battleforthehill.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://battleforthehill.com/
Effective URL:
https://battleforthehill.com/
Submission: On April 03 via api (April 3rd 2024, 1:07:01 am UTC) from US — Scanned from NL

Summary HTTP 39 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 39 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is battleforthehill.com.
TLS certificate: Issued by E1 on February 26th 2024. Valid for: 3 months.

This is the only time battleforthehill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
6	2606:4700:10:... 2606:4700:10::6816:eca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.206.42 216.58.206.42	15169 (GOOGLE) (GOOGLE)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
39	14

14 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

battleforthehill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.ckeditor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:eca (United States)

ASN13335 (CLOUDFLARENET, US)

storage.ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:f8cb (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	battleforthehill.com battleforthehill.com	3 MB
6	unpkg.com 4 redirects unpkg.com — Cisco Umbrella Rank: 725	18 KB
6	ko-fi.com storage.ko-fi.com — Cisco Umbrella Rank: 51401	19 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	8 KB
4	gstatic.com fonts.gstatic.com	250 KB
3	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653	121 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107	188 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 234	16 KB
1	ckeditor.com cdn.ckeditor.com — Cisco Umbrella Rank: 16472	176 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 744	79 KB
39	10

	Domain	Requested by
14	battleforthehill.com	battleforthehill.com
6	unpkg.com	4 redirects battleforthehill.com
6	storage.ko-fi.com	battleforthehill.com storage.ko-fi.com
5	fonts.googleapis.com	battleforthehill.com storage.ko-fi.com
4	fonts.gstatic.com	fonts.googleapis.com battleforthehill.com
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
2	pagead2.googlesyndication.com	battleforthehill.com pagead2.googlesyndication.com
1	cdnjs.cloudflare.com	battleforthehill.com
1	cdn.ckeditor.com	battleforthehill.com
1	code.jquery.com	battleforthehill.com
39	10

This site contains links to these domains. Also see Links.

Domain
ko-fi.com
discord.gg
battleforthehill.fandom.com

Subject Issuer	Validity	Valid
battleforthehill.com E1	`2024-02-26` - `2024-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
cdn.ckeditor.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-06` - `2024-05-06`	a year	crt.sh
ko-fi.com GTS CA 1P5	`2024-03-09` - `2024-06-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://battleforthehill.com/
Frame ID: C1BB61690EDC974692DB5192613B2E1F
Requests: 33 HTTP requests in this frame

Frame: https://storage.ko-fi.com/cdn/scripts/floating-chat-main.css
Frame ID: 659A09FEBBA302F9BA51F12557646E99
Requests: 3 HTTP requests in this frame

Frame: https://storage.ko-fi.com/cdn/scripts/floating-chat-main.css
Frame ID: 86376A83B6D84E11137023D076B4289C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Battle for the Hill

Page URL History Show full URLs

http://battleforthehill.com/ HTTP 307
https://battleforthehill.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

95 %
HTTPS

46 %
IPv6

10
Domains

10
Subdomains

14
IPs

4
Countries

4456 kB
Transfer

9455 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://ko-fi.com/battleforthehill
Title: https://ko-fi.com/battleforthehill

Search URL Search Domain Scan URL

URL: https://discord.gg/mvmRvpWhHN
Title: Discord

Search URL Search Domain Scan URL

URL: https://battleforthehill.fandom.com/
Title: Wiki

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://battleforthehill.com/ HTTP 307
https://battleforthehill.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://unpkg.com/@popperjs/core@2 HTTP 302
https://unpkg.com/@popperjs/core@2.11.8 HTTP 302
https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js

Request Chain 14

https://unpkg.com/tippy.js@6 HTTP 302
https://unpkg.com/tippy.js@6.3.7 HTTP 302
https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
battleforthehill.com/
Redirect Chain

http://battleforthehill.com/
https://battleforthehill.com/

16 KB
5 KB

449ms
400ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://battleforthehill.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc632782f7b190d32bbd2098c9a7e13082e03adfc8647369ea31d773f155d0f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 86e528a48e4806d6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 03 Apr 2024 01:06:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vhHjoyly8%2B6ckKu5jGJkVQsUEK6Ac7fzdArDXpLLAhBwv0zt4eVFwUg0%2BierqMIeWvZuW27ZpVHfDyIxzW4kK8EYTJahP5Vl4jSHec6lWcxmOZ1aXgRbRoNTxosveO80pdzsRaHAKA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://battleforthehill.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 TiOrHmW68XCJekawZ0PY3t6PPnI.js Show response
battleforthehill.com/cdn-cgi/apps/head/ 6 KB
3 KB 25ms
24ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://battleforthehill.com/cdn-cgi/apps/head/TiOrHmW68XCJekawZ0PY3t6PPnI.js
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56ffdcab8da14406d6b9db2faa956e77057267b7a5c8cf3d77155f1cb3ec6244

