www.fieldmuseum.org Open in urlscan Pro
2620:12a:8001::1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fieldmuseum.org/visit/group-visits
Submission Tags: falconsandbox
Submission: On March 25 via api (March 25th 2022, 9:49:13 am UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 19 domains to perform 72 HTTP transactions. The main IP is 2620:12a:8001::1, located in United States and belongs to FASTLY, US. The main domain is www.fieldmuseum.org. The Cisco Umbrella rank of the primary domain is 406824.
TLS certificate: Issued by R3 on March 22nd 2022. Valid for: 3 months.

This is the only time www.fieldmuseum.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2620:12a:8001::1 2620:12a:8001::1	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
7	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	108.157.4.118 108.157.4.118	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.7.111 108.138.7.111	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.102 108.157.4.102	16509 (AMAZON-02) (AMAZON-02)
1	52.17.146.14 52.17.146.14	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223c:7200:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.213.89.211 18.213.89.211	14618 (AMAZON-AES) (AMAZON-AES)
72	26

13 2620:12a:8001::1 (United States)

ASN54113 (FASTLY, US)

www.fieldmuseum.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-118.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-111.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-102.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.146.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-146-14.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7200:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.89.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-89-211.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	fieldmuseum.org www.fieldmuseum.org — Cisco Umbrella Rank: 406824	2 MB
12	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	2 KB
9	google.com 1 redirects translate.google.com — Cisco Umbrella Rank: 957 www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 785 cse.google.com — Cisco Umbrella Rank: 2215	142 KB
7	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	550 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251 translate.googleapis.com — Cisco Umbrella Rank: 796 translate-pa.googleapis.com — Cisco Umbrella Rank: 1315	119 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 573 script.hotjar.com — Cisco Umbrella Rank: 719 vars.hotjar.com — Cisco Umbrella Rank: 874 in.hotjar.com — Cisco Umbrella Rank: 1636 ws7.hotjar.com Failed	66 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	58 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6433	655 B
2	getsitecontrol.com l.getsitecontrol.com — Cisco Umbrella Rank: 17944	2 KB
2	gstatic.com www.gstatic.com	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	136 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 966	201 B
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 309	711 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1029	14 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	14 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 2855	823 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 821	11 KB
72	19

	Domain	Requested by
13	www.fieldmuseum.org	www.fieldmuseum.org
12	www.facebook.com	www.fieldmuseum.org
7	connect.facebook.net	www.fieldmuseum.org connect.facebook.net
6	www.google.com	1 redirects www.fieldmuseum.org www.google.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.fieldmuseum.org
3	translate.googleapis.com	translate.googleapis.com
2	www.google.de	www.fieldmuseum.org
2	stats.g.doubleclick.net	www.googletagmanager.com www.fieldmuseum.org
2	l.getsitecontrol.com	www.googletagmanager.com www.fieldmuseum.org
2	www.gstatic.com	translate.googleapis.com www.fieldmuseum.org
2	www.googletagmanager.com	www.fieldmuseum.org www.googletagmanager.com
1	ping.chartbeat.net
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	static.chartbeat.com	www.fieldmuseum.org
1	js-agent.newrelic.com	www.fieldmuseum.org
1	siteimproveanalytics.com	www.fieldmuseum.org
1	cse.google.com	www.fieldmuseum.org
1	in.hotjar.com	www.fieldmuseum.org
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	static.hotjar.com	www.fieldmuseum.org
1	www.googleadservices.com	www.googletagmanager.com
1	unpkg.com	www.googletagmanager.com
1	translate-pa.googleapis.com	srcdoc
1	translate.google.com	www.fieldmuseum.org
1	ajax.googleapis.com	www.fieldmuseum.org
0	ws7.hotjar.com Failed	www.fieldmuseum.org
72	29

This site contains links to these domains. Also see Links.

Domain
store.fieldmuseum.org
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
fieldmuseum.org R3	`2022-03-22` - `2022-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2020-03-05` - `2022-05-04`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-01` - `2022-04-01`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.fieldmuseum.org/visit/group-visits
Frame ID: 893921EC36B0C5B1A68734C7C46C21FF
Requests: 63 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 991A075A6ABAAC71AFCAAB800F0E85BD
Requests: 1 HTTP requests in this frame

Frame: https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
Frame ID: 6E96FDEDD73A3DCDF9198686FCF57B67
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: D21C5F106F72515D31AAC48DFB2AFD78
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 174D3F48BDFC0B5F9002A5D00D72BDCE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BBDC348BFDF338F99DBC2165AB76EC25
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 13E5679E8FC4E1A270D39E3068F6BD31
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 729195075734D80CF07A2C3D3C3F1562
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 594CD179DA464DBF585AEBAB87120696
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5D79E26DD778818D9AA4C122D3ACFBD1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Group Visits | Field MuseumThe Field MuseumSearchSearchLanguageIconLanguageLanguageLanguageLanguageLanguageLanguageLanguageLanguageLanguageThe Field MuseumFacebookInstagramSue the T-RexTwitterYouTubeFacebookInstagramSue the T-RexTwitterYouTube

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

97 %
HTTPS

64 %
IPv6

19
Domains

29
Subdomains

26
IPs

5
Countries

3013 kB
Transfer

8411 kB
Size

20
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://store.fieldmuseum.org/
Title: Store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fieldmuseum/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fieldmuseum/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/SUEtheTrex
Title: Sue the T-Rex

