www.rainforthreport.com Open in urlscan Pro
2606:4700:4400::ac40:93a9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.rainforthreport.com/
Submission: On January 02 via api (January 2nd 2024, 2:22:21 am UTC) from US — Scanned from US

Summary HTTP 58 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 9 domains to perform 58 HTTP transactions. The main IP is 2606:4700:4400::ac40:93a9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rainforthreport.com.
TLS certificate: Issued by E1 on December 29th 2023. Valid for: 3 months.

This is the only time www.rainforthreport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:440... 2606:4700:4400::ac40:93a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2600:9000:226... 2600:9000:2269:ba00:4:b4b9:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.139.51.165 108.139.51.165	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:440... 2606:4700:4400::6812:21f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
58	10

7 2606:4700:4400::ac40:93a9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.rainforthreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2600:9000:2269:ba00:4:b4b9:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

substackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.51.165 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-51-165.jfk50.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:21f5 (United States)

ASN13335 (CLOUDFLARENET, US)

substack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	substackcdn.com substackcdn.com — Cisco Umbrella Rank: 22397	2 MB
7	rainforthreport.com www.rainforthreport.com	41 KB
6	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1429 cloudflareinsights.com — Cisco Umbrella Rank: 1410	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	233 KB
3	substack.com substack.com — Cisco Umbrella Rank: 20335	9 KB
2	google.com www.google.com — Cisco Umbrella Rank: 6	563 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	3 KB
2	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2526	95 KB
2	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 8509	4 KB
58	9

	Domain	Requested by
31	substackcdn.com	www.rainforthreport.com substackcdn.com substack.com
7	www.rainforthreport.com	www.rainforthreport.com substackcdn.com
4	cloudflareinsights.com	static.cloudflareinsights.com www.datadoghq-browser-agent.com
3	www.googletagmanager.com	substackcdn.com www.googletagmanager.com
3	substack.com	substackcdn.com substack.com
2	www.google.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.datadoghq-browser-agent.com	www.rainforthreport.com substack.com
2	static.cloudflareinsights.com	www.rainforthreport.com substack.com
2	js.sentry-cdn.com	www.rainforthreport.com substack.com
58	10

This site contains links to these domains. Also see Links.

Domain
substack.com
billricejr.substack.com
christopherrufo.com
www.phetasy.com
kassydillon.substack.com
thecavalryman.substack.com

Subject Issuer	Validity	Valid
www.rainforthreport.com E1	`2023-12-29` - `2024-03-28`	3 months	crt.sh
substackcdn.com Amazon RSA 2048 M02	`2023-03-14` - `2024-04-12`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-12` - `2024-12-14`	a year	crt.sh
substack.com Cloudflare Inc ECC CA-3	`2023-09-13` - `2024-09-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.rainforthreport.com/
Frame ID: F4D4C4E0D800109A440A47C73F6A96E4
Requests: 42 HTTP requests in this frame

Frame: https://substack.com/channel-frame
Frame ID: 903BB027C2C346D690524A3C176E71B5
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rainforth Report | Jeff Rainforth | Substack

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

58
Requests

100 %
HTTPS

90 %
IPv6

9
Domains

10
Subdomains

10
IPs

1
Countries

2382 kB
Transfer

6496 kB
Size

12
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://substack.com/@jeffrainforth
Title: Jeff Rainforth

Search URL Search Domain Scan URL

URL: https://billricejr.substack.com/?utm_source=homepage_recommendations&utm_campaign=1102435
Title: BBill Rice Jr.'s NewsletterBill Rice, Jr.

Search URL Search Domain Scan URL

URL: https://christopherrufo.com/?utm_source=homepage_recommendations&utm_campaign=1102435
Title: Christopher F. RufoChristopher F. Rufo

Search URL Search Domain Scan URL

URL: https://www.phetasy.com/?utm_source=homepage_recommendations&utm_campaign=1102435
Title: Beyond Parody with Bridget PhetasyBridget Phetasy

Search URL Search Domain Scan URL

URL: https://kassydillon.substack.com/?utm_source=homepage_recommendations&utm_campaign=1102435
Title: What in tarnation? w/Kassy DillonKassy Dillon

Search URL Search Domain Scan URL

URL: https://thecavalryman.substack.com/?utm_source=homepage_recommendations&utm_campaign=1102435
Title: TThe Cavalry - DispatchMatt Benacci

Search URL Search Domain Scan URL

URL: https://substack.com/tos
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://substack.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://substack.com/ccpa#personal-data-collected
Title: Information Collection Notice

Search URL Search Domain Scan URL

URL: https://substack.com/signup?utm_source=substack&utm_medium=web&utm_content=footer
Title: Start Writing

Search URL Search Domain Scan URL

URL: https://substack.com/app/app-store-redirect?utm_campaign=app-marketing&utm_content=web-footer-button
Title: Get the app

Search URL Search Domain Scan URL

URL: https://substack.com/
Title: Substack

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.rainforthreport.com/ 518 KB
35 KB 177ms
70ms Document
text/html 2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b6fc8a6e82a1d018fe319c7781fe3d9a1a4e3a73a9cbffd72d6066c3413100b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: HIT
cf-ray: 83ef88714eff4bbb-BUF
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 02 Jan 2024 02:22:12 GMT
etag: W/"819bb-J4luu0h8dSl6CztIJsXnNVIA++g"
link: <https://substackcdn.com>; rel=preconnect
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cluster: substack
x-deploy: 85b136f2d8
x-frame-options: sameorigin
x-powered-by: Express
x-served-by: Substack
x-sub: jeffrainforth

GET
H2 200 main.040cf7e878d6eaf219a5.css
substackcdn.com/bundle/theme/ 469 KB
58 KB 173ms
66ms Stylesheet
text/css 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/theme/main.040cf7e878d6eaf219a5.css
Requested by: Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 757838a27fe02232c5a8560ef0036b64c090af034afb365f23ce3a6ca77fed67

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 04:49:31 GMT
content-encoding: br
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 77562
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Sat, 29 Jun 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Sun, 31 Dec 2023 19:07:54 GMT
server: AmazonS3
etag: W/"040cf7e878d6eaf219a59dc161ab9307"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 1lTVNER3VWxIYY2LdXZ2_yJawL6hLXFHh4neJOXc3HWsKJK2CDv3lw==

GET
H2 200 color_links.0fb581553fbc852d4e4b.css
substackcdn.com/bundle/theme/ 2 KB
931 B 137ms
30ms Stylesheet
text/css 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/theme/color_links.0fb581553fbc852d4e4b.css
Requested by: Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72471a51ae7ffc4af3155280bce2974d8cd2d018d757c3ca45745868f3467268

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 02:25:07 GMT
content-encoding: br
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 86226
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Sat, 29 Jun 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Sun, 31 Dec 2023 19:07:54 GMT
server: AmazonS3
etag: W/"0fb581553fbc852d4e4bdb63c47c1e75"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: ArEVQ_t9xm68pu8i1QxDuY0tXnrFSf4-pqBiAE5QXal_2savytmeQA==

GET
H2 200 main.2d31fd1127f8b51946ac.css
substackcdn.com/bundle/ 339 KB
41 KB 141ms
35ms Stylesheet
text/css 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/main.2d31fd1127f8b51946ac.css
Requested by: Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e53e1b74c9d11e48dfcec15894d0ff6fc026b666901cf20114d9cecbd1fe887d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 23:17:31 GMT
content-encoding: br
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 11082
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Sat, 29 Jun 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Sun, 31 Dec 2023 19:07:54 GMT
server: AmazonS3
etag: W/"a128479479e300accbe8cd25699e4455"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: U39J8loYT8dYfK5pNMgLT2mjDLXuQ100VzyG17awVT0Q3dCA1UDzGw==