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
x-amz-version-id: bE7oU4PRXn2O50LHlBXVFDW2cHCaeaAl
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QBZ4PT1TAJ586TZ4
age: 878068
alt-svc: h3=":443"; ma=86400
x-amz-id-2: b2nF19LzEIgGUW+fWQRRrsR9q78hDfyFbFdSaGGM3wXgK+hVIHYIKEB26Qm2CpKRTiW5/aGfj08=
last-modified: Mon, 29 Aug 2022 16:59:58 GMT
server: cloudflare
etag: W/"1308e26b3caee7dec3cca95b8eca8f1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HJ6EfHYcUM%2FMre5w6H0MtvdevF%2B8xkWm2L4H7%2BTGf5Gzw%2B9UYE%2FkIKHP8E6In55aJE%2FmglpYKdZUjbCSoGQscdF7LCdmIzzSP%2B7hDyRiYLLT0zzejUKcRPbSe%2BvtxXm%2BudkZMW7gEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 86e528a7092906d6-AMS

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 189ms
70ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1652046001407903

Requested by

Host: battleforthehill.com
URL: https://battleforthehill.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d4151e500b19c7bfe042f3e02e110623593f9c1966fdebf73e1fe2ed6f798c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
Origin: https://battleforthehill.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51097
x-xss-protection: 0
server: cafe
etag: 5627304593027661790
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 03 Apr 2024 01:06:55 GMT

GET
H3 200 tailwind-components.js Show response
battleforthehill.com/js/ 4 KB
2 KB 26ms
24ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://battleforthehill.com/js/tailwind-components.js
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fec171f92cf98a16d73bcaad38c27f0f6996a9b65e335791178fb53ff24e9ab6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 552
cf-polished: origSize=4477
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 03 Apr 2022 19:30:55 GMT
server: cloudflare
etag: W/"117d-5dbc50cee4a97-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IzvHaf57Kvy%2FsmlrawM68rxN5Lk%2FFU5qQfWiP5pyf%2F6AjlkEkFXXRrghJLuHFT4USvlIF46bIbdmdZBWhY0Uvek0Yb7AmrNQ3f9%2FNPZ6sUvFNGEdR0C0WBovEndKpJ1aB9UAjOMtQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 86e528a7092e06d6-AMS

GET
H3 200 app.js Show response
battleforthehill.com/js/ 230 KB
58 KB 41ms
39ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://battleforthehill.com/js/app.js
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1eb9588c83b6f56cc6930070768708e3c48a1ce317c0bba893c8ae80e3565e9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 552
cf-polished: origSize=688685
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 03 Apr 2022 19:30:55 GMT
server: cloudflare
etag: W/"a822d-5dbc50cf0bba6-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6puW%2F%2B3f2oBASisiFuORk7a130ele%2B8Kpxk8rbkVeDltE5NzH88PvN5u%2FJxESEbzDdCYwc0bqHGyObAiKzZ0Iq5sXFF2RoDT8GCC0pKlUALvh7suJt1AnV8zfeGe6HFWjDg5bGYptQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 86e528a7093006d6-AMS

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 184ms
65ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap

Requested by

Host: battleforthehill.com
URL: https://battleforthehill.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aec7c45d78ce6b774c511160ef8009df74cab9e65dc9595b612d3516977aa348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 00:02:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Apr 2024 01:06:55 GMT

GET
H3 200 app.css
battleforthehill.com/css/ 3 MB
292 KB 58ms
57ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://battleforthehill.com/css/app.css?v=2
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16abc7d4f6db6bcb22411d600867850ba2d7dca463099d6109395e74cd2a15f9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 552
cf-polished: origSize=4005703
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Aug 2021 20:20:04 GMT
server: cloudflare
etag: W/"3d1f47-5ca7c179b225e-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2UZ8lL3oyNK4RVsoGyQYdJDWyMp1surY7b22FYDy5ajz%2F6NaDoqFtrPYU5uvZIGK9S5BBE06USVpKOXZozGlz%2BBL7IWgKf08CgITohedKAItwqH5Bj4U0IA0q1ajA2YE2WYs2%2BDX5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=300
cf-ray: 86e528a7093306d6-AMS