Search URL Search Domain Scan URL

URL: https://twitter.com/FieldMuseum
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/thebrainscoop
Title: YouTube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://www.google.com/cse/cse.js?cx=008247561334440498472:darbh_wpfqi HTTP 301
https://cse.google.com/cse/cse.js?cx=008247561334440498472:darbh_wpfqi

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request group-visits Show response
www.fieldmuseum.org/visit/ 115 KB
35 KB 1132ms
543ms Document
text/html 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

299b841b038f19ac9fcf7333da6c095ba924a6b29879efadb9cdd6ff17e4d670

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' localhost localhost:3000 devfield.vercel.app nextfield.vercel.app
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=900
content-encoding: gzip
content-language: en
content-security-policy: frame-ancestors 'self' localhost localhost:3000 devfield.vercel.app nextfield.vercel.app
content-type: text/html; charset=utf-8
etag: W/"1648201296-0"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Fri, 25 Mar 2022 09:41:36 GMT
link: <https://www.fieldmuseum.org/visit/group-visits>; rel="canonical",<https://www.fieldmuseum.org/node/14176>; rel="shortlink"
permissions-policy: interest-cohort=()
server: nginx
strict-transport-security: max-age=300
traceparent: 00-d926396578454ea69eb9c77b9d717ab7-1f116f7a338bc0a5-00
upgrade-insecure-requests: 1
x-cloud-trace-context: d926396578454ea69eb9c77b9d717ab7/2238693060421337253;o=0
x-content-type-options: nosniff
x-drupal-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 7 (http://drupal.org)
x-pantheon-styx-hostname: styx-fe1-b-9f78ccdd4-qckr5
x-styx-req-id: c38a7c0d-ac1f-11ec-8ed5-22b412e228f0
x-ua-compatible: IE=edge
date: Fri, 25 Mar 2022 09:49:06 GMT
x-served-by: cache-mdw17341-MDW, cache-maa10229-MAA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1648201746.315396,VS0,VE261
vary: Accept-Encoding, Cookie, Cookie, Cookie
age: 449
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 34731

GET
H2 200 js__SlxZR0T0y0knhPGspoKKlEQqbk_RdNNsHwLrlCQRTSo__C0wwfQqOXL5e_NiiryvnaZm-i7YFo9OYylI6FOepC5I__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.js Show response
www.fieldmuseum.org/sites/default/files/advagg_js/ 394 B
661 B 285ms
284ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fieldmuseum.org/sites/default/files/advagg_js/js__SlxZR0T0y0knhPGspoKKlEQqbk_RdNNsHwLrlCQRTSo__C0wwfQqOXL5e_NiiryvnaZm-i7YFo9OYylI6FOepC5I__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.js

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ff1a5789525241f9e7442e3a2c2726d20b8d08b06cea6ad6262ae2b4030cc75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/visit/group-visits
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
etag: W/"5e0fd0e7-18a"
age: 781542
x-pantheon-styx-hostname: styx-fe1-b-9f78ccdd4-gsmh4
x-cache: HIT, HIT
x-cloud-trace-context: cdb0dc3456a443358ef70ee3ce7e81c4/9400025669739243143;o=0
content-length: 309
x-served-by: cache-mdw17343-MDW, cache-maa10229-MAA
last-modified: Fri, 03 Jan 2020 23:40:23 GMT
server: nginx
traceparent: 00-cdb0dc3456a443358ef70ee3ce7e81c4-8273998b0c5c6687-00
x-timer: S1648201747.900180,VS0,VE1
date: Fri, 25 Mar 2022 09:49:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Fri, 17 Mar 2023 08:43:24 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 244d2ef2-a505-11ec-9e8c-0e0111de0db6
x-cache-hits: 1, 1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Mar 2023 09:26:08 GMT

GET
H2 200 js__DMI55xBrVS00Iora_J2L0wMQpihntV_Fno2CZUm2M7Q__Cbp2Tn2Gv-kSKWjIMvmHyGBgAP1vXc9-0FZIlOVQCew__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.js Show response
www.fieldmuseum.org/sites/default/files/advagg_js/ 3 MB
982 KB 605ms
605ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fieldmuseum.org/sites/default/files/advagg_js/js__DMI55xBrVS00Iora_J2L0wMQpihntV_Fno2CZUm2M7Q__Cbp2Tn2Gv-kSKWjIMvmHyGBgAP1vXc9-0FZIlOVQCew__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.js

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ea59e8e8515e41049e75e8e2aedff91e1ded909bb086f14a04c93ac8018cb326

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/visit/group-visits
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
etag: W/"61bbad7b-34a1e4"
fastly-original-body-size: 1004930
age: 923641
x-pantheon-styx-hostname: styx-fe1-b-9f78ccdd4-pkwkr
x-cache: HIT, HIT
x-cloud-trace-context: 24057f0fd891442388bff072ea119691/13257826686908416140;o=0
content-length: 1004930
x-served-by: cache-mdw17349-MDW, cache-maa10229-MAA
last-modified: Thu, 16 Dec 2021 21:19:55 GMT
server: nginx
traceparent: 00-24057f0fd891442388bff072ea119691-b7fd4320f6dec08c-00
x-timer: S1648201747.909359,VS0,VE2
date: Fri, 25 Mar 2022 09:49:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Sat, 25 Feb 2023 07:01:51 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: a4678319-953f-11ec-b7c3-e210533505d9
x-cache-hits: 1, 1