GET
H2 200 https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2Ffb85089d-7e18-49be-bab0-50d18510d249_1280x1280.png
substackcdn.com/image/fetch/w_96,c_limit,f_auto,q_auto:good,fl_progressive:steep/ 3 KB
4 KB 190ms
84ms Image
image/jpeg 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_96,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2Ffb85089d-7e18-49be-bab0-50d18510d249_1280x1280.png

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

b3802c375c84832fe27ab1c11fb29e0c3c5d047c971da1b3a66e2e1cc7f58691

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 18:23:53 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 374299
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="fb85089d-7e18-49be-bab0-50d18510d249_1280x1280.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 3352
x-request-id: jPk58SpzEsafOXeVUE8yD
server: imgproxy
etag: "BFcyhJUgw6kDr9UPxBpSsKXSMElaOAVla8V55nXtu48/RImRkNjNjYzhiZmU4MDM0MDIzZmYxN2MzMWNjY2VkMmZmIg"
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-id: B79uYtP1MRfuba240MJ7ahRN0qJgcPz5h-7KGOz4LDlfIBKpFIKvCA==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F93422b2c-d800-4f09-bbf6-aab529ab20dd_1219x682.png
substackcdn.com/image/fetch/w_848,h_565,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 67 KB
68 KB 196ms
90ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_848,h_565,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F93422b2c-d800-4f09-bbf6-aab529ab20dd_1219x682.png

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

12c813e96117b62d5250fef8ad07f001cff69577d5fa639f4d682ab2e3d65c86

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 02:03:04 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 260348
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="93422b2c-d800-4f09-bbf6-aab529ab20dd_1219x682.webp"
alt-svc: h3=":443"; ma=86400
content-length: 69006
x-request-id: 4F648ksmTXe7oSszggANE
server: imgproxy
etag: "42bUOQDRIq4NvKGKj1jTzMXsgKIfhdCJ8t_elnC60WE/RIjJhNDA0ZmM4YjE2Njk1Y2E3OTE3OTEzMTgyYzZmNTgyIg"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: 0Zp1UtutMO_5aZHoqn6-uuuTEsTAZgq9hxBT-Dhp0bcl_kszXf-YlQ==

GET
H2 200 https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2Ffb85089d-7e18-49be-bab0-50d18510d249_1280x1280.png
substackcdn.com/image/fetch/w_88,c_limit,f_auto,q_auto:good,fl_progressive:steep/ 3 KB
3 KB 192ms
87ms Image
image/jpeg 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_88,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2Ffb85089d-7e18-49be-bab0-50d18510d249_1280x1280.png

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

3b7701790d3478dbcd911f70726e403978951fa44790af1673c5321723e86d30

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 04:06:53 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 857719
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="fb85089d-7e18-49be-bab0-50d18510d249_1280x1280.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 3050
x-request-id: JMUuw_cY31Em2P0Mt1hGF
server: imgproxy
etag: "KpEvGLcOf77HgKHSbtA4DR-5GlsPYs2nTXoNQFZEZZ4/RImRkNjNjYzhiZmU4MDM0MDIzZmYxN2MzMWNjY2VkMmZmIg"
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-id: TgQ_7WXjts5e4b7RfMypVc-lX3GHjoYF-6HqUswwkM7P3HLj-LW8Kw==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1d1d2f30-c040-4251-a5d4-c1872ec45660_1200x626.png
substackcdn.com/image/fetch/w_1360,c_limit,f_webp,q_auto:best,fl_progressive:steep/ 323 KB
324 KB 145ms
144ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_1360,c_limit,f_webp,q_auto:best,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1d1d2f30-c040-4251-a5d4-c1872ec45660_1200x626.png

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

c134ca02e90b10159a93fcabbf5af0f74c48855f4877b1a9cd03481f8723a2c6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 15:30:21 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 125511
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="1d1d2f30-c040-4251-a5d4-c1872ec45660_1200x626.webp"
alt-svc: h3=":443"; ma=86400
content-length: 330448
x-request-id: ZR57KlHqAxetSP2mnRRdz
server: imgproxy
etag: "iWLEOGNAotTr_FUaiWo425O1NJlzfWt0WEaeu0x84jc/RIjI4MmU5MzhlMDA4ZjZjMDcwOTQ4MTA5ZDk1YmNlMTVhIg"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: 4MSyYpPAHkpsb4CfeuVFCF_96cCWVy1N_LKzn5JB_vVYCWelyfSlxQ==

GET
H2 200 6c2ff3e3828e4017b7faf7b63e24cdf8.min.js Show response
js.sentry-cdn.com/ 2 KB
2 KB 100ms
31ms Script
text/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/6c2ff3e3828e4017b7faf7b63e24cdf8.min.js

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

35fcf709c4681a08ad9b18cdfdcba10010a00820f7da106638f2a29234ed6b5a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src blob: data: ; frame-ancestors 'self' .sentry.io; object-src 'self'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; style-src 'unsafe-inline' ; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; media-src ; font-src * data:; base-uri 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=db58954966c20b0734c947be6f697c7a260aa956
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rainforthreport.com/
Origin: https://www.rainforthreport.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'none'; img-src blob: data: *; frame-ancestors 'self' *.sentry.io; object-src 'self'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; style-src 'unsafe-inline' *; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; media-src *; font-src * data:; base-uri 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=db58954966c20b0734c947be6f697c7a260aa956
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 Jan 2024 02:22:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 8
x-envoy-upstream-service-time: 52
content-length: 1224
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-5cd45975dd-vlr5j, cache-chi-kigq8000087-CHI, cache-nyc-kteb1890066-NYC
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.2ea7a7373446b611e1cd.bundle.js Show response
substackcdn.com/bundle/ 3 MB
701 KB 82ms
82ms Script
application/javascript 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/main.2ea7a7373446b611e1cd.bundle.js
Requested by: Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c0fa043bcf6b6cd8f4915cdff2528c78556d962e5b1e66c4109d2245856d6d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 19:20:32 GMT
content-encoding: br
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 25301
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Sat, 29 Jun 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Sun, 31 Dec 2023 19:07:54 GMT
server: AmazonS3
etag: W/"51b2967073a31a1f7282f563b8aee029"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 4WYXD3I-5N9Fcqi5brjU79unm_qfsp-4eMxVJMph5yMDF36rHNvAAg==

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 20 KB
7 KB 127ms
55ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:12 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83ef88724eca4bcf-BUF

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8412dd2f-c769-4736-89c6-052a827c3466_2048x1152.jpeg
substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 11 KB
12 KB 55ms
40ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8412dd2f-c769-4736-89c6-052a827c3466_2048x1152.jpeg

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

887cc87dd7f9b4ecae5e7a960018d64a2893578d4dd17d8a2e4cfc40f40f533e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 22:03:57 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 274696
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="8412dd2f-c769-4736-89c6-052a827c3466_2048x1152.webp"
alt-svc: h3=":443"; ma=86400
content-length: 11568
x-request-id: uaQCvGWjGRS_61x7T-Y2M
server: imgproxy
etag: "GTVfNGCsfHPjQCbkLdY5uf7xIc7hC0dcCTjQy1Sii5k/RIjY2YzBiNTdjZWUwOTA2NzA1OTgzMDQyNjkzNGM5YzA0Ig"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: G1M-w4hXvC8n6lm_TV1RY7n_AOSDikX-9zLcqfeBeyUleZb5kI5Yog==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F813e1233-939a-488a-8da5-7df15f34ac69_2048x1365.jpeg
substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 69 KB
70 KB 42ms
33ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

