urlscan.io logo urlscan.io
SecurityTrails logo

www.nchm.org Open in urlscan Pro
104.198.242.241  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.nchm.org/tax-credits/
Submission: On February 14 via automatic, source links-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 59 HTTP transactions. The main IP is 104.198.242.241, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.nchm.org.
TLS certificate: Issued by R3 on December 27th 2022. Valid for: 3 months.
This is the only time www.nchm.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

21    104.198.242.241 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 241.242.198.104.bc.googleusercontent.com
www.nchm.org
6    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
www.google.de
4    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    13.32.11.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-11-219.vie50.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net
1    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)
settings.luckyorange.net
5    2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.224.189.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-74.fra2.r.cloudfront.net
widget.intercom.io
2    13.225.78.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-83.fra2.r.cloudfront.net
js.intercomcdn.com
1    54.156.44.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-44-158.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
21 nchm.org
www.nchm.org
915 KB
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
481 KB
6 cloudfront.net
d10lpsik1i8c69.cloudfront.net
100 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 18
42 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 93
21 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
stats.g.doubleclick.net — Cisco Umbrella Rank: 160
2 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 6038
201 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 4740
api-iam.intercom.io — Cisco Umbrella Rank: 4748
9 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 109
93 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 3701
455 B
1 luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 11115
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 114
2 KB
59 12
Domain Requested by
21 www.nchm.org 1 redirects www.nchm.org
6 d10lpsik1i8c69.cloudfront.net www.nchm.org
d10lpsik1i8c69.cloudfront.net
6 www.google.com www.nchm.org
www.gstatic.com
www.google.com
5 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 www.google-analytics.com www.nchm.org
www.google-analytics.com
4 www.gstatic.com www.google.com
www.gstatic.com
2 js.intercomcdn.com widget.intercom.io
2 stats.g.doubleclick.net www.google-analytics.com
2 www.googletagmanager.com www.nchm.org
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io www.nchm.org
1 www.google.de www.nchm.org
1 settings.luckyorange.net d10lpsik1i8c69.cloudfront.net
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.googleapis.com www.nchm.org
59 15

This site contains links to these domains. Also see Links.

Domain
nchm.smarteru.com
www.facebook.com
twitter.com
envycreative.co
Subject Issuer Validity Valid
www.nchm.org
R3		 2022-12-27 -
2023-03-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-30 -
2023-05-30		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.intercom.com
Amazon		 2022-03-16 -
2023-04-14		 a year crt.sh
*.intercomcdn.com
Amazon		 2022-12-31 -
2024-01-29		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.nchm.org/tax-credits/
Frame ID: 9A84602ED82CEEB8F6A3136A9975956F
Requests: 50 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4MncaAAAAACi4iLLd2Kdo-dAx_pz3UwYTKQD1&co=aHR0cHM6Ly93d3cubmNobS5vcmc6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=5gvxl3cf5gdz
Frame ID: 169E2D1EA8BC3CC8CAF5EF8E76A18BB7
Requests: 8 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.57b27deb.js
Frame ID: 0A89D61E77266696E5849F403EB12120
Requests: 3 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Frame ID: D9239C99E0CA4D8EEE5BCF9A190A8B64
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tax Credits - National Center for Housing Management

Page URL History Show full URLs

  1. https://www.nchm.org/tax-credits HTTP 301
    https://www.nchm.org/tax-credits/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

59
Requests

97 %
HTTPS

57 %
IPv6

12
Domains

15
Subdomains

15
IPs

3
Countries

1901 kB
Transfer

6693 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.nchm.org/tax-credits HTTP 301
    https://www.nchm.org/tax-credits/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nchm.org/tax-credits/
Redirect Chain
  • https://www.nchm.org/tax-credits
  • https://www.nchm.org/tax-credits/
223 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
5430a0b6ed80ff8c3c8b4c3894fda6b3d168f82e513e3df228bb61228d3f0742

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 14 Feb 2023 02:33:09 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.nchm.org/wp-json/>; rel="https://api.w.org/" <https://www.nchm.org/wp-json/wp/v2/pages/12>; rel="alternate"; type="application/json" <https://www.nchm.org/?p=12>; rel=shortlink
pragma
no-cache
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

cache-control
max-age=600, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 14 Feb 2023 02:33:08 GMT
expires
Tue, 14 Feb 2023 03:33:08 GMT
location
https://www.nchm.org/tax-credits/
pragma
no-cache
server
nginx
vary
X-NR-SAMPLE-PERCENT
x-cache
MISS
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine
x-redirect-by
WordPress
autoptimize_5db1d8daf10fe6e2b41e2654c8c1390e.css
www.nchm.org/wp-content/cache/autoptimize/css/ 		2 MB
262 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_5db1d8daf10fe6e2b41e2654c8c1390e.css
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
7dc0adcc8b60fc2b6b2ce568eda1e274ce767a0a67aae5d6ac27dcd5d5fe9744