GET
H2 200 css__jgHx2nmEKer5_Xd-TCb4iy3__iGysOZ6iUkhN5vy4RI__thaEk8cchg_usN2GC0aNe5JhkOtCuoRyJUXBHh-C0hY__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.css
www.fieldmuseum.org/sites/default/files/advagg_css/ 406 KB
77 KB 285ms
284ms Stylesheet
text/css 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fieldmuseum.org/sites/default/files/advagg_css/css__jgHx2nmEKer5_Xd-TCb4iy3__iGysOZ6iUkhN5vy4RI__thaEk8cchg_usN2GC0aNe5JhkOtCuoRyJUXBHh-C0hY__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.css

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7409a692e702ce1eda31320649da18894fc93f6488efd0c5f26a81868cb0e39c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/visit/group-visits
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
etag: W/"60a3ddb4-65822"
age: 819876
x-pantheon-styx-hostname: styx-fe1-b-9f78ccdd4-qckr5
x-cache: HIT, HIT
x-cloud-trace-context: a8c7954fb9854320982778fd29b1becf/3749496677615514036;o=0
content-length: 78425
x-served-by: cache-mdw17345-MDW, cache-maa10229-MAA
last-modified: Tue, 18 May 2021 15:31:00 GMT
server: nginx
traceparent: 00-a8c7954fb9854320982778fd29b1becf-3408e35cd3c7b1b4-00
x-timer: S1648201747.909313,VS0,VE1
date: Fri, 25 Mar 2022 09:49:06 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 varnish, 1.1 varnish
expires: Thu, 16 Mar 2023 22:04:30 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: e3b3bf91-a4ab-11ec-8ed5-22b412e228f0
x-cache-hits: 1, 1

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 77 KB
27 KB 51ms
25ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5747925c89ef51bedd62da6d357695bdc54ec0b2c9b79e5cbedc2b581648c15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 09:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gn91358_030d-photoarchives_webexport.jpg
www.fieldmuseum.org/sites/default/files/styles/3x2_1400w/public/ 211 KB
212 KB 557ms
557ms Image
image/jpeg 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fieldmuseum.org/sites/default/files/styles/3x2_1400w/public/gn91358_030d-photoarchives_webexport.jpg?itok=vv3wxbra

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4d2b2f81158aa353b22cbf65136a75b093fa693a7a8cef68b6e5cfea1d029759

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/visit/group-visits
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
etag: "5e0fd0e7-34c60"
fastly-original-body-size: 216160
age: 232614
x-pantheon-styx-hostname: styx-fe1-b-9f78ccdd4-qckr5
x-cache: HIT, HIT
x-cloud-trace-context: 967bbe76302c447ca988d9c95a05a20d/9959059190922469779;o=0
content-length: 216160
x-served-by: cache-mdw17375-MDW, cache-maa10229-MAA
last-modified: Fri, 03 Jan 2020 23:40:23 GMT
server: nginx
traceparent: 00-967bbe76302c447ca988d9c95a05a20d-8a35af919c05e193-00
x-timer: S1648201747.958778,VS0,VE1
date: Fri, 25 Mar 2022 09:49:06 GMT
content-type: image/jpeg
x-styx-req-id: 36c27b34-aa03-11ec-8ed5-22b412e228f0
expires: Thu, 23 Mar 2023 17:12:12 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 gn91979_083d-photoarchives_webexport.jpg
www.fieldmuseum.org/sites/default/files/styles/3x2_1400w/public/ 301 KB
302 KB 1086ms
1086ms Image
image/jpeg 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fieldmuseum.org/sites/default/files/styles/3x2_1400w/public/gn91979_083d-photoarchives_webexport.jpg?itok=3BJucT86

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4234ba1438221fe9c180ddb13b6a19c2a06acd0a2a5301c8f39ecbc86bfbb87f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/visit/group-visits
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
etag: "5e0fd0e7-4b598"
fastly-original-body-size: 308632
age: 0
x-pantheon-styx-hostname: styx-fe1-a-67bcf9947d-x72sr
x-cache: MISS, MISS
x-cloud-trace-context: 296f2997ef8f44e4aef90d706bf5b0e1/17784799283272467381;o=0
content-length: 308632
x-served-by: cache-mdw17339-MDW, cache-maa10229-MAA
last-modified: Fri, 03 Jan 2020 23:40:23 GMT
server: nginx
traceparent: 00-296f2997ef8f44e4aef90d706bf5b0e1-f6d04cb86113c3b5-00
x-timer: S1648201747.958843,VS0,VE406
date: Fri, 25 Mar 2022 09:49:07 GMT
content-type: image/jpeg
x-styx-req-id: d008a259-ac20-11ec-adfb-ba2da4b12030
expires: Sun, 26 Mar 2023 09:49:07 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 js__isXZWSoQLvTmHB0MmGmQ2Q9TWqZURsWIKyL2oGJdhkA__Yes-NF8doxuqmjoH1bVO11FAZJxrJP6_0Y1w_wC0WyA__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.js Show response
www.fieldmuseum.org/sites/default/files/advagg_js/ 67 KB
15 KB 535ms
535ms Script
application/x-javascript 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fieldmuseum.org/sites/default/files/advagg_js/js__isXZWSoQLvTmHB0MmGmQ2Q9TWqZURsWIKyL2oGJdhkA__Yes-NF8doxuqmjoH1bVO11FAZJxrJP6_0Y1w_wC0WyA__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.js