GET
H3 200 all.css
battleforthehill.com/fontawesome/css/ 170 KB
32 KB 105ms
104ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://battleforthehill.com/fontawesome/css/all.css
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 898a713c0a5ef6e9f675817b807182b519ed9012a6083261d02cc7286da940b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 552
cf-polished: origSize=213221
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 29 May 2021 18:47:34 GMT
server: cloudflare
etag: W/"340e5-5c37c6ceb2f1a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APaz6OJ2%2FRKakLBCzCTXei%2B206veyyJdiKebNkhMGJxHWtitxPfDfH4agUeGDrKjut3LEm9aOFiQWO6Oki16s30J9TCMTG4p4h%2B3AY%2B5Lz9xLbb6jHQJV%2BVAZ441NNFJJlltKd8Tcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=300
cf-ray: 86e528a7093506d6-AMS

GET
H2 200 jquery-3.3.1.js Show response
code.jquery.com/ 265 KB
79 KB 55ms
16ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.js
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 17305768
x-cache: HIT, HIT
content-length: 80268
x-served-by: cache-lga21980-LGA, cache-ams21052-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1712106415.247576,VS0,VE0
etag: W/"28feccc0-42587"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 68, 6241

GET
H2 200 ckeditor.js Show response
cdn.ckeditor.com/ckeditor5/28.0.0/classic/ 705 KB
176 KB 256ms
21ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ckeditor.com/ckeditor5/28.0.0/classic/ckeditor.js

Requested by

Host: battleforthehill.com
URL: https://battleforthehill.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),

Reverse DNS

vip1.G-anycast1.cachefly.net

Software

CFS 0215 /

Resource Hash

f116d58ea94389e03f0f55a8d373d7e2b30bc103e27674b4ce7f16b9b6631e9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
x-cf-tsc: 1711921108
x-content-type-options: nosniff
x-cf3: H
cf4ttl: 597475.812
content-encoding: gzip
x-cf1: 28810:fC.ams1:co:1692882985:cacheN.ams1-01:M
x-cf-reqid: 2194fcabaebd066833c612577c245e5a
content-length: 179861
x-xss-protection: 1; mode=block
x-cf2: H
last-modified: Mon, 07 Jun 2021 07:30:17 GMT
server: CFS 0215
x-cff: B
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf4age: 3034616
accept-ranges: bytes
expires: Thu, 15 Feb 2024 14:53:32 GMT

GET
H3 200 logo-full-white.png
battleforthehill.com/images/logos/ 14 KB
15 KB 110ms
109ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://battleforthehill.com/images/logos/logo-full-white.png
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aad0ecd726f1257bbc86441de2c1f2040c235fce5d678ebeba388ec1673dd56

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 16:48:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 552
etag: "39b3-61196a234d1f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BERV58RBPfBgx1PojMvoP6XERChmvVnEpul7OKeauYhy1DwtBnjwVhxlD7DlBzCPJV6ys%2BiR%2FTmSqgu3W78FdtvZFl%2FWIAwVDTS8tooUH9DW9PNx8KhI%2BjmEl%2BUAn9vU%2BUiOmK3pPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 86e528a7093606d6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14771

GET
H3 200 front.jpg
battleforthehill.com/images/covers/ 3 MB
3 MB 26ms
25ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://battleforthehill.com/images/covers/front.jpg
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c05e0a0fec196a1a1db73fb0e4a63c4e2140eacc832ed877cae67ba2e2f6f195

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 16:48:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 588
etag: "29ccb2-61196a1da6d54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cwQ3PtTIfsECt3%2BbQJZio%2BPKM1UUBLAz66Uw8GqTPzyfrGvm3De3x79fzjTJ1G81eHOLo5%2F3q6mn8kBLYTl8c8Rd7N1MveWx91ByDa2SE2EM0gujil33SxqPHMfnAK3TSiIT3Eq%2BvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 86e528a7093806d6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2739378

GET
H2 200 overlay-widget.js Show response
storage.ko-fi.com/cdn/scripts/ 16 KB
5 KB 93ms
36ms Script
application/javascript 2606:4700:10::6816:eca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6816:eca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a8c75fdf88c5cecd850c7da6726f989585e565b7e634a5f3722a24286ee739

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: Tt5z7rNW6rgxDlYGY45qMw==
age: 6575
cf-polished: origSize=22458
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Sun, 23 Oct 2022 22:21:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 64d2cdda-d01e-006d-7ecf-73b21e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 86e528a84db7b8ca-AMS

