urlscan.io logo urlscan.io
SecurityTrails logo

restorethevalues.org Open in urlscan Pro
213.109.149.41  Public Scan

Go To Rescan Add Verdict Report
URL: https://restorethevalues.org/
Submission: On September 26 via automatic, source certstream-suspicious — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 45 HTTP transactions. The main IP is 213.109.149.41, located in St Louis, United States and belongs to CYBERCON, US. The main domain is restorethevalues.org.
TLS certificate: Issued by R11 on September 26th 2024. Valid for: 3 months.
This is the only time restorethevalues.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

30    213.109.149.41 (St Louis, United States)

ASN7393 (CYBERCON, US)
PTR: scluster10.stablehost.com
restorethevalues.org
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2724:8800:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
3    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:4700::6812:eec5 (United States)

ASN13335 (CLOUDFLARENET, US)
causes.anedot.com
secure.anedot.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    3.75.152.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-152-14.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
30 restorethevalues.org
restorethevalues.org
1016 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
336 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
989 B
3 sharethis.com
ws.sharethis.com — Cisco Umbrella Rank: 17889
l.sharethis.com — Cisco Umbrella Rank: 5602
14 KB
2 anedot.com
causes.anedot.com
secure.anedot.com — Cisco Umbrella Rank: 519555
932 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 196
83 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
45 7
Domain Requested by
30 restorethevalues.org restorethevalues.org
3 fonts.gstatic.com fonts.googleapis.com
3 www.google.com restorethevalues.org
www.gstatic.com
2 l.sharethis.com ws.sharethis.com
restorethevalues.org
2 connect.facebook.net restorethevalues.org
connect.facebook.net
1 www.gstatic.com www.google.com
1 secure.anedot.com restorethevalues.org
1 causes.anedot.com 1 redirects
1 ws.sharethis.com restorethevalues.org
1 fonts.googleapis.com restorethevalues.org
45 10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
google.com
www.youtube.com
Subject Issuer Validity Valid
restorethevalues.org
R11		 2024-09-26 -
2024-12-25		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-19 -
2025-05-17		 a year crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-06 -
2024-10-04		 3 months crt.sh
anedot.com
WE1		 2024-08-11 -
2024-11-09		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://restorethevalues.org/
Frame ID: 0C71641DBC86F27CF20F5BAD32EFF170
Requests: 42 HTTP requests in this frame

Frame: https://secure.anedot.com/restore-the-values/general-fund-c0c52e08460?embed=standard
Frame ID: 1ECE57CC5057A45F5775D51CEEB1684C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le43zIUAAAAACHrpRp6aKuxT9gdFae4kwycRxYZ&co=aHR0cHM6Ly9yZXN0b3JldGhldmFsdWVzLm9yZzo0NDM.&hl=en&v=EGbODne6buzpTnWrrBprcfAY&size=normal&cb=mbn8akohvjjx
Frame ID: D9B8CA4A81CCBDEB6FB347524ED02903
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=EGbODne6buzpTnWrrBprcfAY&k=6Le43zIUAAAAACHrpRp6aKuxT9gdFae4kwycRxYZ
Frame ID: D719099A37DC84EF9B06C012D068FE75
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Restore the Values | Restoring America's Foundation

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

45
Requests

98 %
HTTPS

78 %
IPv6

7
Domains

10
Subdomains

10
IPs

2
Countries

1451 kB
Transfer

2343 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://causes.anedot.com/general-fund-c0c52e08460?embed=standard HTTP 301
  • https://secure.anedot.com/restore-the-values/general-fund-c0c52e08460?embed=standard

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
restorethevalues.org/ 		38 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
af00aae5545651f52fdfbed3c4901ef6caeb87be7c9bc111c745b6cc13d3a242