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

805a2180568c5e90a0852c9fdba104e28db0634aa475a593a3a9d9c75b9701f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/visit/group-visits
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
etag: W/"5e441c59-10d30"
age: 785729
x-pantheon-styx-hostname: styx-fe1-a-67bcf9947d-5c8nz
x-cache: HIT, HIT
x-cloud-trace-context: 981b3c8307ff4373a716da8068297cb4/13752772686015541841;o=0
content-length: 15067
x-served-by: cache-mdw17371-MDW, cache-maa10229-MAA
last-modified: Wed, 12 Feb 2020 15:40:09 GMT
server: nginx
traceparent: 00-981b3c8307ff4373a716da8068297cb4-bedba9e482a6b251-00
x-timer: S1648201747.980180,VS0,VE1
date: Fri, 25 Mar 2022 09:49:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
expires: Fri, 17 Mar 2023 07:33:37 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 64efa108-a4fb-11ec-a52d-42259d62fd76
x-cache-hits: 1, 1

GET
H2 200 Graphik-Regular-Web.woff
www.fieldmuseum.org/profiles/fieldmuseum/themes/the_field_museum/assets/fonts/ 47 KB
48 KB 565ms
564ms Font
font/woff 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fieldmuseum.org/profiles/fieldmuseum/themes/the_field_museum/assets/fonts/Graphik-Regular-Web.woff

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/sites/default/files/advagg_css/css__jgHx2nmEKer5_Xd-TCb4iy3__iGysOZ6iUkhN5vy4RI__thaEk8cchg_usN2GC0aNe5JhkOtCuoRyJUXBHh-C0hY__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cb962fb10b69aeadace406e31b39eb1f92de2dbc5784a711572800745e7bef77

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.fieldmuseum.org/sites/default/files/advagg_css/css__jgHx2nmEKer5_Xd-TCb4iy3__iGysOZ6iUkhN5vy4RI__thaEk8cchg_usN2GC0aNe5JhkOtCuoRyJUXBHh-C0hY__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.css
Origin: https://www.fieldmuseum.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
etag: "623065b3-bd97"
age: 782629
x-pantheon-styx-hostname: styx-fe1-b-9f78ccdd4-qckr5
x-cache: HIT, HIT
x-cloud-trace-context: b8095ed006e7475780dfb06051ad2cfb/6465307302233753884;o=0
content-length: 48535
x-served-by: cache-mdw17373-MDW, cache-maa10229-MAA
last-modified: Tue, 15 Mar 2022 10:08:51 GMT
server: nginx
traceparent: 00-b8095ed006e7475780dfb06051ad2cfb-59b962bc9961c91c-00
x-timer: S1648201748.557926,VS0,VE1
date: Fri, 25 Mar 2022 09:49:07 GMT
content-type: font/woff
access-control-allow-origin: *
expires: Fri, 17 Mar 2023 08:25:17 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 9ca3569d-a502-11ec-8ed5-22b412e228f0
x-cache-hits: 1, 1

GET
H2 200 Graphik-Semibold-Web.woff
www.fieldmuseum.org/profiles/fieldmuseum/themes/the_field_museum/assets/fonts/ 52 KB
53 KB 565ms
565ms Font
font/woff 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fieldmuseum.org/profiles/fieldmuseum/themes/the_field_museum/assets/fonts/Graphik-Semibold-Web.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e9c44d37b94ac3ccdde717f64aefb65cb09dee2d19140ebd7e251c23931d2ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.fieldmuseum.org/sites/default/files/advagg_css/css__jgHx2nmEKer5_Xd-TCb4iy3__iGysOZ6iUkhN5vy4RI__thaEk8cchg_usN2GC0aNe5JhkOtCuoRyJUXBHh-C0hY__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.css
Origin: https://www.fieldmuseum.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
etag: "623065b3-d113"
age: 786507
x-pantheon-styx-hostname: styx-fe1-a-67bcf9947d-5c8nz
x-cache: HIT, HIT
x-cloud-trace-context: d362418989254be79fb853da929ebe72/10951627536116046464;o=0
content-length: 53523
x-served-by: cache-mdw17350-MDW, cache-maa10229-MAA
last-modified: Tue, 15 Mar 2022 10:08:51 GMT
server: nginx
traceparent: 00-d362418989254be79fb853da929ebe72-97fbff384a955a80-00
x-timer: S1648201748.558160,VS0,VE1
date: Fri, 25 Mar 2022 09:49:07 GMT
content-type: font/woff
access-control-allow-origin: *
expires: Fri, 17 Mar 2023 07:20:40 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 95da4eb8-a4f9-11ec-a52d-42259d62fd76
x-cache-hits: 1, 1