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/tax-credits/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
br
last-modified
Tue, 06 Dec 2022 08:36:59 GMT
server
nginx
etag
W/"638eff2b-222ce9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
autoptimize_single_e3ff83271287d0642d32f8ebfdca9223.css
www.nchm.org/wp-content/cache/autoptimize/css/ 		191 B
338 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_single_e3ff83271287d0642d32f8ebfdca9223.css?ver=1591020149
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d2441193e0a8e44aa539c3ec119109cda1219d6c8f61ede17648315a598491ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/tax-credits/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
br
last-modified
Tue, 06 Dec 2022 07:06:19 GMT
server
nginx
etag
W/"638ee9eb-bf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
autoptimize_single_62825e69bf2e1a54ee49f11b89c97950.css
www.nchm.org/wp-content/cache/autoptimize/css/ 		3 KB
901 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_single_62825e69bf2e1a54ee49f11b89c97950.css?ver=1612550869
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d242f542e06efe628894f37fda478c2da74ca80d911ee9c9de794953313244c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/tax-credits/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
br
last-modified
Tue, 06 Dec 2022 07:06:19 GMT
server
nginx
etag
W/"638ee9eb-b2a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
autoptimize_single_96b9823368fd6cdf203e1fa0fd9480dd.css
www.nchm.org/wp-content/cache/autoptimize/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_single_96b9823368fd6cdf203e1fa0fd9480dd.css?ver=1612550869
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5b63e37c2ce6f250eb41a5b1b7b6b439d42465fd27aecc8055ff36d81c72418b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/tax-credits/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
br
last-modified
Tue, 06 Dec 2022 07:06:19 GMT
server
nginx
etag
W/"638ee9eb-5df9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
autoptimize_single_d771330c3d2d76be515122b3d74235a1.css
www.nchm.org/wp-content/cache/autoptimize/css/ 		96 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_single_d771330c3d2d76be515122b3d74235a1.css?ver=1612550869
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
22c4ef8e8ef3b9318b99962a9419494017382d657dfbec231ce2e83748930ce2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/tax-credits/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
br
last-modified
Tue, 06 Dec 2022 07:06:19 GMT
server
nginx
etag
W/"638ee9eb-1808a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
dashicons.min.css
www.nchm.org/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-includes/css/dashicons.min.css?ver=5.8.6
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/tax-credits/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
br
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
nginx
etag
W/"603ffca6-e688"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
www.nchm.org/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/tax-credits/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
api.js
www.google.com/recaptcha/ 		884 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ld4MncaAAAAACi4iLLd2Kdo-dAx_pz3UwYTKQD1&ver=5.8.6
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d535df046691fdfdfa421d3abc49be5a67c28ab7a3c95d4f71ad94a2efd0e521
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
582
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 02:33:09 GMT
js
www.googletagmanager.com/gtag/ 		129 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-437682610
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
166792f8725aca4db3ae0e99d93688957aaa89b2ffc6038eadb1fdaef7399d50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50845
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 00:12:31 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Feb 2023 02:33:09 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-139070136-1
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
919b10c6718a2e2abee004ef4a7a792b9925380dea354b5ba68e19c34716598f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44115
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 00:12:31 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Feb 2023 02:33:09 GMT
css
fonts.googleapis.com/ 		52 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CPoppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COpen+Sans:300,regular,500,600,700,800,300italic,italic,500italic,600italic,700italic,800italic&subset=latin%2Clatin-ext%2Clatin%2Clatin-ext&display=swap
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a73e7459eaa7295d648762dc0342adead674e15775bf7d69ab1a025108b9ed6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 02:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 02:33:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Feb 2023 02:33:10 GMT
autoptimize_541e2ced151704f4ff1844c6de47ec02.css
www.nchm.org/wp-content/cache/autoptimize/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_541e2ced151704f4ff1844c6de47ec02.css
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2e05a099697256c998974e9155f9d6c2c2df700504628e7cb30977fe773eb63c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/tax-credits/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
br
last-modified
Tue, 06 Dec 2022 07:06:19 GMT
server
nginx
etag
W/"638ee9eb-1b6d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
api.js
www.google.com/recaptcha/ 		850 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c6517ce622f7543c43012579eebb219cd6f160eb3d5c66afdbe1117634d2c988
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
551
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 02:33:09 GMT
lazysizes.min.js
www.nchm.org/wp-content/plugins/autoptimize/classes/external/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=3.1.4
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/tax-credits/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
br
last-modified
Wed, 07 Dec 2022 00:39:36 GMT
server
nginx
etag
W/"638fe0c8-2655"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
autoptimize_0bc4d69801ff9a974c8d7150e3d0fcb5.js
www.nchm.org/wp-content/cache/autoptimize/js/ 		1 MB
337 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-content/cache/autoptimize/js/autoptimize_0bc4d69801ff9a974c8d7150e3d0fcb5.js
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
156e416ac98a8e3038cdcb2dad18df5aebf76fd1d6b2e0de27c229c299da69c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/tax-credits/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:09 GMT
content-encoding
br
last-modified
Wed, 07 Dec 2022 00:40:11 GMT
server
nginx
etag
W/"638fe0eb-13da38"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ 		406 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ld4MncaAAAAACi4iLLd2Kdo-dAx_pz3UwYTKQD1&ver=5.8.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nchm.org/
Origin
https://www.nchm.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 08:17:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166252
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 03:04:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Feb 2024 08:17:54 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 01:12:06 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4864
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 14 Feb 2023 03:12:06 GMT
w.js
d10lpsik1i8c69.cloudfront.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.11.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-11-219.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:19:15 GMT
content-encoding
gzip
via
1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:48 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
835
etag
W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
xrE-p6KB8ZqFZC-S8RXiX-WJc6_7ifmyZOtBCbmtwfR02BQecswm0Q==
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
modules.ttf
www.nchm.org/wp-content/themes/Divi/core/admin/fonts/ 		90 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_5db1d8daf10fe6e2b41e2654c8c1390e.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Referer
https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_5db1d8daf10fe6e2b41e2654c8c1390e.css
Origin
https://www.nchm.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:10 GMT
last-modified
Mon, 01 Jun 2020 14:12:34 GMT
server
nginx
etag
"5ed50cd2-168f0"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
92400
191024062605GT-Pressura.woff
www.nchm.org/wp-content/uploads/useanyfont/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-content/uploads/useanyfont/191024062605GT-Pressura.woff
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_single_e3ff83271287d0642d32f8ebfdca9223.css?ver=1591020149
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e09e2a36aaad31aadf6fc0bfbfbb5113bc120a235a609cc4bd698f02fe663c29