GET
H3 200 cdn.js Show response
cdnjs.cloudflare.com/ajax/libs/alpinejs/3.2.2/ 79 KB
16 KB 50ms
29ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/alpinejs/3.2.2/cdn.js

Requested by

Host: battleforthehill.com
URL: https://battleforthehill.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27aa1d983b7eab4f6057566c837658b378e420dce4f1db0430e6db0941dcf15c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1173470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16130
last-modified: Tue, 13 Jul 2021 16:36:16 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60edc100-3f02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2xzcCiBmihLnbnOkdgzlCoOey44jvSqhFzG7LVnfsej98qZtnGrztZTj%2FJIyAYIG3wFjTiNgaf0KXF5PKXAyX7J068eEgzU33hMJAqj%2BZSGwsjOjRX2pZH7q8FQZyScVPksatXi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 86e528a878d96568-AMS
expires: Mon, 24 Mar 2025 01:06:55 GMT

GET
H2

200

popper.min.js Show response
unpkg.com/@popperjs/core@2.11.8/dist/umd/
Redirect Chain

https://unpkg.com/@popperjs/core@2
https://unpkg.com/@popperjs/core@2.11.8
https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js

20 KB
9 KB

29ms
28ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@popperjs/core@2.11.8/dist/umd/popper.min.js

Requested by

Host: battleforthehill.com
URL: https://battleforthehill.com/

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://battleforthehill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1063842
last-modified: Fri, 26 May 2023 17:27:16 GMT
fly-request-id: 01HSH1BDEG6X2CGEHM7FZHRVGS-ams
server: cloudflare
etag: "4e9a-hx1u8QcL02PqOQ4MjDhOR9zn84k"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 86e528a95fc20bfd-AMS

Redirect headers

date: Wed, 03 Apr 2024 01:06:55 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HRWM5QQBTWR8S1SJEKADDPAW-ams
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1748748
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@popperjs/core@2.11.8/dist/umd/popper.min.js
cache-control: public, max-age=31536000
cf-ray: 86e528a8ff290bfd-AMS

GET
H2

200

tippy-bundle.umd.min.js Show response
unpkg.com/tippy.js@6.3.7/dist/
Redirect Chain

https://unpkg.com/tippy.js@6
https://unpkg.com/tippy.js@6.3.7
https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js

25 KB
9 KB

32ms
30ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/tippy.js@6.3.7/dist/tippy-bundle.umd.min.js

Requested by

Host: battleforthehill.com
URL: https://battleforthehill.com/

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://battleforthehill.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1285969
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HSADGMNA7ATS127NKQW6NQ3M-ams
server: cloudflare
etag: W/"6475-GJFZFDM34LwIzjC4uKWaXpNTNf4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 86e528a95fbe0bfd-AMS

Redirect headers

date: Wed, 03 Apr 2024 01:06:55 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HRW741B7NBDHY8JVJS0WVT7F-ams
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1762435
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /tippy.js@6.3.7/dist/tippy-bundle.umd.min.js
cache-control: public, max-age=31536000
cf-ray: 86e528a8ff230bfd-AMS

GET
H3 200 generalFunctions.js Show response
battleforthehill.com/js/ 191 B
606 B 25ms
24ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://battleforthehill.com/js/generalFunctions.js
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d04eb8ba073907343926fe406c74b5102b5cb3d43f29ab5771b4bbea6c1cb657

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 510
cf-polished: origSize=228
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 03 Apr 2022 19:30:55 GMT
server: cloudflare
etag: W/"e4-5dbc50cebe929-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zOJHvRx2yOYlnmf07aLz%2BB2LVvwh8er9TICikuRg9W%2FIvKBYtLvJAiRfc8qUJ53j%2Ba%2BJJPSh1LOKPsR2WoD7KCUwxbY3GC9AgZdnvT2OGDB%2BXKRStbOsBjBsKLZtGNxGNuPxeBHJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 86e528a95b2d06d6-AMS

GET
H3 200 SxgsKFjOQOBpmM_NRDpdfTn1W3Q.js Show response
battleforthehill.com/cdn-cgi/apps/body/ 12 KB
5 KB 28ms
28ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://battleforthehill.com/cdn-cgi/apps/body/SxgsKFjOQOBpmM_NRDpdfTn1W3Q.js
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/cdn-cgi/apps/head/TiOrHmW68XCJekawZ0PY3t6PPnI.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 320544cc0b009679f8848fc7a2c734806cee439179e124bee1bf126125b7c1af