6a54ee412dd7f06378a99aef0d7f469e6281c6900ffb374d55be4fcf163fd2b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 18:23:54 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 374299
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="813e1233-939a-488a-8da5-7df15f34ac69_2048x1365.webp"
alt-svc: h3=":443"; ma=86400
content-length: 70582
x-request-id: p1j5HN_2XQeMKjC4ceSSE
server: imgproxy
etag: "GTVfNGCsfHPjQCbkLdY5uf7xIc7hC0dcCTjQy1Sii5k/RIjBkNzEyYjViMGM2MjE3M2ZmMmUyM2QyYTc4Y2E1YTY2Ig"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: J-PlODH4XfUpQnyXdOuVOFG-12EtEpCWbM0Gf1JxKpqkdwk9_waANg==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5686f5bd-c4c5-4fce-b370-37a32933d7f0_2265x1284.jpeg
substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 31 KB
32 KB 47ms
38ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F5686f5bd-c4c5-4fce-b370-37a32933d7f0_2265x1284.jpeg

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

43975965b2ca6a72e7fc77fc0c4c9832bb3e5a0e6717e03cb0248679062469d6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 11:12:35 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 745778
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="5686f5bd-c4c5-4fce-b370-37a32933d7f0_2265x1284.webp"
alt-svc: h3=":443"; ma=86400
content-length: 32252
x-request-id: ezFtQIjic6drSTwiGOTCU
server: imgproxy
etag: "GTVfNGCsfHPjQCbkLdY5uf7xIc7hC0dcCTjQy1Sii5k/RIjg3ZDlkYzg4NWViOTBmM2NiMWJlOWY5OTE3ZGY5OTYyIg"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: HiwdpNkFHTZouzw_B_r-CL7o9kag73njaxFzcA7ZLcxiwOpGgmvRkw==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2afa659d-9340-4d30-ac69-1a62589e7f1b_2048x1152.jpeg
substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 68 KB
68 KB 49ms
41ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2afa659d-9340-4d30-ac69-1a62589e7f1b_2048x1152.jpeg

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

ff5ee299b9cb6659595d1cf701ebd1010375d71cc395dff062877e8396953b9b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 02:00:49 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 260484
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="2afa659d-9340-4d30-ac69-1a62589e7f1b_2048x1152.webp"
alt-svc: h3=":443"; ma=86400
content-length: 69202
x-request-id: OPzP2xi6nNkJgUdoNnMNN
server: imgproxy
etag: "GTVfNGCsfHPjQCbkLdY5uf7xIc7hC0dcCTjQy1Sii5k/RImE4MTNlN2ZjZDA3OGIyMGM4MzVjNzMxMTdmNmMxNzA5Ig"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: XlU7arWBWj7InIot-CCVltBXM0NrHolCbnXKifmGoPO1Ebh4SFxAIg==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F263e2f30-07d3-472a-bb8c-233b6dbf56cf_2283x1284.jpeg
substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 74 KB
75 KB 50ms
42ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F263e2f30-07d3-472a-bb8c-233b6dbf56cf_2283x1284.jpeg

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

186d39c95229c873557ccf8aa83c6970440821a368cedf7bacbda3061b9f5953

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 02:00:49 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 260484
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="263e2f30-07d3-472a-bb8c-233b6dbf56cf_2283x1284.webp"
alt-svc: h3=":443"; ma=86400
content-length: 76146
x-request-id: sT60Kqmxb1t6Gx2rzj5T2
server: imgproxy
etag: "GTVfNGCsfHPjQCbkLdY5uf7xIc7hC0dcCTjQy1Sii5k/RImEyNjZjNTRmNTExZjc4YzBiY2JjMTAwMWZjYTE3MTA2Ig"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: Zo5oTJcW-dZWnyjGkXCdoNWJUSpXs_txCPHsitTLGqmzu5vqh9p2Jg==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2f950ad0-8bef-43f3-954d-ff71c6941224_4032x3024.jpeg
substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 36 KB
37 KB 51ms
47ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2f950ad0-8bef-43f3-954d-ff71c6941224_4032x3024.jpeg

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

08106a5230e79050f3b63fa20921e1833e1a2049be8fd21806900144b4125f2c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 02:00:49 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 260484
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="2f950ad0-8bef-43f3-954d-ff71c6941224_4032x3024.webp"
alt-svc: h3=":443"; ma=86400
content-length: 37224
x-request-id: 6CILPbyugwQS4DvNCQuFd
server: imgproxy
etag: "GTVfNGCsfHPjQCbkLdY5uf7xIc7hC0dcCTjQy1Sii5k/RIjUwYzQ0YjQ3ZmU3OTQyMjc3Mzc2ODBmNTdjYjM0NWFmIg"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: kxqvZ3hhn1nzSXjQJuWLYRHt_Q7oDtyPrrqwhTHNqO-3dmGainO0WA==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F42aac30e-948d-4fe0-8933-7805dd8d567f_2268x1276.jpeg
substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 54 KB
54 KB 54ms
49ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F42aac30e-948d-4fe0-8933-7805dd8d567f_2268x1276.jpeg

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

4e7f35d9fdd279c17fa26585627b61ec390c2bb388bad179567852613b0ce3d6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 02:00:49 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 260484
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="42aac30e-948d-4fe0-8933-7805dd8d567f_2268x1276.webp"
alt-svc: h3=":443"; ma=86400
content-length: 55032
x-request-id: JcRuvUMed71SKlS8byU1k
server: imgproxy
etag: "GTVfNGCsfHPjQCbkLdY5uf7xIc7hC0dcCTjQy1Sii5k/RImEyY2ZkZGQyYmViZTM2Mzg1OWNlNTE1ZGJlMGVlYmFjIg"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: gknLZpLLM1mp17Wz2tA9XmShIQ4gUui8HEQAsh8elMjyCFO4Z_b4rw==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fae29e70f-13b3-4e42-a97e-c8da181dd426_2048x1365.jpeg
substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 32 KB
32 KB 52ms
48ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fae29e70f-13b3-4e42-a97e-c8da181dd426_2048x1365.jpeg

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

d96a3b87e803af45f768d0176405f93d4a3ac6daddf04aa57065bf02b8e41a1f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 02:00:49 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 260484
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="ae29e70f-13b3-4e42-a97e-c8da181dd426_2048x1365.webp"
alt-svc: h3=":443"; ma=86400
content-length: 32566
x-request-id: goqR7rUV8XuCH92uRULbd
server: imgproxy
etag: "GTVfNGCsfHPjQCbkLdY5uf7xIc7hC0dcCTjQy1Sii5k/RImFjNzE2ODVhYjRkMzMxYzAxNGVkM2RmMGZiNzdjOTE4Ig"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: tTm37GkUDbns96v8YwA69w1lmvEyFayi3Dq1V-rm5rMhGG8_N-8Qkg==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4eecf83-8061-4bb0-8a58-b53e85ff8dd9_2254x1284.jpeg
substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 43 KB
44 KB 91ms
87ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb4eecf83-8061-4bb0-8a58-b53e85ff8dd9_2254x1284.jpeg

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

3b9e1d2dc41dbca8ded7e3fe7787c74b7111b00e6b2cee5f9b80dae0991c850f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 02:00:49 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 260484
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="b4eecf83-8061-4bb0-8a58-b53e85ff8dd9_2254x1284.webp"
alt-svc: h3=":443"; ma=86400
content-length: 44334
x-request-id: 34erggH1jMiWSuv56eq7N
server: imgproxy
etag: "GTVfNGCsfHPjQCbkLdY5uf7xIc7hC0dcCTjQy1Sii5k/RIjliMTZkYWZiYjliNjVkYWI5NTdlMGYwMjhkZTU5MTM0Ig"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: M59hOlpdKGvJV_Fcx32Mp3QnOaZSyhtjpV2RvNJDel1xTGrOQBFCoQ==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F505c1eb6-e8c3-4d53-8ba2-0aadb4fa31df_2048x1152.jpeg
substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 45 KB
46 KB 87ms
83ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F505c1eb6-e8c3-4d53-8ba2-0aadb4fa31df_2048x1152.jpeg