Request headers

Referer
https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_single_e3ff83271287d0642d32f8ebfdca9223.css?ver=1591020149
Origin
https://www.nchm.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:10 GMT
last-modified
Thu, 31 Oct 2019 05:05:39 GMT
server
nginx
etag
"5dba6ba3-e370"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
58224
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
822a3c095d46c2bdf90baf6322024e0d697162fedbc827eca002532228591256

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
tcs-section.jpg
www.nchm.org/wp-content/uploads/2019/09/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nchm.org/wp-content/uploads/2019/09/tcs-section.jpg
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_5db1d8daf10fe6e2b41e2654c8c1390e.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ec4ece3230f7ad4421b0bf1d2335737cbee74c9fee5c4e761285c4b60dc4ebd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_5db1d8daf10fe6e2b41e2654c8c1390e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:10 GMT
last-modified
Thu, 31 Oct 2019 05:05:40 GMT
server
nginx
etag
"5dba6ba4-3411"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13329
truncated
/ 		314 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f366824dfaa863a5c814793ff70d5c63b94197c198cb2f0a67ed76b56db2cef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/437682610/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/437682610/?random=1676341990143&cv=11&fst=1676341990143&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.nchm.org%2Ftax-credits%2F&tiba=Tax%20Credits%20-%20National%20Center%20for%20Housing%20Management&auid=23839266.1676341990&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-437682610
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
104224931b40e3f133ed0742ec64f3bda4bd50ef6eef127adb81a793779c8951
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 02:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
901
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
settings.luckyorange.net/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.nchm.org%2Ftax-credits%2F&s=196142
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d526881ff22aaf1801b58649a20068f7b1067cd25452911d4d3ed9025f1697b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.nchm.org
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfNPVbcwNSKJluTro%2BDRevnXGpEZvM2FM3sSafkcOpW0DJN9mPdPDeEE919kifQe%2BBRx3iwL5EcDc3lfLK76fkS53n9gWMw6OChJ9IQ9RSGnR80ZPGkGuSHCtsF6gyJ9Yb831C%2Fch5VRRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-credentials
true
cf-ray
799265beef0f920b-FRA
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
nchm-hi-reslogo.png
www.nchm.org/wp-content/uploads/2019/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nchm.org/wp-content/uploads/2019/12/nchm-hi-reslogo.png
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd60b6fd75eb99bb80dddb3d68a9813f337bac4175391928c0db5d5e307731c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/tax-credits/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:10 GMT
last-modified
Sat, 28 Dec 2019 15:37:48 GMT
server
nginx
etag
"5e0776cc-78b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1931
nchm-taxcredits.jpg
www.nchm.org/wp-content/uploads/2019/12/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nchm.org/wp-content/uploads/2019/12/nchm-taxcredits.jpg
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e26ec45366fa5be477130eb55c0a838387af061ad2ef3ff0c440da84a3a08176