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
x-amz-version-id: AyW_SsGWjLKBIb.4k_TeiGqwtvYhvCl_
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N63H4C5HN0VATKCV
age: 662771
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 9uamC/wv4Y8V3h8jS7D+wBhg5edXPgBWg+BEGvE67GlqteUijlGlcTLH5INybMSYLSvQu8ypV08=
last-modified: Mon, 29 Aug 2022 16:59:58 GMT
server: cloudflare
etag: W/"226cbe272cdf8628758b1da9fff8eeae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e0JsVPvHBFvWbicnWDZXyufdNIm7uXUtr74m7KqBiSHq0UH0pcsBjSDENQyx%2B9Ht6ExRwUcQn7m9ess1vnOA2HvcrijrabGKwLGxbBWHCaAXq%2B61R7JYReOShE0eUcTEFiiex2mr%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 86e528a95b2e06d6-AMS

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403280101/ 405 KB
138 KB 131ms
81ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1652046001407903&plah=battleforthehill.com&aplac=true&bust=31082370

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1652046001407903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d30b0ef9035e675c76335d380bc84141164a7712dd14e408a5ce0d9acbbf39e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140866
x-xss-protection: 0
server: cafe
etag: 11322218938113687141
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 01:06:55 GMT

GET
H3 200 bg-capitol.jpg
battleforthehill.com/images/ 283 KB
284 KB 25ms
25ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://battleforthehill.com/images/bg-capitol.jpg
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ced1ed4729d782b577ca4c93bf6c6910358b8bf71dd2e31e1a7b270308f75b6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 16:48:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 551
etag: "46cb9-61196a1c34b74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hlzbtkOKmJdUD3Te6VpaAhCB8nfNOhvlgyLZQYH%2BtE%2Bj58UFb%2FLL0tcFtn7OKm5mtJW%2BE%2FoqdsyAzkBUD1soUrWqIyv3I6%2FRw7IlY49vcoXEnEZWZS6Eox7fdjSKJhsKM6D7Mu7zYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 86e528a97b4606d6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 289977

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 156ms
50ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://battleforthehill.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 01:16:08 GMT
x-content-type-options: nosniff
age: 85847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Apr 2025 01:16:08 GMT

GET
H3 200 fa-brands-400.woff2
battleforthehill.com/fontawesome/webfonts/ 75 KB
75 KB 355ms
355ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://battleforthehill.com/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/fontawesome/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/fontawesome/css/all.css
Origin: https://battleforthehill.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
cf-cache-status: HIT
last-modified: Sat, 29 May 2021 18:47:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12bc4-5c37c6cf5be37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mdj2VY8A0IHsdvupzuwmOhWWqDFvj6z12kTshnYo8w7MWsN0HotRhmpC4lN%2BHcICR4LzJmZJaeYfTjrHSAPmIKooJAJ3ZhegOgBO2Gro5d6ekyMOqtIsv3pG8xTB9wn5uSWkakdcIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 86e528a97b4806d6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 76740

GET
H3 200 fa-solid-900.woff2
battleforthehill.com/fontawesome/webfonts/ 134 KB
134 KB 116ms
116ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://battleforthehill.com/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/fontawesome/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/fontawesome/css/all.css
Origin: https://battleforthehill.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:55 GMT
cf-cache-status: HIT
last-modified: Sat, 29 May 2021 18:47:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "21678-5c37c6cf76417"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQzp6cjYrH6YDWiCpVuh1okOgYKukgYeQhe6iBSj82RVcmfFxlv%2B6uXQf5dLsuDjSXR7qb0AS9r9KGMeNiqBtvOha8rNmeoPYmqlmaNceZ5%2FMGJz4IBE%2FJVgmB3XKgZtk5EBxjmpkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 86e528a97b4906d6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 136824

GET
H2 200 floating-chat-main.css
storage.ko-fi.com/cdn/scripts/ Frame 659A 588 B
383 B 35ms
35ms Stylesheet
text/css 2606:4700:10::6816:eca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/floating-chat-main.css
Requested by: Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6816:eca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d95ba86fa0391a4a86a6388088e53e1a0bfa52fa6f3c7c1e057e898522a30570

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: BHz4+3jV+xooBaj1E0Km4g==
age: 3353
cf-polished: origSize=839
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Sun, 23 Oct 2022 22:21:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 499e6f68-e01e-002a-0dec-736d75000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 86e528a99eebb8ca-AMS

GET
H2 200 floating-chat-main.css
storage.ko-fi.com/cdn/scripts/ Frame 8637 588 B
477 B 33ms
33ms Stylesheet
text/css 2606:4700:10::6816:eca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/floating-chat-main.css
Requested by: Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6816:eca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d95ba86fa0391a4a86a6388088e53e1a0bfa52fa6f3c7c1e057e898522a30570