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
10409
content-type
text/html; charset=UTF-8
date
Thu, 26 Sep 2024 23:58:40 GMT
etag
"1-1727394463;br"
link
<https://restorethevalues.org/wp-json/>; rel="https://api.w.org/" <https://restorethevalues.org/>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700|Vollkorn:400italic,700italic,400,700&subset=latin,latin-ext
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4753b7563419ea3fe0fce14e438c7638a4bf04dc20c503b242980881c3df4aec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 26 Sep 2024 23:58:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 26 Sep 2024 23:58:40 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
foundation.css
restorethevalues.org/wp-content/themes/haven/css/ 		63 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/themes/haven/css/foundation.css?ver=1391280020
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
86f459870ba5444c6231d51c25a8ac717257c3bfba451ebfc2403394a31d38f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"faac-52ed3f94-47350e99a7cd3215;br"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
9480
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/css
last-modified
Sat, 01 Feb 2014 18:40:20 GMT
vary
Accept-Encoding
server
LiteSpeed
flexslider.css
restorethevalues.org/wp-content/themes/haven/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/themes/haven/css/flexslider.css?ver=1391020411
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
900e38fad66d815cd93af472d103f5dfb410727f8ae675b9dfdfe72bf5e6f93f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"13ee-52e9497b-7ccf8d64fa625bed;br"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
1462
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/css
last-modified
Wed, 29 Jan 2014 18:33:31 GMT
vary
Accept-Encoding
server
LiteSpeed
typicons.css
restorethevalues.org/wp-content/themes/haven/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/themes/haven/css/typicons.css?ver=1391064961
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
9624fa377685e537d57e8edcd7cd865915c537a38a3bef3c053e05359c6d2cb6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"3b1f-52e9f781-2f187173fd6b8856;br"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
2403
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/css
last-modified
Thu, 30 Jan 2014 06:56:01 GMT
vary
Accept-Encoding
server
LiteSpeed
style.css
restorethevalues.org/wp-content/themes/haven/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/themes/haven/css/style.css?ver=1391020411
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
5939a5803f14db3a1ecce70d00266b9079b419036d51cac85e5f0897bfe3d1dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"3c26-52e9497b-9df0e37cf72ac328;br"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
3620
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/css
last-modified
Wed, 29 Jan 2014 18:33:31 GMT
vary
Accept-Encoding
server
LiteSpeed
responsive.css
restorethevalues.org/wp-content/themes/haven/css/ 		3 KB
860 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/themes/haven/css/responsive.css?ver=1391020411
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
5a17bdcee3ee7f1a91488c7fb5dad21b5c103931b54e558ecf021fdf412f4a50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"a78-52e9497b-64e347a204ce74ca;br"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
800
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/css
last-modified
Wed, 29 Jan 2014 18:33:31 GMT
vary
Accept-Encoding
server
LiteSpeed
ie.css
restorethevalues.org/wp-content/themes/haven/css/ 		0
56 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/themes/haven/css/ie.css?ver=1391020411
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
etag
"0-52e9497b-dc920cfa03a50228;;;"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
0
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/css
last-modified
Wed, 29 Jan 2014 18:33:31 GMT
server
LiteSpeed
common.css
restorethevalues.org/wp-content/themes/haven/framework/js/pe.flare/themes/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/themes/haven/framework/js/pe.flare/themes/common.css?ver=1391020411
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
35b5f8d55583cc6d4ea75304d5c38a627419ca2c5c076441904b4055ee0c7f8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"2374-52e9497b-1e56c0b0373b7d32;br"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
1371
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/css
last-modified
Wed, 29 Jan 2014 18:33:31 GMT
vary
Accept-Encoding
server
LiteSpeed
skin.css
restorethevalues.org/wp-content/themes/haven/framework/js/pe.flare/themes/default/ 		3 KB
710 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/themes/haven/framework/js/pe.flare/themes/default/skin.css?ver=1391020411
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
813d6e618c084bf7b6091543f2d7e3aa9fd1e6f5ad92472ff4937e987a81bddb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"a36-52e9497b-85637cb08bfb49fd;br"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
648
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/css
last-modified
Wed, 29 Jan 2014 18:33:31 GMT
vary
Accept-Encoding
server
LiteSpeed
custom.css
restorethevalues.org/wp-content/themes/haven/css/ 		2 KB
727 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/themes/haven/css/custom.css?ver=1391020411
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
5e96ef62895e5b342e80d2191579001517b52f5e429553719519f8acbb8cbaed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"857-52e9497b-6972024c58e3ae87;br"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
666
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/css
last-modified
Wed, 29 Jan 2014 18:33:31 GMT
vary
Accept-Encoding
server
LiteSpeed
style.css
restorethevalues.org/wp-content/themes/haven/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/themes/haven/style.css?ver=1391207872
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
8a22817c878b1458656aae27521f1f876b60d3960cb3290550bc84e153b4b351