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/tax-credits/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:10 GMT
last-modified
Sat, 21 Dec 2019 15:40:43 GMT
server
nginx
etag
"5dfe3cfb-6c83"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
27779
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CPoppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COpen+Sans:300,regular,500,600,700,800,300italic,italic,500italic,600italic,700italic,800italic&subset=latin%2Clatin-ext%2Clatin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nchm.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 22:20:50 GMT
x-content-type-options
nosniff
age
360740
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Feb 2024 22:20:50 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CPoppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COpen+Sans:300,regular,500,600,700,800,300italic,italic,500italic,600italic,700italic,800italic&subset=latin%2Clatin-ext%2Clatin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nchm.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 08:26:15 GMT
x-content-type-options
nosniff
age
324415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 08:26:15 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CPoppins:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7COpen+Sans:300,regular,500,600,700,800,300italic,italic,500italic,600italic,700italic,800italic&subset=latin%2Clatin-ext%2Clatin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.nchm.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 13:23:25 GMT
x-content-type-options
nosniff
age
306585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 13:23:25 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:12:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
1237
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 14 Feb 2023 03:12:33 GMT
anchor
www.google.com/recaptcha/api2/ Frame 169E 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4MncaAAAAACi4iLLd2Kdo-dAx_pz3UwYTKQD1&co=aHR0cHM6Ly93d3cubmNobS5vcmc6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=5gvxl3cf5gdz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9a9e28b47c4732eaf3e60cc2d02d9b68a79a1dd7166c6d27240682b1fa33fc31
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KBaX6vxz2tPfTNsCbRzCow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nchm.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22242
content-security-policy
script-src 'report-sample' 'nonce-KBaX6vxz2tPfTNsCbRzCow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 14 Feb 2023 02:33:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dc6f8b87a4150c10c500f7e0dc27355fd0313e6c95c9d560e2bc5d0035403a3

Request headers

Referer
Origin
https://www.nchm.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
font/opentype;charset=utf-8
styles__ltr.css
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 169E 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4MncaAAAAACi4iLLd2Kdo-dAx_pz3UwYTKQD1&co=aHR0cHM6Ly93d3cubmNobS5vcmc6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=5gvxl3cf5gdz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 00:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 03:04:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 00:50:27 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 169E 		406 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4MncaAAAAACi4iLLd2Kdo-dAx_pz3UwYTKQD1&co=aHR0cHM6Ly93d3cubmNobS5vcmc6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=5gvxl3cf5gdz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 08:17:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65716
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166252
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 03:04:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Feb 2024 08:17:54 GMT
/
www.nchm.org/ 		521 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/?wc-ajax=get_refreshed_fragments
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
0dabad8d9b3b57423d7eed7d9a8268251e422f9ecb2e341eaa049a1e1c30a6cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://www.nchm.org/tax-credits/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 02:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-powered-by
WP Engine
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, X-NR-SAMPLE-PERCENT
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nchm.org
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
wpdatatablesicons-base.woff
www.nchm.org/wp-content/plugins/wpdatatables/assets/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-content/plugins/wpdatatables/assets/fonts/wpdatatablesicons-base.woff
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_5db1d8daf10fe6e2b41e2654c8c1390e.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
fb8ed4af19eafed495fd738582e4d619a121ccfffb095a0be2b0a96251014f96

Request headers

Referer
https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_5db1d8daf10fe6e2b41e2654c8c1390e.css
Origin
https://www.nchm.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:10 GMT
last-modified
Sat, 21 Dec 2019 14:39:47 GMT
server
nginx
etag
"5dfe2eb3-22e0"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8928
ET-Bloom.woff
www.nchm.org/wp-content/plugins/bloom/css/fonts/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nchm.org/wp-content/plugins/bloom/css/fonts/ET-Bloom.woff?gd6mr8
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_5db1d8daf10fe6e2b41e2654c8c1390e.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
89b6fc20e99da6c304c84e47abe126d4f7eb31e5366e97b451a9aca07181ddb3