GET
H2 200 Graphik-Medium-Web.woff
www.fieldmuseum.org/profiles/fieldmuseum/themes/the_field_museum/assets/fonts/ 46 KB
46 KB 564ms
563ms Font
font/woff 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fieldmuseum.org/profiles/fieldmuseum/themes/the_field_museum/assets/fonts/Graphik-Medium-Web.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8d551d25f9f0429ab29e731e314faf61884e7c664f8e6d8713ec4244168c387a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.fieldmuseum.org/sites/default/files/advagg_css/css__jgHx2nmEKer5_Xd-TCb4iy3__iGysOZ6iUkhN5vy4RI__thaEk8cchg_usN2GC0aNe5JhkOtCuoRyJUXBHh-C0hY__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.css
Origin: https://www.fieldmuseum.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
etag: "623057ac-b86e"
age: 789120
x-pantheon-styx-hostname: styx-fe1-a-67bcf9947d-x72sr
x-cache: HIT, HIT
x-cloud-trace-context: f8d3de8b9aec44dfa27ec207a056c5b1/9741856524625983406;o=0
content-length: 47214
x-served-by: cache-mdw17320-MDW, cache-maa10229-MAA
last-modified: Tue, 15 Mar 2022 09:09:00 GMT
server: nginx
traceparent: 00-f8d3de8b9aec44dfa27ec207a056c5b1-873206e5032737ae-00
x-timer: S1648201748.558237,VS0,VE1
date: Fri, 25 Mar 2022 09:49:07 GMT
content-type: font/woff
access-control-allow-origin: *
expires: Fri, 17 Mar 2023 06:37:07 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 7fd912c1-a4f3-11ec-adfb-ba2da4b12030
x-cache-hits: 1, 1

GET
H2 200 LyonDisplay-Regular-Web.woff
www.fieldmuseum.org/profiles/fieldmuseum/themes/the_field_museum/assets/fonts/ 69 KB
69 KB 555ms
554ms Font
font/woff 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fieldmuseum.org/profiles/fieldmuseum/themes/the_field_museum/assets/fonts/LyonDisplay-Regular-Web.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

40180a434de21cde56caaf530149d57950565ba6062ba4d5cfb2c69a0ff759fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.fieldmuseum.org/sites/default/files/advagg_css/css__jgHx2nmEKer5_Xd-TCb4iy3__iGysOZ6iUkhN5vy4RI__thaEk8cchg_usN2GC0aNe5JhkOtCuoRyJUXBHh-C0hY__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.css
Origin: https://www.fieldmuseum.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
etag: "622ec307-11328"
age: 786506
x-pantheon-styx-hostname: styx-fe1-b-9f78ccdd4-qckr5
x-cache: HIT, HIT
x-cloud-trace-context: 6293cf67107346958ce4deed2faf398b/12555743972373792810;o=0
content-length: 70440
x-served-by: cache-mdw17362-MDW, cache-maa10229-MAA
last-modified: Mon, 14 Mar 2022 04:22:31 GMT
server: nginx
traceparent: 00-6293cf67107346958ce4deed2faf398b-ae3ef69ea417882a-00
x-timer: S1648201748.568430,VS0,VE1
date: Fri, 25 Mar 2022 09:49:07 GMT
content-type: font/woff
access-control-allow-origin: *
expires: Fri, 17 Mar 2023 07:20:40 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 95da8132-a4f9-11ec-8ed5-22b412e228f0
x-cache-hits: 1, 1

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
3 KB 28ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ml5YgcviWm4.O/d=1/rs=AN8SPfrAZhh4dl4l4LkhOVG90WChVBgx9g/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 08:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 25 Mar 2022 09:55:57 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ml5YgcviWm4.O/am=Bg/d=1/exm=el_conf/ed=1/rs=AN8SPfo3isFpVDCBg_tQTWOymsuwZ7eGXw/ 227 KB
77 KB 26ms
17ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ml5YgcviWm4.O/am=Bg/d=1/exm=el_conf/ed=1/rs=AN8SPfo3isFpVDCBg_tQTWOymsuwZ7eGXw/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.ml5YgcviWm4.O/d=1/rs=AN8SPfrAZhh4dl4l4LkhOVG90WChVBgx9g/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e9326e715055b3033f192bfa9465a4ace813ee0efe0975ab5826a7f0aa471bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 18:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79116
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 05:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 18:53:05 GMT

GET
H2 200 Druk-Bold-Web.woff
www.fieldmuseum.org/profiles/fieldmuseum/themes/the_field_museum/assets/fonts/ 37 KB
38 KB 569ms
568ms Font
font/woff 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fieldmuseum.org/profiles/fieldmuseum/themes/the_field_museum/assets/fonts/Druk-Bold-Web.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6c6c9c22076d89f56a4cdc28ee12c31cf47cba87790b3148c58facaffe903d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.fieldmuseum.org/sites/default/files/advagg_css/css__jgHx2nmEKer5_Xd-TCb4iy3__iGysOZ6iUkhN5vy4RI__thaEk8cchg_usN2GC0aNe5JhkOtCuoRyJUXBHh-C0hY__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.css
Origin: https://www.fieldmuseum.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=300
via: 1.1 varnish, 1.1 varnish
etag: "622dc636-9518"
age: 923644
x-pantheon-styx-hostname: styx-fe1-a-67bcf9947d-lhzff
x-cache: HIT, HIT
x-cloud-trace-context: 512059b014f94ed0812b4d8ecc0dc498/9304509560896109730;o=0
content-length: 38168
x-served-by: cache-mdw17364-MDW, cache-maa10229-MAA
last-modified: Sun, 13 Mar 2022 10:23:50 GMT
server: nginx
traceparent: 00-512059b014f94ed0812b4d8ecc0dc498-81204225f2703ca2-00
x-timer: S1648201748.607236,VS0,VE1
date: Fri, 25 Mar 2022 09:49:07 GMT
content-type: font/woff
access-control-allow-origin: *
expires: Wed, 15 Mar 2023 17:15:03 GMT
cache-control: max-age=31622400
accept-ranges: bytes
x-styx-req-id: 49877d4b-a3ba-11ec-9404-0695a9d65cec
x-cache-hits: 1, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 222 KB
72 KB 90ms
33ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5X397Q