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"2917-52ec25c0-4b4b4842118cd8f0;br"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
2375
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/css
last-modified
Fri, 31 Jan 2014 22:37:52 GMT
vary
Accept-Encoding
server
LiteSpeed
styles.css
restorethevalues.org/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
e291f67dc3e643bfde7604e48a75e17298a3868ebc0c4554b9e8c17355fd6115

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"646-59d332a3-4bc3d8e02ec15a8;br"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
539
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/css
last-modified
Tue, 03 Oct 2017 06:48:03 GMT
vary
Accept-Encoding
server
LiteSpeed
jquery.fancybox-1.3.8.min.css
restorethevalues.org/wp-content/plugins/easy-fancybox/fancybox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.8.min.css?ver=1.6
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
8403623695c3c7f672981e76d8d4244063c125148d1359bcca924691680ae597

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"f20-59d07c55-51238e4b2f5d26b2;br"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
967
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/css
last-modified
Sun, 01 Oct 2017 05:25:41 GMT
vary
Accept-Encoding
server
LiteSpeed
jquery.js
restorethevalues.org/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

content-encoding
br
etag
"17ba0-59d33201-122949ffd4a80274;br"
accept-ranges
bytes
content-length
32857
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/javascript
last-modified
Tue, 03 Oct 2017 06:45:21 GMT
vary
Accept-Encoding
server
LiteSpeed
jquery-migrate.min.js
restorethevalues.org/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

content-encoding
br
etag
"2748-59d33201-1eebc0aa2974c15f;br"
accept-ranges
bytes
content-length
3823
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
text/javascript
last-modified
Tue, 03 Oct 2017 06:45:21 GMT
vary
Accept-Encoding
server
LiteSpeed
st_insights.js
ws.sharethis.com/button/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:8800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
098bda98086360b913062d069673394f88847327682a7da142ac9fb942368f14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

x-robots-tag
noindex, nofollow
content-encoding
gzip
etag
W/"658496ad-d585"
age
241025
expires
Fri, 27 Sep 2024 05:01:35 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
E9QXGLwiZG7R6OlZ546qnNtMNNs03XmCtNk0zOesg86q-tdn0yMCJw==
date
Wed, 25 Sep 2024 20:07:05 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=259200
via
1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
content-length
13607
x-amz-cf-pop
FRA56-P12
server
nginx/1.20.1
flag.jpg
restorethevalues.org/wp-content/uploads/2014/03/ 		519 KB
519 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://restorethevalues.org/wp-content/uploads/2014/03/flag.jpg
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
d37ab104683877cda06d5cc3fbc09e412ddf18c93b9534b48952b5a8b184e2c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
etag
"81a34-53154eaa-72b028798b37a706;;;"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
530996
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
image/jpeg
last-modified
Tue, 04 Mar 2014 03:55:22 GMT
server
LiteSpeed
farmhouse.jpg
restorethevalues.org/wp-content/uploads/2014/01/ 		311 KB
311 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://restorethevalues.org/wp-content/uploads/2014/01/farmhouse.jpg
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
331955e6eaac93bc230bb3861df0c29323833dc162babf897b9cc9d4970f1c15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
public, max-age=604800
etag
"4db16-52ec0344-64126ac74d3a5d28;;;"
expires
Thu, 03 Oct 2024 23:58:40 GMT
accept-ranges
bytes
content-length
318230
date
Thu, 26 Sep 2024 23:58:40 GMT
content-type
image/jpeg
last-modified
Fri, 31 Jan 2014 20:10:44 GMT
server
LiteSpeed
comment-reply.min.js
restorethevalues.org/wp-includes/js/ 		1 KB
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-includes/js/comment-reply.min.js?ver=4.8.2
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

content-encoding
br
etag
"436-56d3d491-c6a2515811336e8c;br"
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
488
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
text/javascript
last-modified
Mon, 29 Feb 2016 05:18:09 GMT
vary
Accept-Encoding
server
LiteSpeed
theme.min.js
restorethevalues.org/wp-content/themes/haven/theme/compressed/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/themes/haven/theme/compressed/theme.min.js?ver=1391020411
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
da9389f78b627b6ba4c2ac3e913be3053ae08ef059a120f63a7a569ab7a1ddfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

content-encoding
br
etag
"2043e-52e9497b-5f30e55302d6721;br"
accept-ranges
bytes
content-length
41968
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
text/javascript
last-modified
Wed, 29 Jan 2014 18:33:31 GMT
vary
Accept-Encoding
server
LiteSpeed
scripts.js
restorethevalues.org/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
f7db88a5dd4feb92dafbf5b17b516ddb78cfe69daff23ed72453a6a561b367f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