Request headers

Referer
https://www.nchm.org/wp-content/cache/autoptimize/css/autoptimize_5db1d8daf10fe6e2b41e2654c8c1390e.css
Origin
https://www.nchm.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:10 GMT
last-modified
Thu, 24 Dec 2020 15:14:48 GMT
server
nginx
etag
"5fe4b068-172c"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
5932
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1805030983&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nchm.org%2Ftax-credits%2F&ul=en-us&de=UTF-8&dt=Tax%20Credits%20-%20National%20Center%20for%20Housing%20Management&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIJAAAAACAMI~&jid=2089270611&gjid=335026969&cid=321017087.1676341990&tid=UA-139070136-1&_gid=1527005119.1676341990&_r=1&gtm=457e32d0&z=368439217
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nchm.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 02:33:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nchm.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-139070136-1&cid=321017087.1676341990&jid=1388056680&gjid=269392484&_gid=1527005119.1676341990&_u=aGDAgUIJAAAAAGAMI~&z=116470152
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nchm.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 14 Feb 2023 02:33:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nchm.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1805030983&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nchm.org%2Ftax-credits%2F&ul=en-us&de=UTF-8&dt=Tax%20Credits%20-%20National%20Center%20for%20Housing%20Management&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUIJAAAAACAMI~&jid=1388056680&gjid=269392484&cid=321017087.1676341990&tid=UA-139070136-1&_gid=1527005119.1676341990&z=1384754212
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 06:06:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
73629
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin
https://www.nchm.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
/
www.google.com/pagead/1p-user-list/437682610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/437682610/?random=1676341990143&cv=11&fst=1676340000000&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.nchm.org%2Ftax-credits%2F&tiba=Tax%20Credits%20-%20National%20Center%20for%20Housing%20Management&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=308954985&rmt_tld=0&ipr=y
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 02:33:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/437682610/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/437682610/?random=1676341990143&cv=11&fst=1676340000000&bg=ffffff&guid=ON&async=1&gtm=45be32d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.nchm.org%2Ftax-credits%2F&tiba=Tax%20Credits%20-%20National%20Center%20for%20Housing%20Management&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=308954985&rmt_tld=1&ipr=y
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Feb 2023 02:33:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-139070136-1&cid=321017087.1676341990&jid=2089270611&gjid=335026969&_gid=1527005119.1676341990&_u=aGDAAUIIAAAAACAMI~&z=367920629
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nchm.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 14 Feb 2023 02:33:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nchm.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 169E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 15:21:21 GMT
x-content-type-options
nosniff
age
558709
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 14 Feb 2023 15:21:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 169E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4MncaAAAAACi4iLLd2Kdo-dAx_pz3UwYTKQD1&co=aHR0cHM6Ly93d3cubmNobS5vcmc6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=5gvxl3cf5gdz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 02:55:21 GMT
x-content-type-options
nosniff
age
344269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 02:55:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 169E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4MncaAAAAACi4iLLd2Kdo-dAx_pz3UwYTKQD1&co=aHR0cHM6Ly93d3cubmNobS5vcmc6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=5gvxl3cf5gdz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 11 Feb 2023 02:34:10 GMT
x-content-type-options
nosniff
age
259140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Feb 2024 02:34:10 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 169E 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4MncaAAAAACi4iLLd2Kdo-dAx_pz3UwYTKQD1&co=aHR0cHM6Ly93d3cubmNobS5vcmc6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=5gvxl3cf5gdz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9345880ada178d9c36ed991525ff3c0671594be63500a61313d2ac1d35f3a51c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4MncaAAAAACi4iLLd2Kdo-dAx_pz3UwYTKQD1&co=aHR0cHM6Ly93d3cubmNobS5vcmc6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=5gvxl3cf5gdz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 02:33:10 GMT
e1mn2o8y
widget.intercom.io/widget/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/e1mn2o8y
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/tax-credits/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-74.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
016170945aee682c3eb227cfdd5bf663da35e8cc5ef96a38eb6c18113e8c00a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
.2LK0DotpT_dED5.nDB3UctOYhnrHEGV
content-encoding
gzip
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
date
Tue, 14 Feb 2023 02:17:34 GMT
x-amz-cf-pop
FRA2-C1
age
977
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
6161
last-modified
Fri, 10 Feb 2023 16:58:42 GMT
server
AmazonS3
etag
"2c7a2a98ae31fdb34eb6ff25cf533f46"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
T9xiInz26wNp8iAUSg1a65giOaoa-ZeZH4SfEGA84kQi8rRAnY4jVA==
nchm-hi-reslogo.png
www.nchm.org/wp-content/uploads/2019/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nchm.org/wp-content/uploads/2019/12/nchm-hi-reslogo.png
Requested by
Host: www.nchm.org
URL: https://www.nchm.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.242.241 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
241.242.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd60b6fd75eb99bb80dddb3d68a9813f337bac4175391928c0db5d5e307731c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/tax-credits/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 02:33:11 GMT
last-modified
Sat, 28 Dec 2019 15:37:48 GMT
server
nginx
etag
"5e0776cc-78b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1931
reload
www.google.com/recaptcha/api2/ Frame 169E 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Ld4MncaAAAAACi4iLLd2Kdo-dAx_pz3UwYTKQD1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ccc698ba4804d3cd1739cd1ce3fd2871ac149ee189be74cb04e861e845ff92c7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4MncaAAAAACi4iLLd2Kdo-dAx_pz3UwYTKQD1&co=aHR0cHM6Ly93d3cubmNobS5vcmc6NDQz&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=5gvxl3cf5gdz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 14 Feb 2023 02:33:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18548
x-xss-protection
1; mode=block
expires
Tue, 14 Feb 2023 02:33:11 GMT
frame-modern.57b27deb.js
js.intercomcdn.com/ Frame 0A89 		481 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.57b27deb.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/e1mn2o8y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-83.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05ce8d26228b23c50a299f16a94214a144a67c3e10db620bdd59f5ccbc7dfa27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
87.z7bCgbdb7WgEvVCx4qGuewWKfLoNK
content-encoding
gzip
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
date
Tue, 14 Feb 2023 01:39:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
3236
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
130361
last-modified
Fri, 10 Feb 2023 16:56:34 GMT
server
AmazonS3
etag
"b387193561ac69f482ff267814ce77d7"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
1CkDfONoTgUKn5eysrXif8Z6oRvhYUtXUIByyrHgKQZ2m9vHCMOHsA==
vendor-modern.bf2fc44b.js
js.intercomcdn.com/ Frame 0A89 		236 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.bf2fc44b.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/e1mn2o8y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-83.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c0b36116790d5222385c8a4896ba56213a9fd1004acc0581d2809de80f8ddf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
_jg9spuixJXj1Gjmn6WfWk5_OwkmGYG_
content-encoding
gzip
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
date
Tue, 14 Feb 2023 01:35:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
3489
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
74413
last-modified
Fri, 10 Feb 2023 16:56:34 GMT
server
AmazonS3
etag
"4d1ca9efe014d2b78e81f605f2c0b4ea"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
fpGcQwPMx8VShgrbQAex5qehS-LouFamwhOC8_09yiPJwvQPtvqAxA==
ping
api-iam.intercom.io/messenger/web/ Frame 0A89 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.57b27deb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.44.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-44-158.compute-1.amazonaws.com
Software
nginx /
Resource Hash
513d5ce7508f42ab02bbf4ef3bd54ba09e88c7ccdce3a862aeb2a4548cd68ff7
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 14 Feb 2023 02:33:12 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-028cdaadd94b7283a
status
200 OK
x-xss-protection
1; mode=block
x-request-id
002sdabrd3q2ujitth8g
x-runtime
0.375667
server
nginx
etag
W/"513d5ce7508f42ab02bbf4ef3bd54ba0"
x-ratelimit-remaining
13332
vary
Accept,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nchm.org
x-intercom-version
7b3b78b207fd16251ba2c92856f00997de546721
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1676342000
x-ratelimit-limit
13333
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
clickstream.js
d10lpsik1i8c69.cloudfront.net/js/ Frame D923 		287 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.11.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-11-219.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb