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/sites/default/files/advagg_js/js__SlxZR0T0y0knhPGspoKKlEQqbk_RdNNsHwLrlCQRTSo__C0wwfQqOXL5e_NiiryvnaZm-i7YFo9OYylI6FOepC5I__xgXpyVAJzuiC78sBFjfGAdX56Ngc_VFFHdBYLxHefZI.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c4a60b60c998ea7c89f0187af2b37ed7abde198050e375c3e3bd1e95dc4e47c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73302
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Mar 2022 09:49:07 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 34ms
9ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:40:44 GMT
x-content-type-options: nosniff
age: 503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Mar 2023 09:40:44 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 991A 18 KB
3 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.ml5YgcviWm4.O/am=Bg/d=1/exm=el_conf/ed=1/rs=AN8SPfo3isFpVDCBg_tQTWOymsuwZ7eGXw/m=el_main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 08:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 25 Mar 2022 09:55:57 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
1 KB 32ms
8ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:47:59 GMT
x-content-type-options: nosniff
age: 68
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Mar 2023 09:47:59 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
598 B 43ms
19ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 09:49:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 supportedLanguages Show response
translate-pa.googleapis.com/v1/ Frame 6E96 14 KB
2 KB 62ms
23ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-length: 1213
x-xss-protection: 0
expires: Fri, 25 Mar 2022 09:49:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 55ms
37ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6D04CKS05X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5X397Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a5169a2542c19c0262df5a9459151df58c683bd647a0b5b1db6696ecb2fb80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:07 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65071
x-xss-protection: 0
expires: Fri, 25 Mar 2022 09:49:07 GMT

GET
H2 200 xxhash.min.js Show response
unpkg.com/xxhashjs@0.2.2/build/ 42 KB
11 KB 68ms
35ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/xxhashjs@0.2.2/build/xxhash.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5X397Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6af3047c0459eb1ffc8466fd46bd1fe4e664dd85e36f807478dbeef1a0cd4df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:07 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 506464
fly-request-id: 01FYH4NH7PNFW66ZZ06AW0SK5R-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Thu, 18 Jan 2018 06:57:45 GMT
server: cloudflare
etag: W/"a97d-l2cg+fSFnH5wNRy9IWzrH0kVWEM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f16bc1a8d662355-ZRH

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 96 KB
38 KB 54ms
30ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-PDVBWJC

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5X397Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4bbb456ed06a94dbf8ffdf9a6f01383393845c08e693206fdf57a186c61ae78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:07 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38229
x-xss-protection: 0
expires: Fri, 25 Mar 2022 09:49:07 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 60ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5X397Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14884
x-xss-protection: 0
server: cafe
etag: 4198181851688197673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Mar 2022 09:49:07 GMT

GET
H2 200 8wlopnxw.js Show response
l.getsitecontrol.com/ 433 B
1 KB 112ms
70ms Script
text/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/8wlopnxw.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5X397Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: fe9fd1b9e3fd991c348c7f2969c00dbe76f3be8bb22087349f3e985786d5797d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:07 GMT
content-encoding: br
cdn-edgestorageid: 879
x-amz-request-id: 94JC9J72NTVDW2K0
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/24/2022 20:37:29
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: XZQQ9o8U177OOMDMuULMpLD7E6SHA96QM8JI5kAP8188dxdVldmj6nyLfI88N20glxE5Zh8Qowo=
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Sat, 01 Jan 2022 15:09:31 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7e6cd04f90ed683d07fd8c19fe154a2a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=86400
cdn-requestid: 63dd67561d63a9bcbc9b2cbcb3db00d0
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: jZP70yRrYVzCLH1pQWk7XFF2m9/pdGsaUYi0zbiuiIe4mkoy6iqx0NpHLCfTX4XbLf+P5VNteeeq/x8n7qqqfA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 25 Mar 2022 09:49:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1600039.js Show response
static.hotjar.com/c/ 5 KB
2 KB 73ms
45ms Script
application/javascript 108.157.4.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1600039.js?sv=6

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-118.dus51.r.cloudfront.net

Software

Resource Hash

fb8ec1fe6134e3205f5d965ebe42aa08c2a64cfb8ccc166559846352fbc81bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:07 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: DUS51-P2
etag: W/9708daaf8ba57f6841015862268cb465
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: MjbUkohACTzhrgbt9Es8nHCFs2ip-51FGf4W68bHh1zov1w5zXeZpw==
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)