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

9e60b7e38754b9c79b516693370ead0253f27e7359edfa94ed303ecfe01b56da

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 02:00:49 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 260484
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="505c1eb6-e8c3-4d53-8ba2-0aadb4fa31df_2048x1152.webp"
alt-svc: h3=":443"; ma=86400
content-length: 46134
x-request-id: Bx0ORZzZ9tFguVhQ8qyyq
server: imgproxy
etag: "GTVfNGCsfHPjQCbkLdY5uf7xIc7hC0dcCTjQy1Sii5k/RImFhYzc5ZWE3OGY4NWZmZTVjNDkwYTc5MDczMGNjOTM5Ig"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: EhvozLqJ1c4RkcaIcfNNi-ZRpHxv0Q2B4HE02Q88-hkCBFAkTvKGKQ==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6572d47d-e33e-433c-9dbe-2b433db75435_2048x1365.jpeg
substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 55 KB
56 KB 94ms
91ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F6572d47d-e33e-433c-9dbe-2b433db75435_2048x1365.jpeg

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

4ffb4316ff4be7385712fbc30c09a6b34720ee516190f3fdcac7496ce73fa88e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 22:04:44 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 274649
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="6572d47d-e33e-433c-9dbe-2b433db75435_2048x1365.webp"
alt-svc: h3=":443"; ma=86400
content-length: 56578
x-request-id: miAzzPXeV-_pZnlaZFafV
server: imgproxy
etag: "GTVfNGCsfHPjQCbkLdY5uf7xIc7hC0dcCTjQy1Sii5k/RImI2NmIxNjIyMGY1OWNhOGJhM2NkMjgyZTkyY2IyYWU3Ig"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: PJOFEymS5s4kLMNwaB2pY7I-Ts8WfpLGEbYlC7vPzsbZmoEsmhArhA==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1174864a-c1d7-49d1-a84f-acd2c86bd708_2152x1435.jpeg
substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/ 45 KB
46 KB 93ms
89ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_600,h_400,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F1174864a-c1d7-49d1-a84f-acd2c86bd708_2152x1435.jpeg

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

285dabe8c37bcbe6ef85725a826db6b79edac2f4d5d8dc8699b55bd0853b20d4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 02:03:04 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 260349
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="1174864a-c1d7-49d1-a84f-acd2c86bd708_2152x1435.webp"
alt-svc: h3=":443"; ma=86400
content-length: 46436
x-request-id: Pn6FyLyqF8gZ4PPp3UQ7O
server: imgproxy
etag: "GTVfNGCsfHPjQCbkLdY5uf7xIc7hC0dcCTjQy1Sii5k/RImRkNWU5MWM0MGRmMTAzM2M5ODY4ZDRiOGYwZWM4YmI0Ig"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: nUNnq8npSn4uAKHJFwt9Ojs1tBFgkrshPBN1FZyZfLbeo3QwCF2Nxg==

GET
H2 200 w7wmckDuXtk
substackcdn.com/image/youtube/w_728,c_limit/ 67 KB
67 KB 89ms
86ms Image
image/jpeg 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/youtube/w_728,c_limit/w7wmckDuXtk

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

19c3162eab1a7faa4fe92e56676b1dcd0a999175be784aa9dd759dfa2df0e967

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:22:04 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 378009
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="maxresdefault.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 68272
x-request-id: jnLtLfL0r-xqPzkYnS4St
server: imgproxy
etag: "QTjjzamagulYSR45GncD9n8FTAE4tHN7K4TXQu92fW0/RIjE3MDAxOTQ3MTIi"
content-type: image/jpeg
cache-control: public, max-age=7200
x-amz-cf-id: EJHShoNfqp7GJ11ls8ptgWgAe7_kmqEyqabi6O-RG4q70x-GGYoZHw==
expires: Thu, 28 Dec 2023 19:22:04 GMT

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb1a38b6d-e2f9-4513-a919-938cfee039ce_256x256.png
substackcdn.com/image/fetch/w_40,h_40,c_fill,f_webp,q_auto:good,fl_progressive:steep/ 684 B
1 KB 87ms
84ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_40,h_40,c_fill,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fb1a38b6d-e2f9-4513-a919-938cfee039ce_256x256.png

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

a3b2922acda553218b3044c9646a1cc5e38b94ce966707a3f2aca9ea025129a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:27:02 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 5399711
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="b1a38b6d-e2f9-4513-a919-938cfee039ce_256x256.webp"
alt-svc: h3=":443"; ma=86400
content-length: 684
x-request-id: tJ2HS53M6lQAaZ010x9D2
server: imgproxy
etag: "_08ynCcw3-Zu9iolv2f22w0pksxAgGGDph_yBn460CE/RIjM2MWRjNTI4NjE4MzdlZmUzMzNmZGM3ZDYwODJkOTJkIg"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: pnnT5bGT9uV9WeBJ3uLz5P2gMcyHnr3SFqZ4E1ovY-Xu5jNpyIVxIA==

GET
H2 200 https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2F89da843c-d8fe-400c-9173-1f85a616efd7_339x339.png
substackcdn.com/image/fetch/w_40,h_40,c_fill,f_webp,q_auto:good,fl_progressive:steep/ 850 B
1 KB 88ms
85ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_40,h_40,c_fill,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2F89da843c-d8fe-400c-9173-1f85a616efd7_339x339.png

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

bf88c79df7e504e48e29a4405f769d9198aa60c56d9dd390e80f7ffbf039c055

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 18:59:12 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 4346581
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="89da843c-d8fe-400c-9173-1f85a616efd7_339x339.webp"
alt-svc: h3=":443"; ma=86400
content-length: 850
x-request-id: DNLig8nL4aqNeTxsSOGxc
server: imgproxy
etag: "_08ynCcw3-Zu9iolv2f22w0pksxAgGGDph_yBn460CE/RIjFhMWQyYWRlYTY5MTBkZGQ2NDViMDlhMDM5Y2I0OWQ2Ig"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: MP6Hj8eMO2BpBgneC1FHh7VL1txkEvWPLC7vHvAWrH4MaVmvdbux-Q==

GET
H2 200 https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2F9bd30b23-f9d0-4a5b-aa42-0027f2cea3a3_1080x1080.png
substackcdn.com/image/fetch/w_40,h_40,c_fill,f_webp,q_auto:good,fl_progressive:steep/ 1 KB
2 KB 91ms
88ms Image
image/webp 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

bac9bd060d8113358a3e88bc1a5a1b93bddcef1a3d49be13d23c2db271f54949

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 22:39:13 GMT
content-security-policy: script-src 'none'
via: 1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 99780
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="9bd30b23-f9d0-4a5b-aa42-0027f2cea3a3_1080x1080.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1334
x-request-id: pzwffSkb2R7cC3ZBKa730
server: imgproxy
etag: "_08ynCcw3-Zu9iolv2f22w0pksxAgGGDph_yBn460CE/RIjM1ZGJiYWQ4NzQzZTUwYzRjY2UzYzM4ZDFhYTFiNDQxIg"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: VLqrEwSDdMfySmcvJY4ahia0kz7S7aTR9RzCfJyLm6tUSwLX9JSGDA==

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 150 KB
48 KB 122ms
32ms Script
application/javascript 108.139.51.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.51.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-51-165.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:11 GMT
content-encoding: br
via: 1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 2
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: Aj9d-Mvkid-YvU3FEEI6hUKMHsJkbeMxRglCsei1Nu0gUIAZjYTfLg==

GET
H2 200 channel-frame Show response
substack.com/ Frame 903B 23 KB
7 KB 164ms
79ms Document
text/html 2606:4700:4400::6812:21f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://substack.com/channel-frame