Request headers

Referer
Origin
https://www.nchm.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 08:17:40 GMT
content-encoding
gzip
via
1.1 614c7e2196cc5b32f71450d1d8261094.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
152133
x-cache
Hit from cloudfront
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
etag
W/"6a7ba000cc0f3518baa46608eb12410c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
Sy2KISOjAuvwC_PvHrekYOO6maoaOvBnXNghZ9xyJmBqh9gzXlcr-w==
blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.11.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-11-219.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 02:19:12 GMT
via
1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
3024841
etag
"2e4ff7ec8bf18d247ee942621e0f9d65"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1283
x-amz-cf-id
-Ynk1kuQkngAxZVL_PbgA7lpx1-s_CECq5q2ma6YK3KQm7TNuSqSZA==
logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.11.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-11-219.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 06:01:30 GMT
via
1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
3097903
etag
"35ce74c31e3ef54462a234340af702d7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1143
x-amz-cf-id
P4_730qhg0qoptaMLuzCdXBjlAYwayI9k8LYWIeeLrgvUZ_MqNr1fQ==
sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		277 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.11.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-11-219.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 01:18:08 GMT
via
1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
2942105
etag
"76f1993de0fd323f67cece8d8e63bfa2"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
277
x-amz-cf-id
CklUvyHL0vWxF17Q8bRA4qpVanMwRphxONogEWfh0Js_ISCs_wQ13Q==
reset.css
d10lpsik1i8c69.cloudfront.net/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.11.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-11-219.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.nchm.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 01:36:28 GMT
content-encoding
gzip
via
1.1 07ba06e632a891feeba3436a80d00ee4.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
2163405
etag
W/"7144eaceff0b31347712515a6116074e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
oGZg7fn0xoE_ljiON8EE8GH5br8Se_Ssf06E20N8juvQr7lacguc9w==
7351e4e9-58c5-48f6-b0a9-317100dd7aab
https://www.nchm.org/ Frame D923 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.nchm.org/7351e4e9-58c5-48f6-b0a9-317100dd7aab
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length
0
Content-Type
144ea9b0-b912-475f-8c78-658e3f3a6431
https://www.nchm.org/ Frame D923 		30 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.nchm.org/144ea9b0-b912-475f-8c78-658e3f3a6431
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length
31224
Content-Type