GET
H3 200 359631877829150 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 122ms
100ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/359631877829150?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c4e85c43aa32c88565dca2fe2cd9a7825c778e1b6c611ec8c2cd680aa8507c4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: h41Q4KE+bG1ot7k9ttkyk6MOzlbzNSfGsp1xYSLUexHcd2any0OsJOJVQ0xtf0ug50n2hdsJnq47mZ3q1OKC0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 25 Mar 2022 09:49:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/952285853/ 2 KB
2 KB 52ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952285853/?random=1648201747637&cv=9&fst=1648201747637&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.fieldmuseum.org%2Fvisit%2Fgroup-visits&tiba=Group%20Visits%20%7C%20Field%20Museum&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cee1ebb7e6e15f0c172cac99478a0929eeae5de562f920fd47b62de67ec32d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 09:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5X397Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6261
date: Fri, 25 Mar 2022 08:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 25 Mar 2022 10:04:46 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
198 B 25ms
23ms Ping
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-6D04CKS05X&gtm=2oe3e0&_p=1138604237&sr=1600x1200&_gaz=1&ul=en-us&cid=2070464741.1648201748&_s=1&dl=https%3A%2F%2Fwww.fieldmuseum.org%2Fvisit%2Fgroup-visits&dt=Group%20Visits%20%7C%20Field%20Museum&sid=1648201747&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6D04CKS05X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 09:49:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fieldmuseum.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
350 B 71ms
20ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6D04CKS05X&cid=2070464741.1648201748&gtm=2oe3e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6D04CKS05X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 09:49:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fieldmuseum.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 67ms
32ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6D04CKS05X&cid=2070464741.1648201748&gtm=2oe3e0&aip=1&z=308210773

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 09:49:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.7d3f952308caf42c2b67.js Show response
script.hotjar.com/ 236 KB
62 KB 37ms
9ms Script
application/javascript 108.138.7.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7d3f952308caf42c2b67.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1600039.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-111.fra56.r.cloudfront.net

Software

Resource Hash

43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 09:02:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1298821
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63048
access-control-allow-origin: *
last-modified: Thu, 10 Mar 2022 09:01:33 GMT
etag: "2f5d47da7be4d107a04726029158797c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: T52Yewxz_dl9wq6N_oAWh1pt-EmX8b7e-xbpTxaQqLke2-F4pYPiSA==

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 10ms
9ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 25 Mar 2022 10:12:54 GMT

GET
H2 200 8wlopnxw.json Show response
l.getsitecontrol.com/ 2 B
871 B 191ms
151ms XHR
application/json 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/8wlopnxw.json
Requested by: Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:07 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 549
x-amz-request-id: WY4ES5SPN2EF96PQ
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/09/2022 22:53:27
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: OPkz7vjfDWEQt7aWTcZzjrrNeh//UXFxS2FrNaqucIyadaECWlCsNhfemzbVrJC+4dW+OhHoAEc=
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Sat, 01 Jan 2022 15:09:31 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"15f2d6de1ce58785e94d02927bef4ace"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=5
cdn-requestid: d93471f9f5100e96957e52ad3c97135b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 /
www.google.com/pagead/1p-user-list/952285853/ 42 B
64 B 40ms
22ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/952285853/?random=1648201747637&cv=9&fst=1648198800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.fieldmuseum.org%2Fvisit%2Fgroup-visits&tiba=Group%20Visits%20%7C%20Field%20Museum&async=1&fmt=3&is_vtc=1&random=4247071860&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 09:49:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/952285853/ 42 B
154 B 22ms
21ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/952285853/?random=1648201747637&cv=9&fst=1648198800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.fieldmuseum.org%2Fvisit%2Fgroup-visits&tiba=Group%20Visits%20%7C%20Field%20Museum&async=1&fmt=3&is_vtc=1&random=4247071860&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 09:49:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 25ms
24ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11881432-2&cid=2070464741.1648201748&jid=1270758288&gjid=1676042355&_gid=459088411.1648201748&_u=aCDAiEAjRAAAAE~&z=1359566578

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fieldmuseum.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Mar 2022 09:49:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.fieldmuseum.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
9ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1138604237&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fieldmuseum.org%2Fvisit%2Fgroup-visits&ul=en-us&de=UTF-8&dt=Group%20Visits%20%7C%20Field%20Museum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEAjR~&jid=1270758288&gjid=1676042355&cid=2070464741.1648201748&tid=UA-11881432-2&_gid=459088411.1648201748&gtm=2wg3e0W5X397Q&z=1547612528

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 09:30:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1093
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-acca23410e696f2ca3087d947271c3d0.html Show response
vars.hotjar.com/ Frame D21C 2 KB
1 KB 38ms
11ms Document
text/html 108.157.4.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1600039.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-102.dus51.r.cloudfront.net
Software: /
Resource Hash: e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/

Response headers

content-type: text/html
content-length: 1044
date: Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6f65fac4e8efe167ff5132c0c54c5729"
last-modified: Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Dvyub-CmUQqeFQXl6Mem9CFY00B8mjpVKSMZzcyHgXXcoh2VYlfBeA==
age: 4237021

GET
H3 200 369621310192351 Show response
connect.facebook.net/signals/config/ 310 KB
88 KB 128ms
127ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/369621310192351?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a6bf60ff8bfe358f594ead341c3bfa5cbdfd05b20a8e3ec7af1825058c80a86

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: GN7NUjDB5379Gc7irIujF8IQ03gxOfsIEsYJkf2qZ3vyd7Ild+K7EbLp2JkS6+8cdoW+dMlwwp697AjRA6DGjg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 25 Mar 2022 09:49:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1600039/ 146 B
321 B 92ms
32ms XHR
application/json 52.17.146.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1600039/visit-data?sv=6
Requested by: Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.146.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-146-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d