Requested by

Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.2ea7a7373446b611e1cd.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7e0bec44872ae7fbbd18331923c814a3f3b70a0ad4d64c4d9f01aaf42bff3e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.rainforthreport.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83ef887bfc534bc7-BUF
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 02 Jan 2024 02:22:14 GMT
etag: W/"5d3f-VLzzjlbF9jcocW5z5IE95s5jX6U"
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cluster: substack
x-deploy: 85b136f2d8
x-powered-by: Express
x-served-by: Substack

GET
H2 200 firehose
www.rainforthreport.com/api/v1/ 35 B
970 B 76ms
73ms Image
image/gif 2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rainforthreport.com/api/v1/firehose?_=1704162134055&d=eyJldmVudCI6IlBhZ2VzIiwicHJvcGVydGllcyI6eyJicm93c2VyU2Vzc2lvbklkIjoidGNiamh1M2RxbGkiLCJpZnJhbWVWaXNpdElkIjpmYWxzZX0sImNvbnRleHQiOnsiY2xpZW50X3R5cGUiOiJ3ZWIiLCJkaXNwbGF5TW9kZSI6ImJyb3dzZXIiLCJwYWdlIjp7InJlZmVycmVyIjoiIiwidGl0bGUiOiJSYWluZm9ydGggUmVwb3J0IHwgSmVmZiBSYWluZm9ydGggfCBTdWJzdGFjayIsInVybCI6Imh0dHBzOi8vd3d3LnJhaW5mb3J0aHJlcG9ydC5jb20vIn0sImNhbXBhaWduIjp7fX19

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:14 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 85b136f2d8
cache-control: no-cache
cf-ray: 83ef887dac784bbb-BUF
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H3 200 homepage_data Show response
www.rainforthreport.com/api/v1/ 96 B
1 KB 74ms
74ms XHR
application/json 2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rainforthreport.com/api/v1/homepage_data

Requested by

Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.2ea7a7373446b611e1cd.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b4d8bd7fa73b13e2c19e10add81a02de7087352629db6b97fe2372b9c5bfcdd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:14 GMT
strict-transport-security: max-age=31536000
x-cluster: substack
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"60-JSxVdSDI/kpTdXBA7qz6JjAmYbU"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-deploy: 85b136f2d8
cache-control: no-cache
cf-ray: 83ef887e5d914bc7-BUF
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H3 200 3071.aadfa1997197d380cb55.chunk.js Show response
substackcdn.com/bundle/ 12 KB
5 KB 37ms
36ms Script
application/javascript 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/3071.aadfa1997197d380cb55.chunk.js
Requested by: Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.2ea7a7373446b611e1cd.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e510415c16fbec31293c5de0d8f3c4f524470f6767e9a8f8318b9d532e4aedb4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 19:20:33 GMT
content-encoding: br
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
age: 25302
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Sat, 29 Jun 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Sun, 31 Dec 2023 19:07:54 GMT
server: AmazonS3
etag: W/"52bfabd7b650de44159c27fbade546fa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 6wu8lqINyg0fJjFfhNZW_hpDCUySp9GGbSMjoj1qfM7uwt2Oz1AAHA==

GET
H3 200 4128.219d52ed12b9493cb41d.chunk.js Show response
substackcdn.com/bundle/ 19 KB
7 KB 34ms
34ms Script
application/javascript 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/4128.219d52ed12b9493cb41d.chunk.js
Requested by: Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.2ea7a7373446b611e1cd.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af573537c2a6bc3bd15f7645cbb0355d1f14c5a8476ceefee9e39d2e4e723399

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 19:26:06 GMT
content-encoding: gzip
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
age: 24969
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Sat, 29 Jun 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Sun, 31 Dec 2023 19:07:54 GMT
server: AmazonS3
etag: W/"308c6fe7a8f48f10918bc2d66980a4a2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 3wSMaOcWHG3ZEe1Vme-uRvlvEPGklNEVMa1-cKbuSuRZPDcbMGeETg==

GET
H3 200 545.401feeeb4b3151407a3d.css
substackcdn.com/bundle/ 14 KB
3 KB 39ms
38ms Stylesheet
text/css 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/545.401feeeb4b3151407a3d.css
Requested by: Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.2ea7a7373446b611e1cd.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f906bd6666a533bd2f96c30ee82d87a2d07c30c68902726766e0ffa0184af001

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 16:45:11 GMT
content-encoding: gzip
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
age: 34624
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Mon, 24 Jun 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Tue, 26 Dec 2023 22:37:13 GMT
server: AmazonS3
etag: W/"f0a754f4f82cfce30bc4456c363a3b84"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: ezSXdUdfCstzQMHGrcwBGUAHc3EOMJPv-odYF30YieGxRxq-o0IJ8Q==

GET
H3 200 545.f7c6e95372a7b6bc3b85.chunk.js Show response
substackcdn.com/bundle/ 51 KB
16 KB 37ms
36ms Script
application/javascript 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/545.f7c6e95372a7b6bc3b85.chunk.js
Requested by: Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.2ea7a7373446b611e1cd.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ff039104dc912b1fe2f24f4896da140a7f7dc4ecd78e7a892982e4327fb40b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 19:20:33 GMT
content-encoding: br
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
age: 25302
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Sat, 29 Jun 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Sun, 31 Dec 2023 19:07:54 GMT
server: AmazonS3
etag: W/"04b591e08c358b59ba51fe72e301a9f3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 5Sg-sZJfaBptUV2mBMypxgiuW04Dowxsgghyi0blHlm4BtzYr9G5pQ==

GET
H3 200 firehose
www.rainforthreport.com/api/v1/ 35 B
1 KB 79ms
78ms Image
image/gif 2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rainforthreport.com/api/v1/firehose?_=1704162134758&d=eyJldmVudCI6IlB1YmxpY2F0aW9uIFJlY29tbWVuZGF0aW9ucyBTaG93biIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6InRjYmpodTNkcWxpIiwiaWZyYW1lVmlzaXRJZCI6ZmFsc2UsInNvdXJjZSI6InB1Yi1ob21lIiwicmVjb21tZW5kYXRpb25zIjpbMTA4NjY5MSwxMjQ4MzIxLDM0ODI3NiwyOTU2NzIsNDQ0NTQxXX0sImNvbnRleHQiOnsiY2xpZW50X3R5cGUiOiJ3ZWIiLCJkaXNwbGF5TW9kZSI6ImJyb3dzZXIiLCJwYWdlIjp7InJlZmVycmVyIjoiIiwidGl0bGUiOiJSYWluZm9ydGggUmVwb3J0IHwgSmVmZiBSYWluZm9ydGggfCBTdWJzdGFjayIsInVybCI6Imh0dHBzOi8vd3d3LnJhaW5mb3J0aHJlcG9ydC5jb20vIn0sImNhbXBhaWduIjp7fX19

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:14 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 85b136f2d8
cache-control: no-cache
cf-ray: 83ef887e5d994bc7-BUF
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H3 200 firehose
www.rainforthreport.com/api/v1/ 35 B
1 KB 72ms
72ms Image
image/gif 2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rainforthreport.com/api/v1/firehose?_=1704162134758&d=eyJldmVudCI6IkZ1bGwgRW1haWwgRm9ybSBTaG93biIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6InRjYmpodTNkcWxpIiwiaWZyYW1lVmlzaXRJZCI6ZmFsc2UsInNvdXJjZSI6ImNvdmVyX3BhZ2UiLCJmdW5jdGlvbmFsX3ZlcnNpb24iOnRydWV9LCJjb250ZXh0Ijp7ImNsaWVudF90eXBlIjoid2ViIiwiZGlzcGxheU1vZGUiOiJicm93c2VyIiwicGFnZSI6eyJyZWZlcnJlciI6IiIsInRpdGxlIjoiUmFpbmZvcnRoIFJlcG9ydCB8IEplZmYgUmFpbmZvcnRoIHwgU3Vic3RhY2siLCJ1cmwiOiJodHRwczovL3d3dy5yYWluZm9ydGhyZXBvcnQuY29tLyJ9LCJjYW1wYWlnbiI6e319fQ%3D%3D