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: BHz4+3jV+xooBaj1E0Km4g==
age: 3353
cf-polished: origSize=839
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Sun, 23 Oct 2022 22:21:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 499e6f68-e01e-002a-0dec-736d75000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 86e528a99eedb8ca-AMS

GET
H2 200 floating-chat-wrapper.css
storage.ko-fi.com/cdn/scripts/ 6 KB
1 KB 35ms
35ms Stylesheet
text/css 2606:4700:10::6816:eca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/floating-chat-wrapper.css
Requested by: Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6816:eca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54bf5af24434f9006216242e7b12b9ff58c736f4e1a4d47f08c433971800b565

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: E53X9EMRndzQtdHOHn9Ilw==
age: 5678
cf-polished: origSize=9058
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Sun, 23 Oct 2022 22:21:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d4e854d7-901e-006a-44d9-73449b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 86e528a99eeeb8ca-AMS

GET
H2 200 css
fonts.googleapis.com/ 5 KB
689 B 59ms
57ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,700,800&display=swap

Requested by

Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a230558c40cdb639bea9b4864e65694d5a6349911c9d661fb00d6cc57e3208fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 00:15:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Apr 2024 01:06:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 659A 5 KB
689 B 58ms
56ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,700,800&display=swap

Requested by

Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a230558c40cdb639bea9b4864e65694d5a6349911c9d661fb00d6cc57e3208fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 00:19:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Apr 2024 01:06:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8637 5 KB
689 B 61ms
59ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,700,800&display=swap

Requested by

Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/overlay-widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a230558c40cdb639bea9b4864e65694d5a6349911c9d661fb00d6cc57e3208fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Apr 2024 01:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 00:23:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Apr 2024 01:06:55 GMT

GET
H2 200 cup-border.png
storage.ko-fi.com/cdn/ Frame 659A 6 KB
6 KB 35ms
34ms Image
image/webp 2606:4700:10::6816:eca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/cup-border.png
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6816:eca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Apr 2024 01:06:55 GMT
cf-cache-status: HIT
content-md5: nt+i2V4lVEX5fauLp9jhTw==
age: 2026
cf-polished: origFmt=png, origSize=11273
content-disposition: inline; filename="cup-border.webp"
content-length: 6016
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Sun, 23 Oct 2022 21:56:48 GMT
server: cloudflare
etag: 0x8DAB5417C366016
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 3e8aa042-001e-0047-34b8-7cc2b0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86e528a99ef3b8ca-AMS

GET
H2 200 cup-border.png
storage.ko-fi.com/cdn/ Frame 8637 6 KB
6 KB 35ms
35ms Image
image/webp 2606:4700:10::6816:eca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/cup-border.png
Requested by: Host: battleforthehill.com
URL: https://battleforthehill.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6816:eca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Apr 2024 01:06:55 GMT
cf-cache-status: HIT
content-md5: nt+i2V4lVEX5fauLp9jhTw==
age: 2026
cf-polished: origFmt=png, origSize=11273
content-disposition: inline; filename="cup-border.webp"
content-length: 6016
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Sun, 23 Oct 2022 21:56:48 GMT
server: cloudflare
etag: 0x8DAB5417C366016
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 3e8aa042-001e-0047-34b8-7cc2b0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86e528a99ef6b8ca-AMS

GET
DATA 200
OK truncated
/ 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 283c7282bda201012fb78db8e155cd397c00d2fa4233cbc24e1420a1a125a93c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ Frame 8637 38 KB
38 KB 52ms
49ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:400,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://battleforthehill.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 01:16:08 GMT
x-content-type-options: nosniff
age: 85847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Apr 2025 01:16:08 GMT

GET
H2 200 ca-pub-1652046001407903 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 219ms
84ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1652046001407903?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1652046001407903&plah=battleforthehill.com&aplac=true&bust=31082370

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee68067edd3767fd784084ca793038aecac771c2a35aec7785e368888bc23974