Verdicts & Comments Add Verdict or Comment

265 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| oncontentvisibilityautostatechange string| ajaxurl string| ajax string| et_site_url string| et_post_id function| et_core_page_resource_fallback undefined| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| et_core_api_spam_recaptcha object| wc_ga_pro string| GoogleAnalyticsObject function| ga boolean| jQueryMigrateHelperHasSentDowngrade object| neo_lang number| __lo_site_id function| gtag object| dataLayer object| intercomSettings function| Intercom function| quadmenu_duplicate object| lazySizesConfig string| tcap_sitekey string| tcap_sitekey_v3 string| tcap_theme string| tcap_score string| tcap_invisible string| tcap_optin function| onloadCallback undefined| etContactSubmit undefined| etEmailOptinSubmit object| wc_add_to_cart_params object| woocommerce_params object| wc_cart_fragments_params object| DIVI object| et_shortcodes_strings object| et_pb_custom object| et_frontend_scripts object| et_pb_box_shadow_elements object| et_pb_motion_elements object| monarchSettings object| wc_country_select_params object| wc_address_i18n_params object| ywcmas_frontend_params object| quadmenu object| wpdatatables_edit_strings object| wdt_ajax_object object| wpdatatables_settings object| wpdatatables_frontend_strings object| bloomSettings function| nitroThumb function| nitroFrame function| init object| google_tag_manager object| google_tag_data object| lazySizes object| GooglebQhCsO boolean| __lo_csr_added object| gaplugins object| gaGlobal object| gaData object| recaptcha object| closure_lm_941617 function| storeObject function| retrieveObject function| set_nprdl_values function| get_nprdl_values function| initialize_nprdl_values function| neo_format_money function| neo_detect_page function| neo_get_url_parameter function| neo_validate_email function| neo_stripslashes function| neo_validate_phone function| neo_validate_postal_code function| neo_remove_final_comma function| neo_get_level function| neo_hide_course_options function| neo_login_form_display function| neo_scroll_top function| neo_blockUI_check function| neo_blockUI function| neo_unblockUI function| neo_display_combined_errors function| move_nav function| neo_hide_online_shipping_items function| neo_adjust_order_display function| setupNavs function| neo_check_blank_learner_form function| processSetup function| neo_validate_student function| neo_populate_student_display_value function| neo_update_student_list function| neo_delete_student function| neo_check_button_access function| neo_validate_step function| neo_select_default_shipping_methods function| neo_increase_value function| neo_decrease_value function| neo_toggle_qty_display function| neo_adjust_quantities function| neo_calculate_spots_available function| neo_refresh_order_summary function| debugging function| isIE function| createCalendar function| caleandar function| Calendar boolean| pp_alreadyInitialized function| wdtHideTooltip function| wdtNotify function| wdtInputToColorpicker function| wdtApplyColorPicker function| wdtColorPickerToInput string| sRangeFormat function| fnOnFiltered function| wdtCreateInput function| wdtCreateNumberRangeInput function| wdtCreateDateRangeInput function| wdtCreateDateTimeRangeInput function| wdtCreateTimeRangeInput function| wdtCreateSelectbox function| wdtCreateMultiSelectbox function| wdtCreateCheckbox function| getColumnDistinctValues function| buildSearchStringForMultiFilters function| wdtClearFilters object| wdtCustomUploader function| inlineEditClass function| ResponsiveDatatablesHelper function| wdtCustomDateDDMMMYYYYToOrd function| wdtValidateURL function| wdtPrepareDate function| wdtPrepareTime function| wdtValidateEmail function| wdtRandString function| wdtFormatNumber function| wdtUnformatNumber function| wdtCalculateColumnSum function| wdtCalculateColumnMin function| wdtCalculateColumnMax function| wdtFormatNumberByColumnType function| wdtFillPossibleValuesList function| wdtAddDatePlaceholders function| getMomentWdtDateFormat function| getMomentWdtTimeFormat function| searchQueryString function| removeURLParameter object| wpDataTables object| wpDataTablesSelRows object| wpDataTablesFunctions object| wpDataTablesUpdatingFlags object| wpDataTablesResponsiveHelpers object| wpDataTablesHooks object| wpDataTablesEditors object| wdtBreakpointDefinition function| wdtRenderDataTable boolean| singleClick function| wdtApplyCellAction function| wdtDialog function| wdtAddOverlay function| wdtRemoveOverlay function| getPurifiedValue function| wdtCheckConditionalFormatting object| nprdl_id_post_values object| variations function| md5 function| ES6Promise object| etCore function| Cookies function| et_shortcodes_init function| Waypoint object| salvattore function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars object| ET_SmoothScroll boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized object| wp function| AjaxBootstrapSelect function| AjaxBootstrapSelectList function| AjaxBootstrapSelectRequest function| moment object| noUiSlider function| wNumb object| Waves function| _ boolean| detection_check string| current_url number| temp_found number| level_check object| $et_tooltip object| $et_learn_more function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| et_calculate_fullscreen_section_size function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init string| blank_check string| waypointContextKey function| __intercomAssignLocation object| WTW_Watcher object| LO object| _loq

