm_medium Value: none
.goldentree.si/	1970-01-20 17:19:01	Name: utm_source Value: direct
.goldentree.si/	1970-01-20 17:19:01	Name: utm_medium Value: none
.goldentree.si/	1970-01-20 17:19:01	Name: lander Value: wf.goldentree.si/
.goldentree.si/	1970-01-20 17:19:01	Name: seo_content_grouping Value: 0
.goldentree.si/	1970-01-21 02:52:08	Name: _ga_RWGHZWP3P8 Value: GS1.1.1703768302.1.0.1703768302.0.0.0
.goldentree.si/	1970-01-21 02:52:08	Name: _ga Value: GA1.1.332529123.1703768302
www.clarity.ms/	1970-01-21 02:01:44	Name: CLID Value: 1d2b472a9a524674af2add53f0b8b1b2.20231228.20241227
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ZmwSVCbjFCI
.youtube.com/	1970-01-20 21:35:20	Name: VISITOR_INFO1_LIVE Value: 64FCPU46JS0
.goldentree.si/	1970-01-21 02:01:44	Name: _clck Value: lg9flf%7C2%7Cfhx%7C0%7C1457
.doubleclick.net/	1970-01-20 17:16:09	Name: test_cookie Value: CheckForPermission
.goldentree.si/	1970-01-21 02:01:44	Name: _hjSessionUser_21226 Value: eyJpZCI6IjFmNWQ1ZTZjLTdjMzktNTVmOC1iZTE5LWQ5OGJhOWExNzM2ZiIsImNyZWF0ZWQiOjE3MDM3NjgzMDI3NTIsImV4aXN0aW5nIjpmYWxzZX0=
.goldentree.si/	1970-01-20 17:16:10	Name: _hjFirstSeen Value: 1
.goldentree.si/	1970-01-20 17:16:10	Name: _hjIncludedInSessionSample_21226 Value: 0
.goldentree.si/	1970-01-20 17:16:10	Name: _hjSession_21226 Value: eyJpZCI6IjZkNjdlMDdhLThkYTAtNDgwNy05Yjg2LTVmNGYwYTY5ODQ0MiIsImMiOjE3MDM3NjgzMDI3NTMsInMiOjAsInIiOjAsInNiIjowfQ==
.goldentree.si/	1970-01-20 17:16:10	Name: _hjAbsoluteSessionInProgress Value: 0
.goldentree.si/	1970-01-20 19:25:44	Name: _fbp Value: fb.1.1703768302773.129259129
.goldentree.si/	1970-01-20 17:17:34	Name: _clsk Value: 1i80mot%7C1703768302926%7C1%7C1%7Cz.clarity.ms%2Fcollect
trackcmp.net/	1970-01-20 18:00:46	Name: cmp999980028 Value: 7f606b7803481229baf0a3aad782b7d9
.bing.com/	1970-01-21 02:37:44	Name: MUID Value: 26A8FF49684760441665ECBC69CD61BE
.c.bing.com/	1970-01-20 17:26:13	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:37:44	Name: SRM_B Value: 26A8FF49684760441665ECBC69CD61BE
wf.goldentree.si/	1970-01-20 17:16:08	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1703768303386%7D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:37:44	Name: MUID Value: 26A8FF49684760441665ECBC69CD61BE
.c.clarity.ms/	1970-01-20 17:26:13	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:16:08	Name: ANONCHK Value: 0
wf.goldentree.si/	1970-01-21 02:01:44	Name: lnl Value: %7B%22lnlu%22%3A%7B%22d%22%3A1735304304043%2C%20%22v%22%3A%22567042b475dfd1e18441c1ad6f90d64bda94ca00%22%7D%2C%20%22lnlg%22%3A%7B%22d%22%3A1735304304044%2C%20%22v%22%3A%220270ab9b704c8d1105f7d797a389082f0150300b%22%7D%7D
bin.livenetlife.com/	1970-01-21 02:03:14	Name: lnlxs Value: { "lnlu": { "e": "638709047040982659", "v": "567042b475dfd1e18441c1ad6f90d64bda94ca00" }, "lnlg": { "e": "638709047040982659", "v": "0270ab9b704c8d1105f7d797a389082f0150300b" }}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
amplify.outbrain.com
assets-global.website-files.com
bin.livenetlife.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.midas-network.com
cdn.taboola.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
engine.livenetlife.com
fonts.googleapis.com
fonts.gstatic.com
goldentree.si
googleads.g.doubleclick.net
script.hotjar.com
static.hotjar.com
tr.outbrain.com
trackcmp.net
trc-events.taboola.com
trc.taboola.com
wave.outbrain.com
wf.goldentree.si
www.clarity.ms
www.facebook.com
www.goldentree.si
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.youtube.com
z.clarity.ms
108.138.106.126
13.225.210.182
141.226.224.48
148.251.44.50
151.101.129.44
18.164.96.46
20.10.16.51
20.110.205.119
23.51.57.192
2600:9000:21ea:1a00:12:9e5f:cac0:93a1
2606:4700:10::ac43:2925
2606:4700:4400::ac40:992a
2607:f8b0:4006:809::200a
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::200e
2607:f8b0:4006:81d::2003
2620:1ec:bdf::40
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:400::485