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JnMxLoLo3nrPQWG_W85gHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JnMxLoLo3nrPQWG_W85gHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPTvPGsJEAtxc2y4vmkDm0DH9P_8AFs4NTs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxW9AoTemBIeHvK9ilHYYVYmtDstUTJ4-BYNgkmVBggBM_jVz8-cWqWiTNsum-fuS31WgYxrM6P9C9im9qw2gBwmL7OOVomD-CEXyhaeUH93B24zE0ua7VEJBvTayNFJ7IiLv7c84A== Show response
fundingchoicesmessages.google.com/f/ 395 KB
60 KB 123ms
123ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW9AoTemBIeHvK9ilHYYVYmtDstUTJ4-BYNgkmVBggBM_jVz8-cWqWiTNsum-fuS31WgYxrM6P9C9im9qw2gBwmL7OOVomD-CEXyhaeUH93B24zE0ua7VEJBvTayNFJ7IiLv7c84A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyMTA2NDE2LDE5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9iYXR0bGVmb3J0aGVoaWxsLmNvbS8iLG51bGwsW1s4LCJYNzYzYVRtU01qTSJdLFs5LCJubCJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.X763aTmSMjM.es5.O/am=wA/d=1/rs=AJlcJMwH7ACs8DAfRl5_EkNhPRoguc_Mqg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fca3486acd5664d21f67081f0ac167fc0f28a4bdd4ad07a6349d7b70daff818f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-S8cwsZMPL2EahouDUmEGVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-S8cwsZMPL2EahouDUmEGVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPTvPGsJEAvxcGy4vmkDm8CPtt0NjACV2TXQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 106 KB
5 KB 66ms
65ms Stylesheet
text/css 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.X763aTmSMjM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxyHNeoKDClT8hQDjmsD2o8nPwluA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f10.1e100.net

Software

ESF /

Resource Hash

0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Apr 2024 01:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 01:06:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Apr 2024 01:06:56 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 53ms
52ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: battleforthehill.com
URL: https://battleforthehill.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
Origin: https://battleforthehill.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 22:45:56 GMT
x-content-type-options: nosniff
age: 354060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Mar 2025 22:45:56 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
125 KB 55ms
55ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: battleforthehill.com
URL: https://battleforthehill.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
Origin: https://battleforthehill.com
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 02:46:41 GMT
x-content-type-options: nosniff
age: 339615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Mar 2025 02:46:41 GMT

POST
H3 204 AGSKWxUd_lO1HqJArRObNxpeopJSgUZv3SFkclyUK2LORslJPDHw1XS_5-ZBCsHyxvmJFGMPDEB511EoyHjUkC2BcSdMs5uuUir2lvN-9b4R0XHQoeCOB35PmqLhijVAahbc5grePkOYdQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 163ms
61ms XHR
text/html 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUd_lO1HqJArRObNxpeopJSgUZv3SFkclyUK2LORslJPDHw1XS_5-ZBCsHyxvmJFGMPDEB511EoyHjUkC2BcSdMs5uuUir2lvN-9b4R0XHQoeCOB35PmqLhijVAahbc5grePkOYdQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PsoYDV2j6uNUmzQ--ewKjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Apr 2024 01:06:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PsoYDV2j6uNUmzQ--ewKjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBiqGV4xtQKxE7pM1gDgFiIh2PD9U0b2ARWvLv3iREAx8MM7w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://battleforthehill.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon.png
battleforthehill.com/images/ 515 B
976 B 108ms
108ms Other
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://battleforthehill.com/images/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fcb593544c320649a86c5aa83ed11e83127495287216cdcdfd993d19d2cb72b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://battleforthehill.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 01:06:56 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 16:48:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "203-61196a1c3c874"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSyYwscKgvPbv2tKDdmzOXG2vEiQEMQlKi94YLqOxAgcriF9OwV1Y%2FRsU1q0RkRPF9urONc6T1gjoIma4M%2BHk4B1hmBvrR%2BBVKEBY%2BhA4en6Y4cQ%2BtbMJLewlwx7We%2F5%2BNkIp1C5ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 86e528af9ff506d6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 515