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:14 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 85b136f2d8
cache-control: no-cache
cf-ray: 83ef887e5d9b4bc7-BUF
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H3 200 firehose
www.rainforthreport.com/api/v1/ 35 B
1 KB 70ms
69ms Image
image/gif 2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rainforthreport.com/api/v1/firehose?_=1704162134759&d=eyJldmVudCI6IkNvdmVyIFBhZ2UgU2hvd24iLCJwcm9wZXJ0aWVzIjp7ImJyb3dzZXJTZXNzaW9uSWQiOiJ0Y2JqaHUzZHFsaSIsImlmcmFtZVZpc2l0SWQiOmZhbHNlLCJoYXNfY292ZXJfcGhvdG8iOnRydWUsImhhc19mcmVlX3NpZ251cF9lbWFpbCI6ZmFsc2UsImhhc19mcmVlX3NpZ251cCI6ZmFsc2UsImZ1bmN0aW9uYWxfdmVyc2lvbiI6dHJ1ZSwibGF1bmNoX3dlbGNvbWVfcGFnZSI6dHJ1ZSwiaGlkZGVuIjpmYWxzZSwidGVzdF9leHBlcmltZW50X3ZhcmlhbnRfdjQiOm51bGx9LCJjb250ZXh0Ijp7ImNsaWVudF90eXBlIjoid2ViIiwiZGlzcGxheU1vZGUiOiJicm93c2VyIiwicGFnZSI6eyJyZWZlcnJlciI6IiIsInRpdGxlIjoiUmFpbmZvcnRoIFJlcG9ydCB8IEplZmYgUmFpbmZvcnRoIHwgU3Vic3RhY2siLCJ1cmwiOiJodHRwczovL3d3dy5yYWluZm9ydGhyZXBvcnQuY29tLyJ9LCJjYW1wYWlnbiI6e319fQ%3D%3D

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:14 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 85b136f2d8
cache-control: no-cache
cf-ray: 83ef887e5d9c4bc7-BUF
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H3 200 channelFrame.d41d8cd98f00b204e980.css
substackcdn.com/bundle/theme/ Frame 903B 0
403 B 32ms
31ms Stylesheet
text/css 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/theme/channelFrame.d41d8cd98f00b204e980.css
Requested by: Host: substack.com
URL: https://substack.com/channel-frame
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 03:11:41 GMT
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 83434
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-expiration: expiry-date="Sat, 29 Jun 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Sun, 31 Dec 2023 19:07:54 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: text/css
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: qOhnRLPD0nbPpvD6c1hdkyjWoJYNcHWAkrQ158DzRV_T6vK4AASSHw==

GET
H3 200 channelFrame.98cdedc9a427842db6b8.css
substackcdn.com/bundle/ Frame 903B 13 KB
3 KB 33ms
32ms Stylesheet
text/css 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/channelFrame.98cdedc9a427842db6b8.css
Requested by: Host: substack.com
URL: https://substack.com/channel-frame
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d26e28f19b54f4aa468985515999925453b2288ffea5069655ca447a028beff6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 03:25:03 GMT
content-encoding: gzip
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
age: 82632
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Mon, 24 Jun 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Tue, 26 Dec 2023 22:37:13 GMT
server: AmazonS3
etag: W/"d5449ead55f847510c1567c0d619f964"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: eWSKhVZ4GLemx5MTbQU33iKsZouKaOfnfFncSSgkulG5E1KaqXPOFw==

GET
H2 200 6c2ff3e3828e4017b7faf7b63e24cdf8.min.js Show response
js.sentry-cdn.com/ Frame 903B 2 KB
1 KB 28ms
27ms Script
text/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/6c2ff3e3828e4017b7faf7b63e24cdf8.min.js

Requested by

Host: substack.com
URL: https://substack.com/channel-frame

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

35fcf709c4681a08ad9b18cdfdcba10010a00820f7da106638f2a29234ed6b5a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src blob: data: ; frame-ancestors 'self' .sentry.io; object-src 'self'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; style-src 'unsafe-inline' ; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; media-src ; font-src * data:; base-uri 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=db58954966c20b0734c947be6f697c7a260aa956
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://substack.com/
Origin: https://substack.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src 'none'; img-src blob: data: *; frame-ancestors 'self' *.sentry.io; object-src 'self'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; style-src 'unsafe-inline' *; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; media-src *; font-src * data:; base-uri 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=db58954966c20b0734c947be6f697c7a260aa956
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 Jan 2024 02:22:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 10
x-envoy-upstream-service-time: 52
content-length: 1224
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-5cd45975dd-vlr5j, cache-chi-kigq8000087-CHI, cache-nyc-kteb1890066-NYC
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 channelFrame.b7da55c0309ad726eed6.bundle.js Show response
substackcdn.com/bundle/ Frame 903B 349 KB
106 KB 38ms
34ms Script
application/javascript 2600:9000:2269:ba00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/channelFrame.b7da55c0309ad726eed6.bundle.js
Requested by: Host: substack.com
URL: https://substack.com/channel-frame
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2269:ba00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8fa0dba8058848abb54daf0bb9c6bd98fea1542e76b46ff9f5c8e2a08335f1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 19:20:34 GMT
content-encoding: br
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
age: 25301
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Sat, 29 Jun 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Sun, 31 Dec 2023 19:07:54 GMT
server: AmazonS3
etag: W/"457f41d36e376c200d3bef1710325b52"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: orUbfzoN2lSzPtCDJpMO5zXGthZ8leVVcYPzxCklcKnZu2yyrWnCWg==

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame 903B 20 KB
7 KB 60ms
55ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: substack.com
URL: https://substack.com/channel-frame
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

accept-language: en-US,en;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:14 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83ef887eac1b4bcf-BUF

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ Frame 903B 150 KB
48 KB 32ms
30ms Script
application/javascript 108.139.51.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: substack.com
URL: https://substack.com/channel-frame
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.51.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-51-165.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:11 GMT
content-encoding: br
via: 1.1 aea539314dea6e591d10d79d61e42090.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 4
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: zQyr1V3BzFpaR5981Xxpceo6ntIJlhKJbPF_wHZ1M98QqS-PLsfNBQ==

GET
H2 200 firehose
substack.com/api/v1/ Frame 903B 35 B
978 B 77ms
75ms Image
image/gif 2606:4700:4400::6812:21f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substack.com/api/v1/firehose?_=1704162135151&d=eyJldmVudCI6IlBhZ2VzIiwicHJvcGVydGllcyI6eyJicm93c2VyU2Vzc2lvbklkIjoidnQ5MzZkYW1scWIiLCJpZnJhbWVWaXNpdElkIjp7ImlkIjoiMzgyNTJkMGMtYjNlYS00YjhmLTliMjItMThlOTIyOTE2OWRjIiwidGltZXN0YW1wIjoiMjAyNC0wMS0wMlQwMjoyMjoxNS4xNDZaIn19LCJjb250ZXh0Ijp7ImNsaWVudF90eXBlIjoid2ViIiwiZGlzcGxheU1vZGUiOiJicm93c2VyIiwicGFnZSI6eyJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LnJhaW5mb3J0aHJlcG9ydC5jb20vIiwidGl0bGUiOiIiLCJ1cmwiOiJodHRwczovL3N1YnN0YWNrLmNvbS9jaGFubmVsLWZyYW1lIn0sImNhbXBhaWduIjp7fX19