content-encoding
br
etag
"3654-59d332a3-3bb79ebad08f3aaa;br"
accept-ranges
bytes
content-length
3644
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
text/javascript
last-modified
Tue, 03 Oct 2017 06:48:03 GMT
vary
Accept-Encoding
server
LiteSpeed
ssba.min.js
restorethevalues.org/wp-content/plugins/simple-share-buttons-adder/js/ 		583 B
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/plugins/simple-share-buttons-adder/js/ssba.min.js?ver=4.8.2
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
d7150307d4a68a23c2c677008d29475a47f6cc368c17215cabc6960887938cd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

content-encoding
br
etag
"247-59d07c5d-4276ad47de1df80;br"
accept-ranges
bytes
content-length
262
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
text/javascript
last-modified
Sun, 01 Oct 2017 05:25:49 GMT
vary
Accept-Encoding
server
LiteSpeed
wp-embed.min.js
restorethevalues.org/wp-includes/js/ 		1 KB
709 B 		Script
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-includes/js/wp-embed.min.js?ver=4.8.2
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

content-encoding
br
etag
"576-59d33201-3d4a3a2118589266;br"
accept-ranges
bytes
content-length
637
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
text/javascript
last-modified
Tue, 03 Oct 2017 06:45:21 GMT
vary
Accept-Encoding
server
LiteSpeed
api.js
www.google.com/recaptcha/ 		1 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaCallback&render=explicit&ver=2.0
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b194aa79b0b402eb99e109761672c067cc56ad45930e84a30a2e50c0a4530b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 26 Sep 2024 23:58:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 26 Sep 2024 23:58:41 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
accordion.min.js
restorethevalues.org/wp-content/plugins/accordion-shortcodes/ 		2 KB
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/plugins/accordion-shortcodes/accordion.min.js?ver=2.3.3
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
c7c23e4de20e8cad611777aa2c2e003257759118d00ef4457496a49fcbd74c0c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

content-encoding
br
etag
"670-59d07c54-45bf14ea53713141;br"
accept-ranges
bytes
content-length
667
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
text/javascript
last-modified
Sun, 01 Oct 2017 05:25:40 GMT
vary
Accept-Encoding
server
LiteSpeed
jquery.fancybox-1.3.8.min.js
restorethevalues.org/wp-content/plugins/easy-fancybox/fancybox/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/plugins/easy-fancybox/fancybox/jquery.fancybox-1.3.8.min.js?ver=1.6
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
08f26bef009017d1d6ef309b3578453a969ecc8024a9521b7f739e44a3fb5bf0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

content-encoding
br
etag
"3e6a-59d07c55-e65e98263251feae;br"
accept-ranges
bytes
content-length
5129
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
text/javascript
last-modified
Sun, 01 Oct 2017 05:25:41 GMT
vary
Accept-Encoding
server
LiteSpeed
jquery.easing.min.js
restorethevalues.org/wp-content/plugins/easy-fancybox/js/ 		2 KB
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.0
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
b29bd83837b7fef974f0a302c56b652b77a7563ffae0e3ea6d292b11a707daae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

content-encoding
br
etag
"8e8-59d07c55-a1c89ddcf83b5782;br"
accept-ranges
bytes
content-length
718
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
text/javascript
last-modified
Sun, 01 Oct 2017 05:25:41 GMT
vary
Accept-Encoding
server
LiteSpeed
jquery.mousewheel.min.js
restorethevalues.org/wp-content/plugins/easy-fancybox/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

content-encoding
br
etag
"a31-59d07c55-e91ee7926239c508;br"
accept-ranges
bytes
content-length
1051
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
text/javascript
last-modified
Sun, 01 Oct 2017 05:25:41 GMT
vary
Accept-Encoding
server
LiteSpeed
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
74816b240a41e777b83a22f4b3671ad6d55161c1e9c3b1ecf575b8c2041f21ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