15 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AMK3mNAPDn1wVaWOKI5o05RFv9RPimQZrFNFTSqUo9p6KFkBaY3blDxsYGnzvxdeIlhhc9GDm9Jk6-U6PYHMVpg
.nchm.org/ Name: _gcl_au
Value: 1.1.23839266.1676341990
.nchm.org/ Name: _ga
Value: GA1.2.321017087.1676341990
.nchm.org/ Name: _gid
Value: GA1.2.1527005119.1676341990
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.nchm.org/ Name: _gat_gtag_UA_139070136_1
Value: 1
.nchm.org/ Name: _gat
Value: 1
www.nchm.org/ Name: PHPSESSID
Value: 6a191845d665427b341f81c6c9b6a7cf
.nchm.org/ Name: _lo_uid
Value: 196142-1676341992016-00f08ee123ff770d
.nchm.org/ Name: _lorid
Value: 196142-1676341992016-aaa5f113617543d0
.nchm.org/ Name: _lo_v
Value: 1
.nchm.org/ Name: __lotl
Value: https%3A%2F%2Fwww.nchm.org%2Ftax-credits%2F
.nchm.org/ Name: intercom-id-e1mn2o8y
Value: abce2d5c-d1ba-447f-a378-4fdb1bb21a66
.nchm.org/ Name: intercom-session-e1mn2o8y
Value:
.nchm.org/ Name: intercom-device-id-e1mn2o8y
Value: 4f7d6cea-1330-49dd-83da-37c38c51ce60

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
d10lpsik1i8c69.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.intercomcdn.com
settings.luckyorange.net
stats.g.doubleclick.net
widget.intercom.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.nchm.org
104.198.242.241
13.224.189.74
13.225.78.83
13.32.11.219
172.67.75.100
2a00:1450:400d:806::2003
2a00:1450:400d:806::2008
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2003
2a00:1450:400d:80e::200a
2a00:1450:4025:401::9d
54.156.44.158
016170945aee682c3eb227cfdd5bf663da35e8cc5ef96a38eb6c18113e8c00a4
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05ce8d26228b23c50a299f16a94214a144a67c3e10db620bdd59f5ccbc7dfa27
08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb
0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478
0dabad8d9b3b57423d7eed7d9a8268251e422f9ecb2e341eaa049a1e1c30a6cf
104224931b40e3f133ed0742ec64f3bda4bd50ef6eef127adb81a793779c8951
156e416ac98a8e3038cdcb2dad18df5aebf76fd1d6b2e0de27c229c299da69c6
166792f8725aca4db3ae0e99d93688957aaa89b2ffc6038eadb1fdaef7399d50
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
22c4ef8e8ef3b9318b99962a9419494017382d657dfbec231ce2e83748930ce2
2c0b36116790d5222385c8a4896ba56213a9fd1004acc0581d2809de80f8ddf9
2dc6f8b87a4150c10c500f7e0dc27355fd0313e6c95c9d560e2bc5d0035403a3
2e05a099697256c998974e9155f9d6c2c2df700504628e7cb30977fe773eb63c
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
4f366824dfaa863a5c814793ff70d5c63b94197c198cb2f0a67ed76b56db2cef
513d5ce7508f42ab02bbf4ef3bd54ba09e88c7ccdce3a862aeb2a4548cd68ff7
5430a0b6ed80ff8c3c8b4c3894fda6b3d168f82e513e3df228bb61228d3f0742
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b63e37c2ce6f250eb41a5b1b7b6b439d42465fd27aecc8055ff36d81c72418b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7dc0adcc8b60fc2b6b2ce568eda1e274ce767a0a67aae5d6ac27dcd5d5fe9744
822a3c095d46c2bdf90baf6322024e0d697162fedbc827eca002532228591256
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89b6fc20e99da6c304c84e47abe126d4f7eb31e5366e97b451a9aca07181ddb3
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
919b10c6718a2e2abee004ef4a7a792b9925380dea354b5ba68e19c34716598f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9345880ada178d9c36ed991525ff3c0671594be63500a61313d2ac1d35f3a51c
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
9a9e28b47c4732eaf3e60cc2d02d9b68a79a1dd7166c6d27240682b1fa33fc31
9d526881ff22aaf1801b58649a20068f7b1067cd25452911d4d3ed9025f1697b
a73e7459eaa7295d648762dc0342adead674e15775bf7d69ab1a025108b9ed6c
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd60b6fd75eb99bb80dddb3d68a9813f337bac4175391928c0db5d5e307731c4
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c6517ce622f7543c43012579eebb219cd6f160eb3d5c66afdbe1117634d2c988
ccc698ba4804d3cd1739cd1ce3fd2871ac149ee189be74cb04e861e845ff92c7
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d242f542e06efe628894f37fda478c2da74ca80d911ee9c9de794953313244c7
d2441193e0a8e44aa539c3ec119109cda1219d6c8f61ede17648315a598491ae
d535df046691fdfdfa421d3abc49be5a67c28ab7a3c95d4f71ad94a2efd0e521
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e09e2a36aaad31aadf6fc0bfbfbb5113bc120a235a609cc4bd698f02fe663c29
e26ec45366fa5be477130eb55c0a838387af061ad2ef3ff0c440da84a3a08176
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec4ece3230f7ad4421b0bf1d2335737cbee74c9fee5c4e761285c4b60dc4ebd1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0
fb8ed4af19eafed495fd738582e4d619a121ccfffb095a0be2b0a96251014f96