Requested by

Host: substack.com
URL: https://substack.com/channel-frame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://substack.com/channel-frame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:15 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 85b136f2d8
cache-control: no-cache
cf-ray: 83ef8880cef54bc7-BUF
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H2 200 firehose
substack.com/api/v1/ Frame 903B 35 B
932 B 67ms
66ms Image
image/gif 2606:4700:4400::6812:21f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substack.com/api/v1/firehose?_=1704162135155&d=eyJldmVudCI6IkZyYW1lIE1lc3NhZ2UgU2VudCIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6InZ0OTM2ZGFtbHFiIiwiaWZyYW1lVmlzaXRJZCI6eyJpZCI6IjM4MjUyZDBjLWIzZWEtNGI4Zi05YjIyLTE4ZTkyMjkxNjlkYyIsInRpbWVzdGFtcCI6IjIwMjQtMDEtMDJUMDI6MjI6MTUuMTQ2WiJ9LCJoYXNVc2VyU3RhdGUiOmZhbHNlfSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsImRpc3BsYXlNb2RlIjoiYnJvd3NlciIsInBhZ2UiOnsicmVmZXJyZXIiOiJodHRwczovL3d3dy5yYWluZm9ydGhyZXBvcnQuY29tLyIsInRpdGxlIjoiIiwidXJsIjoiaHR0cHM6Ly9zdWJzdGFjay5jb20vY2hhbm5lbC1mcmFtZSJ9LCJjYW1wYWlnbiI6e319fQ%3D%3D

Requested by

Host: substack.com
URL: https://substack.com/channel-frame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:21f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://substack.com/channel-frame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:15 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 85b136f2d8
cache-control: no-cache
cf-ray: 83ef8880cef64bc7-BUF
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H3 200 firehose
www.rainforthreport.com/api/v1/ 35 B
1 KB 76ms
76ms Image
image/gif 2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rainforthreport.com/api/v1/firehose?_=1704162135160&d=eyJldmVudCI6IkZyYW1lIE1lc3NhZ2UgSGFuZGxlZCIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6InRjYmpodTNkcWxpIiwiaWZyYW1lVmlzaXRJZCI6ZmFsc2UsImxvZ2dlZEluQXRTdWJzdGFjayI6ZmFsc2UsImxvZ2dlZEluQXRDdXN0b21Eb21haW4iOmZhbHNlLCJhdHRlbXB0UmVkaXJlY3QiOmZhbHNlfSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsImRpc3BsYXlNb2RlIjoiYnJvd3NlciIsInBhZ2UiOnsicmVmZXJyZXIiOiIiLCJ0aXRsZSI6IlJhaW5mb3J0aCBSZXBvcnQgfCBKZWZmIFJhaW5mb3J0aCB8IFN1YnN0YWNrIiwidXJsIjoiaHR0cHM6Ly93d3cucmFpbmZvcnRocmVwb3J0LmNvbS8ifSwiY2FtcGFpZ24iOnt9fX0%3D

Requested by

Host: www.rainforthreport.com
URL: https://www.rainforthreport.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:15 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 85b136f2d8
cache-control: no-cache
cf-ray: 83ef8880def84bc7-BUF
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 903B 258 KB
88 KB 94ms
36ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TLW0DF6G5V&l=localGaDataLayer

Requested by

Host: substackcdn.com
URL: https://substackcdn.com/bundle/channelFrame.b7da55c0309ad726eed6.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd4ac966ccb66395ddba44e2cf922c24221cf58f5ee11336fdac44731c1bd7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89489
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Jan 2024 02:22:15 GMT

POST
H2 204 rum Show response
cloudflareinsights.com/cdn-cgi/ Frame 903B 0
37 B 57ms
56ms XHR
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://substack.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/json

Response headers

date: Tue, 02 Jan 2024 02:22:15 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://substack.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83ef8881fca66aed-BUF

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 109ms
29ms Preflight
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://substack.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://substack.com
access-control-max-age: 86400
cf-ray: 83ef8881cc786aed-BUF
content-encoding: gzip
content-type: text/plain
date: Tue, 02 Jan 2024 02:22:15 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 121ms
68ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer

Requested by

Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.2ea7a7373446b611e1cd.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce2c12814f41d0e73c8931d858bc66032df09c7c50679665bf1e02bb3365555b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74039
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jan 2024 02:22:15 GMT

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 77ms
28ms Preflight
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.rainforthreport.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.rainforthreport.com
access-control-max-age: 86400
cf-ray: 83ef8881cc796aed-BUF
content-encoding: gzip
content-type: text/plain
date: Tue, 02 Jan 2024 02:22:15 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 204 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
37 B 59ms
58ms XHR
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rainforthreport.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/json

Response headers

date: Tue, 02 Jan 2024 02:22:15 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.rainforthreport.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83ef8881fca56aed-BUF

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 903B 199 KB
72 KB 38ms
37ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TLW0DF6G5V&l=localGaDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e140ec6ad2fc7db67e2370ce09820a0fcf8fefea3010a57abf35cfc8909d32fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:22:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74027
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jan 2024 02:22:15 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/ 2 KB
1 KB 99ms
42ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/?random=1704162135467&cv=11&fst=1704162135467&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887153041&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rainforthreport.com%2F&hn=www.googleadservices.com&frm=0&tiba=Rainforth%20Report%20%7C%20Jeff%20Rainforth%20%7C%20Substack&auid=1371603996.1704162135&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0fd3c8a9fd37503ddf121bb42a843be921f788cd1d24d975818098bcb62af81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 02:22:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1264
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/ Frame 903B 2 KB
2 KB 43ms
40ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/?random=1704162135526&cv=11&fst=1704162135526&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887153041&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsubstack.com%2Fchannel-frame&ref=https%3A%2F%2Fwww.rainforthreport.com%2F&top=https%3A%2F%2Fwww.rainforthreport.com%2F&hn=www.googleadservices.com&frm=2&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