content-md5
wI/Z3Jn6MKYyiUe9XE5Lqg==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"31e73ef42e82de3d15999e8f058e6361"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Fri, 27 Sep 2024 00:13:37 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=1200s
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
d65997f1ffc468e9e94b56f0700e2f9d
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=5674, tp=10, tpl=0, uplat=0, ullat=-1
x-fb-debug
lFuh1t/95GE93+3cqbYgA1HKU0G9CAXyU8165ysbsTmM5S7BWk/Rf/qtEyImyW8xTjEctInI1v/8YqcIiZbKdQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1687
origin-agent-cluster
?0
general-fund-c0c52e08460
secure.anedot.com/restore-the-values/ Frame 1ECE
Redirect Chain
  • https://causes.anedot.com/general-fund-c0c52e08460?embed=standard
  • https://secure.anedot.com/restore-the-values/general-fund-c0c52e08460?embed=standard
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/restore-the-values/general-fund-c0c52e08460?embed=standard
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:eec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://restorethevalues.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8c9734146e49bf0c-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 26 Sep 2024 23:58:41 GMT
link
</packs/css/vendors~accounts~admin~auth~auth-react~crimson-donations~donations-9f803dca.chunk.css>; rel=preload; as=style; crossorigin=anonymous; nopush,</packs/css/vendors~donations-afacce5b.chunk.css>; rel=preload; as=style; crossorigin=anonymous; nopush,</packs/css/vendors~donations-printable-08c47854.chunk.css>; rel=preload; as=style; crossorigin=anonymous; nopush,</packs/js/runtime~donations-a4e5c206c0f2cba20cd4.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~admin~auth~auth-react~crimson-donations~donations-8f56ddfd492dd7b136f0.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~admin~auth-react~crimson-donations~donations-26567203fed712220dc0.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush,</packs/js/vendors~accounts~admin~auth~crimson-donations~donations-0281fa6a1483247918ce.chunk.js>; rel=preload; as=script; crossorigin=anonymous; nopush
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
8c9734146e49bf0c-LHR
x-revision
8fac58f2d9a156930c2e0f863e58ff10d396f5c5
x-xss-protection
0

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8c973412cd57bf0c-LHR
content-type
text/html; charset=utf-8
date
Thu, 26 Sep 2024 23:58:41 GMT
location
https://secure.anedot.com/restore-the-values/general-fund-c0c52e08460?embed=standard
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
8c973412cd57bf0c-LHR
x-revision
8fac58f2d9a156930c2e0f863e58ff10d396f5c5
x-xss-protection
0
box-top.png
restorethevalues.org/wp-content/themes/haven/img/ 		138 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://restorethevalues.org/wp-content/themes/haven/img/box-top.png
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/wp-content/themes/haven/css/style.css?ver=1391020411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
0c4700d88a7dcfb9ec8b0a5b38e460c576ab4d1c94cca980135d81f6b874d5e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/wp-content/themes/haven/css/style.css?ver=1391020411

Response headers

cache-control
public, max-age=604800
etag
"8a-52e9497b-12596145051f1024;;;"
expires
Thu, 03 Oct 2024 23:58:41 GMT
accept-ranges
bytes
content-length
138
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
image/png
last-modified
Wed, 29 Jan 2014 18:33:31 GMT
server
LiteSpeed
0yb9GDoxxrvAnPhYGxkpaE0.woff2
fonts.gstatic.com/s/vollkorn/v23/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Vollkorn:400italic,700italic,400,700&subset=latin,latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb27b60db2c5fb11d568ae6cf79a8977df9796a2cfcd37b46162a49b09b96c01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://restorethevalues.org
Referer
https://fonts.googleapis.com/

Response headers

age
67357
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 05:16:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 05:16:04 GMT
last-modified
Wed, 13 Sep 2023 22:26:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
46448
x-xss-protection
0
server
sffe
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Vollkorn:400italic,700italic,400,700&subset=latin,latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://restorethevalues.org
Referer
https://fonts.googleapis.com/

Response headers

age
67370
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 05:15:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 05:15:51 GMT
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33092
x-xss-protection
0
server
sffe
typicons.woff
restorethevalues.org/wp-content/themes/haven/fonts/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-content/themes/haven/fonts/typicons.woff
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/wp-content/themes/haven/css/typicons.css?ver=1391064961
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
176dacd85c26ed46a0ed4e3228efcd676d806cd9c4f3e306192c3f5d1a535248

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://restorethevalues.org
Referer
https://restorethevalues.org/wp-content/themes/haven/css/typicons.css?ver=1391064961