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			battleforthehill.com/	1970-01-20 19:35:13	Name: XSRF-TOKEN Value: eyJpdiI6IjhRVnFZNHc5dWRrUUJWaVZVUTUxQ2c9PSIsInZhbHVlIjoiQW00dVV5VGRlbGx2MmUySThQSUp4S21KVkpoeExYRmhvWnBQUE5vejFlUThZSnNFWERybE1kUkVtL3U4K2I2dktmY1d4YkRxVnN3L1NEeXppK2ZuajdOUzZBeUUvUkxUbWRJbnpsMlREWERhOHNOTlVmM0VoL3JCdE9WYmswM2EiLCJtYWMiOiI5ZWE1YmYwMjBhM2I1YzlhODUzZjYyN2U4Y2VhZjFkYzIxNjczMWMxYzMyMzRkYTEyNGM5Mjg5ODA2ZjU0NzJjIn0%3D
			battleforthehill.com/	1970-01-20 19:35:13	Name: battle_for_the_hill_session Value: eyJpdiI6Ilk2NFlhNlYyWExFQ0NrSkt3MG55dXc9PSIsInZhbHVlIjoiYTkvTEtwUU5iZFVTeGRzUW41VzZJL1NNUlU2Snp4d1dRVjhtMjJObngrRTYzb3VXUTJZc2NnTzUzd2dFS01xQVhkOWR3eWRIMHVKM1duWHhJSTRkZWhBcDIzTDk4VGo0STFteXl3aUhDUEZXL0RETGRBdWtQanRwQ2dQM1dIdi8iLCJtYWMiOiJlZjgyMDNiYTc0MjYyODc3OTQ3NjhmM2IxNTAwMWZjNTg0ZGRjZmNkZTdkNTNiYjQ4NzQ3MGQ4MzNhN2ZmOTg0In0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

battleforthehill.com
cdn.ckeditor.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
pagead2.googlesyndication.com
storage.ko-fi.com
unpkg.com
104.17.25.14
142.250.181.226
142.250.185.131
142.250.185.174
188.114.96.3
205.234.175.175
216.58.206.42
2606:4700:10::6816:eca
2606:4700::6811:f8cb
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:81c::200a
2a04:4e42:200::649
0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d
16abc7d4f6db6bcb22411d600867850ba2d7dca463099d6109395e74cd2a15f9
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
27aa1d983b7eab4f6057566c837658b378e420dce4f1db0430e6db0941dcf15c
283c7282bda201012fb78db8e155cd397c00d2fa4233cbc24e1420a1a125a93c
320544cc0b009679f8848fc7a2c734806cee439179e124bee1bf126125b7c1af
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de
457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834
54bf5af24434f9006216242e7b12b9ff58c736f4e1a4d47f08c433971800b565
56ffdcab8da14406d6b9db2faa956e77057267b7a5c8cf3d77155f1cb3ec6244
5fcb593544c320649a86c5aa83ed11e83127495287216cdcdfd993d19d2cb72b
7aad0ecd726f1257bbc86441de2c1f2040c235fce5d678ebeba388ec1673dd56
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
85a8c75fdf88c5cecd850c7da6726f989585e565b7e634a5f3722a24286ee739
898a713c0a5ef6e9f675817b807182b519ed9012a6083261d02cc7286da940b1
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
9ced1ed4729d782b577ca4c93bf6c6910358b8bf71dd2e31e1a7b270308f75b6
a230558c40cdb639bea9b4864e65694d5a6349911c9d661fb00d6cc57e3208fe
aec7c45d78ce6b774c511160ef8009df74cab9e65dc9595b612d3516977aa348
c05e0a0fec196a1a1db73fb0e4a63c4e2140eacc832ed877cae67ba2e2f6f195
c212f4b505a86352aed62b24a8f16f999f821ecbe6456c7f3c8a04bc87968782
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
d04eb8ba073907343926fe406c74b5102b5cb3d43f29ab5771b4bbea6c1cb657
d30b0ef9035e675c76335d380bc84141164a7712dd14e408a5ce0d9acbbf39e2
d4151e500b19c7bfe042f3e02e110623593f9c1966fdebf73e1fe2ed6f798c84
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
d95ba86fa0391a4a86a6388088e53e1a0bfa52fa6f3c7c1e057e898522a30570
dc632782f7b190d32bbd2098c9a7e13082e03adfc8647369ea31d773f155d0f2
e1eb9588c83b6f56cc6930070768708e3c48a1ce317c0bba893c8ae80e3565e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee68067edd3767fd784084ca793038aecac771c2a35aec7785e368888bc23974
f116d58ea94389e03f0f55a8d373d7e2b30bc103e27674b4ce7f16b9b6631e9b
fca3486acd5664d21f67081f0ac167fc0f28a4bdd4ad07a6349d7b70daff818f
fec171f92cf98a16d73bcaad38c27f0f6996a9b65e335791178fb53ff24e9ab6

battleforthehill.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

95 %HTTPS

46 %IPv6

10 Domains

10 Subdomains

14 IPs

4 Countries

4456 kBTransfer

9455 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

battleforthehill.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

95 %
HTTPS

46 %
IPv6

10
Domains

10
Subdomains

14
IPs

4
Countries

4456 kB
Transfer

9455 kB
Size

2
Cookies

39 HTTP transactions
1 data transactions