52.206.163.162
64.202.112.255
91.240.216.164
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
079f4b6a0775850511a0917ff0cbe3e4bb0e94acb93cd9c9f7ccc7615df550d3
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
133e726a5af4af9aefaba6ae608d29732a4cbe426d9baa91f9aede6e6a0362b2
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
26a6009f95ad4490f437035197b738cf078e0afe6aef3f3681e6ab161a7038f4
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2c699eb55ae3fe61b3d783c8936ab1eb949c596a5c89118f703e328ede2b8308
3323eddfa3e3c2f26f2176d781d5cf5bcee2a75979a47307b8b91b1ab92d174a
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
39bec9cc2c89c05b5d0613658582f9de392b5311e53339cfda5fe382c30cd57c
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cb3cfab3c562cbbb5a53accf433f65ed1cd0403ea3bdd6ceeb73bf87f23521c
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45447a2b45991ea4e67ff0866444ca07fcf62c28dbfd5fa072ab76d3d0c46390
4828fd073a3b3ae17675d358262414d34cee95b4b94a4ab41a8e335a2015eb0c
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4fdfd40dc4640506829319a81fd61b379e2b70a0cdedddbc1218508085ceb888
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5dd3de6b20f817c0b18778650a946e94df6a275a7ee824453acdf377317f12db
60cbc222e9534c4e95e038cd44ba00a46ec567f97b1488b1fb22483009dc018d
65ad11676484334621ffe4b268158ac58a8ac12c41bf51280cbd25eb42b7fa33
66706f2ba853c1ca648012a6747f18e9da624b00fd3e7b765c177c48ac989b7e
67913e48fb740e981f661b2807b8124f010cafddd35eb5a4105abe1ac563d8f1
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
87294b73558298711a2bd246cce1cf529356056bbcad9f1922c258979addf117
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
97fb4dcf1a8aeaf190f8d2669fc3e6dcd4ec0bd6a7aebadb189cda76cee9eda0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
a2a472e022aebfa7c0061803af872e3e4885e7128f05a0f492be1a5f28cd6d50
ad745703ff733507ed326327f64fe036a67fcb38fee744c8e00b3f3358c74648
b268dc197b98ad4a55b62573377fb3aa18cc354e7af56e32cab2810feb8ebcdb
b3185691440d54f4a4ec7d488c203d4b6a0a5255272e9abf08c241d764d961fc
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b84faf99322aae9aba102ede90db7d5df8664271bbe8e2e854a003bc1ab0ade2
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c29279b13f29b194b6da1a9a6f40cb67b361a36783580f912102bf89a5a59419
c4e554cbe3c916b973ca8bb27b8451a59596f4091800061637e6c65073b76b1e
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
cb373bde18855c82a0ebf2946ea661ebd0be58a7fbabdf20f7744ecd9c0a9cfd
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d12bef9c2ea4df95c3f963f14eaf50371454a1275c0efb1f5536f38a0ac4b9fb
d4ef4efd7c302c20341b8e150bc6142cecbcf206930cad0f5932ca18ffb0e8c2
d62a59bb1ab4f01d288ad2160f9b17006748d0ff60e72dfb72122294f3fdd459
df4360be77e5a10b5ff27db726a4953ba7e4428bae7ad26c29b8d69e1518664a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e475e3d229c7520f0aaa901aca30f57d54dab5baccaa3ad3ab8420ef6c6d22da
e4d734c8dc9b78c5effcb03af55a48e1a20acfc0042e5cbb0c3fcb31f34f1829
e63fcc8c6f678feb743f780ec5d5fc10f7b8d2e5c77cb4bcfc9fb22c1a9e597a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b27e1411f2e288dd4ea77183f1687596b6e025a6d71c6b9f8a7d8dcd068fca
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa661522c998ad713422db059c973ca219b01443e2faf0d826f9f52c9e2c86f8
fb29fe6ed9dc4c151f7dcbd726d9fdb6012dacb199abb146abe5ae83c1c870ba

wf.goldentree.si Open in urlscan Pro 52.206.163.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

75 Requests

97 %HTTPS

57 %IPv6

21 Domains

32 Subdomains

27 IPs

3 Countries

1672 kBTransfer

4141 kBSize

32 Cookies

1 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wf.goldentree.si Open in urlscan Pro
52.206.163.162 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

97 %
HTTPS

57 %
IPv6

21
Domains

32
Subdomains

27
IPs

3
Countries

1672 kB
Transfer

4141 kB
Size

32
Cookies

75 HTTP transactions
0 data transactions