Response headers

accept-ranges
bytes
content-length
60464
etag
"ec30-52e9627d-9fca3a6714278112;;;"
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
font/woff
last-modified
Wed, 29 Jan 2014 20:20:13 GMT
server
LiteSpeed
0yb7GDoxxrvAnPhYGxksWE8eqQ.woff2
fonts.gstatic.com/s/vollkorn/v23/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vollkorn/v23/0yb7GDoxxrvAnPhYGxksWE8eqQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Vollkorn:400italic,700italic,400,700&subset=latin,latin-ext
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2df946dc6164389d5f6ac664b55c3a56d2b3f6bdd96c814b7ac6f661a2d47cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://restorethevalues.org
Referer
https://fonts.googleapis.com/

Response headers

age
90002
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 22:58:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 22:58:39 GMT
last-modified
Wed, 13 Sep 2023 22:27:35 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
47472
x-xss-protection
0
server
sffe
pview
l.sharethis.com/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1727395120947.74658&hostname=restorethevalues.org&location=%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=https%3A%2F%2Frestorethevalues.org%2F&title=Restore%20the%20Values%20%7C%20Restoring%20America%27s%20Foundation&sop=false&ua=&ua_mobile=false&ua_full_version_list=&uuid=d8f4da2f-6424-4a05-a449-383e2956058a
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.152.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-152-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://restorethevalues.org
Date
Thu, 26 Sep 2024 23:58:41 GMT
Access-Control-Allow-Headers
*
sdk.js
connect.facebook.net/en_US/ 		283 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=2680cc4da92121544cdea1503a0f0944
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0168259c59a875a21b4910a0b41b4dcc30871766bb87d39b315ea5667fe023c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://restorethevalues.org
Referer
https://restorethevalues.org/

Response headers

content-md5
/xrCU1ru9n4jVB8sMiMAXg==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"db408266bf786ddd641a2d9ef52b75ad"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 22:25:35 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
7a025b6905127cf2e6adf8af31a82857
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=5672, tp=10, tpl=0, uplat=0, ullat=-1
x-fb-debug
LLgdZeEPGrM5R9JEKKjicwvPF/9uNBWqi+tU07hkXcyaKAtsEyVDd9s5poQ6Y3IfiVVGyXiAkkQLqcu9yr/vVg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
82569
origin-agent-cluster
?0
pview
l.sharethis.com/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1727395120947.74658&hostname=restorethevalues.org&location=%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=https%3A%2F%2Frestorethevalues.org%2F&title=Restore%20the%20Values%20%7C%20Restoring%20America%27s%20Foundation&sop=false&ua=&ua_mobile=false&ua_full_version_list=&uuid=d8f4da2f-6424-4a05-a449-383e2956058a&img_pview=true
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.152.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-152-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Date
Thu, 26 Sep 2024 23:58:41 GMT
Access-Control-Allow-Headers
*
recaptcha__en.js
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/ 		538 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaCallback&render=explicit&ver=2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://restorethevalues.org
Referer
https://restorethevalues.org/

Response headers

content-encoding
gzip
age
38512
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 13:16:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 13:16:49 GMT
last-modified
Tue, 03 Sep 2024 02:00:38 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
217247
x-xss-protection
0
server
sffe
refill
restorethevalues.org/wp-json/contact-form-7/v1/contact-forms/221/ 		2 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://restorethevalues.org/wp-json/contact-form-7/v1/contact-forms/221/refill
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://restorethevalues.org/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

x-robots-tag
noindex
link
<https://restorethevalues.org/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
etag
"9-1727394792;;;"
x-content-type-options
nosniff
allow
GET
x-litespeed-cache
hit
content-length
2
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
application/json; charset=UTF-8
server
LiteSpeed
access-control-allow-headers
Authorization, Content-Type
ajax-loader.gif
restorethevalues.org/wp-content/plugins/contact-form-7/images/ 		847 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://restorethevalues.org/wp-content/plugins/contact-form-7/images/ajax-loader.gif
Requested by
Host: restorethevalues.org
URL: https://restorethevalues.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
213.109.149.41 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS
scluster10.stablehost.com
Software
LiteSpeed /
Resource Hash
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://restorethevalues.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9