776ff73b70d8956d5c98e380953a8d0fee89f531c1c65b70101462df6f56a5c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 02:22:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/316245675/ Frame 903B 42 B
108 B 96ms
41ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/316245675/?random=1704162135526&cv=11&fst=1704160800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887153041&u_w=1600&u_h=1200&url=https%3A%2F%2Fsubstack.com%2Fchannel-frame&ref=https%3A%2F%2Fwww.rainforthreport.com%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_mr12VgFJ0qjhsSGWHtIBkw2QuVoX7w&random=2822100114&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 02:22:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/316245675/ 42 B
455 B 94ms
40ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/316245675/?random=1704162135467&cv=11&fst=1704160800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887153041&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.rainforthreport.com%2F&frm=0&tiba=Rainforth%20Report%20%7C%20Jeff%20Rainforth%20%7C%20Substack&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_TJNoPjpY0mQEqePMAC-Ku3TzNgFSJw&random=1009258938&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.rainforthreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jan 2024 02:22:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.rainforthreport.com/	1970-01-21 02:08:18	Name: ab_testing_id Value: %2286cbef53-ae92-46d2-952e-531deeae12c6%22
.www.rainforthreport.com/	1970-01-20 17:22:43	Name: __cf_bm Value: cpL0.3vl9o_oJXO7mCI41OETL71oaX4Z62q8LkPnVQ8-1704162132-1-AVX2O1cDnNxwPC7t0fLNN+l2HlNkUrE2LJgz4TwTV9f7N63W4spLHRrzCqZpl3oJMkwwB8TUIDi0QutAMseTgJI=
www.rainforthreport.com/	1970-01-21 02:08:18	Name: ajs_anonymous_id Value: %22657621b2-ea56-44c0-adc0-36fba5dcd248%22
.substack.com/	1970-01-20 17:22:43	Name: __cf_bm Value: lfVY5GQwC0Z_OjGESn21g22Fm6cu61jqc9zt.gf_E10-1704162134-1-ARsd4l7IfrGvhx5NwZ+ufnqcco9pamwJ2ENFY6e2gW2fVMh45KSHLlV2vuC+TCcTatMzqu3EUvUE5Wht6LvQLpw=
.www.rainforthreport.com/	1970-01-21 02:08:18	Name: ajs_anonymous_id Value: %22657621b2-ea56-44c0-adc0-36fba5dcd248%22
.www.rainforthreport.com/	1970-01-20 17:22:43	Name: visit_id Value: %7B%22id%22%3A%2228987e2f-08ca-4efd-bca3-9c4d40809d63%22%2C%22timestamp%22%3A%222024-01-02T02%3A22%3A14.698Z%22%7D
substack.com/	1970-01-20 17:32:46	Name: AWSALBTGCORS Value: ociO0U6+0PKlbZS9NxnQSKLvAQdc7ZPed8p3Am47kTAHH58TA/eXd6yXgKj6OEngiaeGQd42eZpBwYsBW/w1kCl35b+hotl6PzfP4nc2fG5EA+gyl7ODUoCOqz0g2kYH1P7k7dh5LB4T2mGJ0T1Qp7yByF5+6lBwce910p0xEL1K
www.rainforthreport.com/	1970-01-20 17:32:46	Name: AWSALBTG Value: /iDVvOnOXLOKKD+/yKj2hoSUUNJjRooTWM9xWT9FPtkQWcFAmY6KFwUhfq7awfCAn7Hcm7+k8LJ5vY8WMjXTlspJcwnWuTBzEk/ZEpZDUkVuMQnqOtWTi8pSnK9QklOTbHPNRRTqE6XTJNHrGGGY1c6CPmJN3Lgn2usE18wnRIBV
www.rainforthreport.com/	1970-01-20 17:32:46	Name: AWSALBTGCORS Value: /iDVvOnOXLOKKD+/yKj2hoSUUNJjRooTWM9xWT9FPtkQWcFAmY6KFwUhfq7awfCAn7Hcm7+k8LJ5vY8WMjXTlspJcwnWuTBzEk/ZEpZDUkVuMQnqOtWTi8pSnK9QklOTbHPNRRTqE6XTJNHrGGGY1c6CPmJN3Lgn2usE18wnRIBV
.rainforthreport.com/	1970-01-20 19:32:18	Name: _gcl_au Value: 1.1.1371603996.1704162135
.doubleclick.net/	1970-01-20 17:22:43	Name: test_cookie Value: CheckForPermission
www.rainforthreport.com/	1970-01-20 17:22:43	Name: _dd_s Value: rum=0&expire=1704163034793

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloudflareinsights.com
googleads.g.doubleclick.net
js.sentry-cdn.com
static.cloudflareinsights.com
substack.com
substackcdn.com
www.datadoghq-browser-agent.com
www.google.com
www.googletagmanager.com
www.rainforthreport.com
108.139.51.165
2600:9000:2269:ba00:4:b4b9:d3c0:93a1
2606:4700:4400::6812:21f5
2606:4700:4400::ac40:93a9
2606:4700::6810:3865
2606:4700::6810:3965
2607:f8b0:4006:816::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::2004
2a04:4e42:200::729
08106a5230e79050f3b63fa20921e1833e1a2049be8fd21806900144b4125f2c
12c813e96117b62d5250fef8ad07f001cff69577d5fa639f4d682ab2e3d65c86
186d39c95229c873557ccf8aa83c6970440821a368cedf7bacbda3061b9f5953
19c3162eab1a7faa4fe92e56676b1dcd0a999175be784aa9dd759dfa2df0e967
285dabe8c37bcbe6ef85725a826db6b79edac2f4d5d8dc8699b55bd0853b20d4
35fcf709c4681a08ad9b18cdfdcba10010a00820f7da106638f2a29234ed6b5a
3b7701790d3478dbcd911f70726e403978951fa44790af1673c5321723e86d30
3b9e1d2dc41dbca8ded7e3fe7787c74b7111b00e6b2cee5f9b80dae0991c850f
3ff039104dc912b1fe2f24f4896da140a7f7dc4ecd78e7a892982e4327fb40b6
43975965b2ca6a72e7fc77fc0c4c9832bb3e5a0e6717e03cb0248679062469d6
4e7f35d9fdd279c17fa26585627b61ec390c2bb388bad179567852613b0ce3d6
4ffb4316ff4be7385712fbc30c09a6b34720ee516190f3fdcac7496ce73fa88e
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6a54ee412dd7f06378a99aef0d7f469e6281c6900ffb374d55be4fcf163fd2b8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0fa043bcf6b6cd8f4915cdff2528c78556d962e5b1e66c4109d2245856d6d9
72471a51ae7ffc4af3155280bce2974d8cd2d018d757c3ca45745868f3467268
757838a27fe02232c5a8560ef0036b64c090af034afb365f23ce3a6ca77fed67
776ff73b70d8956d5c98e380953a8d0fee89f531c1c65b70101462df6f56a5c2
7e0bec44872ae7fbbd18331923c814a3f3b70a0ad4d64c4d9f01aaf42bff3e74
887cc87dd7f9b4ecae5e7a960018d64a2893578d4dd17d8a2e4cfc40f40f533e
9e60b7e38754b9c79b516693370ead0253f27e7359edfa94ed303ecfe01b56da
a3b2922acda553218b3044c9646a1cc5e38b94ce966707a3f2aca9ea025129a6
af573537c2a6bc3bd15f7645cbb0355d1f14c5a8476ceefee9e39d2e4e723399
b3802c375c84832fe27ab1c11fb29e0c3c5d047c971da1b3a66e2e1cc7f58691
b4d8bd7fa73b13e2c19e10add81a02de7087352629db6b97fe2372b9c5bfcdd4
b6fc8a6e82a1d018fe319c7781fe3d9a1a4e3a73a9cbffd72d6066c3413100b6
bac9bd060d8113358a3e88bc1a5a1b93bddcef1a3d49be13d23c2db271f54949
bf88c79df7e504e48e29a4405f769d9198aa60c56d9dd390e80f7ffbf039c055
c134ca02e90b10159a93fcabbf5af0f74c48855f4877b1a9cd03481f8723a2c6
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
ce2c12814f41d0e73c8931d858bc66032df09c7c50679665bf1e02bb3365555b
d26e28f19b54f4aa468985515999925453b2288ffea5069655ca447a028beff6
d8fa0dba8058848abb54daf0bb9c6bd98fea1542e76b46ff9f5c8e2a08335f1d
d96a3b87e803af45f768d0176405f93d4a3ac6daddf04aa57065bf02b8e41a1f
e0fd3c8a9fd37503ddf121bb42a843be921f788cd1d24d975818098bcb62af81
e140ec6ad2fc7db67e2370ce09820a0fcf8fefea3010a57abf35cfc8909d32fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e510415c16fbec31293c5de0d8f3c4f524470f6767e9a8f8318b9d532e4aedb4
e53e1b74c9d11e48dfcec15894d0ff6fc026b666901cf20114d9cecbd1fe887d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f906bd6666a533bd2f96c30ee82d87a2d07c30c68902726766e0ffa0184af001
fd4ac966ccb66395ddba44e2cf922c24221cf58f5ee11336fdac44731c1bd7fb
ff5ee299b9cb6659595d1cf701ebd1010375d71cc395dff062877e8396953b9b

www.rainforthreport.com Open in urlscan Pro 2606:4700:4400::ac40:93a9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

90 %IPv6

9 Domains

10 Subdomains

10 IPs

1 Countries

2382 kBTransfer

6496 kBSize

12 Cookies

12 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rainforthreport.com Open in urlscan Pro
2606:4700:4400::ac40:93a9 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

90 %
IPv6

9
Domains

10
Subdomains

10
IPs

1
Countries

2382 kB
Transfer

6496 kB
Size

12
Cookies

58 HTTP transactions
0 data transactions