Response headers

cache-control
public, max-age=604800
etag
"34f-59d332a3-be6fd05e0ab97dcb;;;"
expires
Thu, 03 Oct 2024 23:58:41 GMT
accept-ranges
bytes
content-length
847
date
Thu, 26 Sep 2024 23:58:41 GMT
content-type
image/gif
last-modified
Tue, 03 Oct 2017 06:48:03 GMT
server
LiteSpeed
anchor
www.google.com/recaptcha/api2/ Frame D9B8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le43zIUAAAAACHrpRp6aKuxT9gdFae4kwycRxYZ&co=aHR0cHM6Ly9yZXN0b3JldGhldmFsdWVzLm9yZzo0NDM.&hl=en&v=EGbODne6buzpTnWrrBprcfAY&size=normal&cb=mbn8akohvjjx
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-roA8_5M4RzJGfxtzDX-HSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://restorethevalues.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-roA8_5M4RzJGfxtzDX-HSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Sep 2024 23:58:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
profile_image.jpg
restorethevalues.org/wp-content/uploads/2014/02/ 		0
0
bframe
www.google.com/recaptcha/api2/ Frame D719 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=EGbODne6buzpTnWrrBprcfAY&k=6Le43zIUAAAAACHrpRp6aKuxT9gdFae4kwycRxYZ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qp1v0NTMgKmQt47BVsVoiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://restorethevalues.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Qp1v0NTMgKmQt47BVsVoiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Sep 2024 23:58:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
restorethevalues.org
URL
http://restorethevalues.org/wp-content/uploads/2014/02/profile_image.jpg

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| _wpemojiSettings function| jQuery object| stlib boolean| tpcCookiesEnabledStatus string| stWidgetVersion object| stLight object| fb_opts function| easy_fancybox_handler function| easy_fancybox_auto object| recaptchaWidgets function| recaptchaCallback object| addComment object| peThemeOptions object| peContactForm object| peNewsletter object| _haven object| FB object| pixelentity function| Froogaloop function| libFuncName object| html5 object| Modernizr function| yepnope object| Foundation object| jQuery112404039363676341561 object| peGmapStyle object| wpcf7 object| wp object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| accordionShortcodesSettings object| __buffer object| recaptcha object| closure_lm_271780

2 Cookies

Domain/Path Name / Value
.anedot.com/ Name: _anedot_session_production
Value: zeZz53dxhiCHHQ7HmTU2DsKp5RDf3l3qj37c0e9vQGDE8o2nxsYh2AJpVYv0xU5O6r2lcCa3JEOJIlDjKn%2FnV4SesPxLozfKfvYZFrHQwvH9FuabhO2helmQQiP%2BZXTQoqikq5d1MTfoVM6L5hKQ98cXQT%2FvrNTXxj2P9%2BSbaMNdQ1IKPDtiGAj8ghbeE8geaKAs4Fd9pemp4QoxyEwKX9LsNF1hgcVIEAlwdcpfhP2GdiJr2JuEXQ8CyGf3rMDuraJCP0yYrfv3E%2FTLQ9s9a4csXZTXhMZAf2gRaQNygtJYPm6eqst00ZdysrQ0QVfAtj5L7a7VWemZ3w%3D%3D--wLUp3JLs5DMLb2pA--sAGtdRaxJUQAdSwOw9ZsbA%3D%3D
.anedot.com/ Name: __cf_bm
Value: nLVW8vQx8nuxf.ubENymqUXJ0vXNcGevTnOfC7_IgBg-1727395121-1.0.1.1-BhgMSWblLgMS.ilkbb5WNdiqc9i56Yd8aaSSJykFh6B_alilU3n36MES_w2ITj9DW3DNLTAM71fXnd.tUHQEng

7 Console Messages

Source Level URL
Text
security warning URL: https://restorethevalues.org/
Message:
Mixed Content: The page at 'https://restorethevalues.org/' was loaded over HTTPS, but requested an insecure element 'http://restorethevalues.org/wp-content/uploads/2014/03/flag.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://restorethevalues.org/
Message:
Mixed Content: The page at 'https://restorethevalues.org/' was loaded over HTTPS, but requested an insecure element 'http://restorethevalues.org/wp-content/uploads/2014/01/farmhouse.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://restorethevalues.org/(Line 696)
Message:
Mixed Content: The page at 'https://restorethevalues.org/' was loaded over HTTPS, but requested an insecure element 'http://restorethevalues.org/wp-content/uploads/2014/03/flag.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://restorethevalues.org/(Line 696)
Message:
Mixed Content: The page at 'https://restorethevalues.org/' was loaded over HTTPS, but requested an insecure element 'http://restorethevalues.org/wp-content/uploads/2014/01/farmhouse.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://restorethevalues.org/wp-includes/js/jquery/jquery.js?ver=1.12.4(Line 2)
Message:
Mixed Content: The page at 'https://restorethevalues.org/' was loaded over HTTPS, but requested an insecure element 'http://restorethevalues.org/wp-content/uploads/2014/03/flag.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://restorethevalues.org/wp-includes/js/jquery/jquery.js?ver=1.12.4(Line 2)
Message:
Mixed Content: The page at 'https://restorethevalues.org/' was loaded over HTTPS, but requested an insecure element 'http://restorethevalues.org/wp-content/uploads/2014/01/farmhouse.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://restorethevalues.org/
Message:
Mixed Content: The page at 'https://restorethevalues.org/' was loaded over HTTPS, but requested an insecure favicon 'http://restorethevalues.org/wp-content/uploads/2014/02/profile_image.jpg'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

causes.anedot.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
restorethevalues.org
secure.anedot.com
ws.sharethis.com
www.google.com
www.gstatic.com
restorethevalues.org
213.109.149.41
2600:9000:2724:8800:3:c04e:c780:93a1
2606:4700::6812:eec5
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a03:2880:f084:d:face:b00c:0:3
3.75.152.14
08f26bef009017d1d6ef309b3578453a969ecc8024a9521b7f739e44a3fb5bf0
098bda98086360b913062d069673394f88847327682a7da142ac9fb942368f14
0c4700d88a7dcfb9ec8b0a5b38e460c576ab4d1c94cca980135d81f6b874d5e4
176dacd85c26ed46a0ed4e3228efcd676d806cd9c4f3e306192c3f5d1a535248
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
2df946dc6164389d5f6ac664b55c3a56d2b3f6bdd96c814b7ac6f661a2d47cec
331955e6eaac93bc230bb3861df0c29323833dc162babf897b9cc9d4970f1c15
35b5f8d55583cc6d4ea75304d5c38a627419ca2c5c076441904b4055ee0c7f8a
4753b7563419ea3fe0fce14e438c7638a4bf04dc20c503b242980881c3df4aec
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5939a5803f14db3a1ecce70d00266b9079b419036d51cac85e5f0897bfe3d1dc
5a17bdcee3ee7f1a91488c7fb5dad21b5c103931b54e558ecf021fdf412f4a50
5e96ef62895e5b342e80d2191579001517b52f5e429553719519f8acbb8cbaed
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
74816b240a41e777b83a22f4b3671ad6d55161c1e9c3b1ecf575b8c2041f21ea
813d6e618c084bf7b6091543f2d7e3aa9fd1e6f5ad92472ff4937e987a81bddb
8403623695c3c7f672981e76d8d4244063c125148d1359bcca924691680ae597
86f459870ba5444c6231d51c25a8ac717257c3bfba451ebfc2403394a31d38f4
8a22817c878b1458656aae27521f1f876b60d3960cb3290550bc84e153b4b351
900e38fad66d815cd93af472d103f5dfb410727f8ae675b9dfdfe72bf5e6f93f
9624fa377685e537d57e8edcd7cd865915c537a38a3bef3c053e05359c6d2cb6
af00aae5545651f52fdfbed3c4901ef6caeb87be7c9bc111c745b6cc13d3a242
b194aa79b0b402eb99e109761672c067cc56ad45930e84a30a2e50c0a4530b89
b29bd83837b7fef974f0a302c56b652b77a7563ffae0e3ea6d292b11a707daae
bb27b60db2c5fb11d568ae6cf79a8977df9796a2cfcd37b46162a49b09b96c01
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c7c23e4de20e8cad611777aa2c2e003257759118d00ef4457496a49fcbd74c0c
d0168259c59a875a21b4910a0b41b4dcc30871766bb87d39b315ea5667fe023c
d37ab104683877cda06d5cc3fbc09e412ddf18c93b9534b48952b5a8b184e2c2
d7150307d4a68a23c2c677008d29475a47f6cc368c17215cabc6960887938cd0
da9389f78b627b6ba4c2ac3e913be3053ae08ef059a120f63a7a569ab7a1ddfe
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
e291f67dc3e643bfde7604e48a75e17298a3868ebc0c4554b9e8c17355fd6115
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7db88a5dd4feb92dafbf5b17b516ddb78cfe69daff23ed72453a6a561b367f1
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e