Request headers

Referer: https://www.fieldmuseum.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 25 Mar 2022 09:49:07 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST content
ws7.hotjar.com/api/v2/sites/1600039/recordings/ 0
0

GET
H3 200 596452570727473 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 132ms
132ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/596452570727473?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc1cea60838fdcf6ff7971e62810341f81db2a11f3d426b569d8a893cab54139

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 9nrXWO1eMGodVYU9zBmLvoncxJjizydOEpdohYkuQp+AQMw41mRsN4cOjC0JPx3KhqPzkiyWWSVxxK96xp565w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 25 Mar 2022 09:49:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 169605357217286 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 146ms
145ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/169605357217286?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8bb15d165bf06486ec418aed77c578258ae3c235ade122360be8a58847649a7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 6DrQeyvu+9xRwmsho4vW3Ym50RpITZOz4tE01x+Mt2BHGa1rA73arTQkVXI55tIve1sMyXZvE006UrfoCdL7jw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 25 Mar 2022 09:49:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 220501508758457 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 140ms
139ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/220501508758457?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ebdc51f8a765008be01c329265094c8d7031445fae1890cf598c2fc43c1cdc6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: FMxu2Txw4E3po86/HDpyrltreP8jgXfLNNelQ8SrpGrr3aD7fBoq90eO7AMQtwovOeKTIRvLG7jIfWOGlCPnoQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 25 Mar 2022 09:49:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 site-alerts Show response
www.fieldmuseum.org/api/ 12 B
513 B 805ms
804ms Fetch
application/json 2620:12a:8001::1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fieldmuseum.org/api/site-alerts

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:12a:8001::1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

acf2fa576acb702442f9d0101673354c398db67315c066ca48be8db8e0d2c75b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.fieldmuseum.org/visit/group-visits
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=300
content-encoding: gzip
x-content-type-options: nosniff
fastly-original-body-size: 0
age: 0
x-pantheon-styx-hostname: styx-fe1-b-9f78ccdd4-cz2x5
x-cache: MISS, MISS
x-cloud-trace-context: bf91982e46294e288f804c3f342e1250/4766192560172715184;o=0
content-length: 32
x-served-by: cache-mdw17380-MDW, cache-maa10229-MAA
x-frame-options: SAMEORIGIN
server: nginx
traceparent: 00-bf91982e46294e288f804c3f342e1250-4224eae190344cb0-00
x-timer: S1648201749.568988,VS0,VE515
upgrade-insecure-requests: 1
date: Fri, 25 Mar 2022 09:49:09 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 varnish, 1.1 varnish
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-styx-req-id: d0fea5a1-ac20-11ec-8813-a2967103be8d
x-drupal-cache: MISS
x-cache-hits: 0, 0

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=008247561334440498472:darbh_wpfqi
https://cse.google.com/cse/cse.js?cx=008247561334440498472:darbh_wpfqi

10 KB
4 KB

71ms
55ms

Script
text/javascript

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=008247561334440498472:darbh_wpfqi

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

069a383bf5e6c0e96a8f5049f8761261a4b2885e800bdbb1b56ba79bcac4c633

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Fri, 25 Mar 2022 09:49:08 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3481
x-xss-protection: 0
server: gws
expires: Fri, 25 Mar 2022 09:49:08 GMT

Redirect headers

date: Fri, 25 Mar 2022 09:49:08 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=008247561334440498472:darbh_wpfqi
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 267
x-xss-protection: 0
expires: Fri, 25 Mar 2022 10:19:08 GMT

GET
H3 200 137583253778334 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 111ms
111ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/137583253778334?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f89f0b5c9be8eb923dd8c78388720accb7eaf6b0187925c4c61e46562b25ca67

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: xt9EKplPu2vUKZj0wIf444a3WnXUdwPjyadlGgq8cheNdQSh1XGdjz1EiEN4795f95kIXXx/WGYCndNl5utmFg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 25 Mar 2022 09:49:08 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 siteanalyze_1728.js Show response
siteimproveanalytics.com/js/ 48 B
823 B 138ms
85ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_1728.js
Requested by: Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ddfa2144a4569f24438ffa60e333c619386b85c2f22d32e2ccc93bd6df8b905

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VSD94V7ZSP3ZX2R9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68
x-amz-id-2: 4YOWUcLpa2MW5j307qKzw98hQxydvQR82GQhh6It7yf3J5yIblw/5guk6s/cGarSGHJ5a6zSA0k=
last-modified: Fri, 11 Mar 2022 15:49:02 GMT
server: cloudflare
etag: "6c0767bb773f29cb8396725294a10289"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3c6RHhe7g1HjiyOC%2FZ2RA%2FSxzCwzoyFHJxSXhWOOx%2Ber34b8zMu82TQSju%2FLbY4LRs6Vha0ty8h4kHhSMStSkKp4qBMRWhEKaSgI2xCWnYCbHmDcr0T9rHsgFyY20dnnMoh%2Fo96iTQ7xONmTgYtYIdUrIrZJdqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 6f16bc200e3e5a13-MXP

GET
H3 200 cse_element__en.js Show response
www.google.com/cse/static/element/3e1664f444e6eb06/ 303 KB
100 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3e1664f444e6eb06/cse_element__en.js?usqp=CAI%3D

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=008247561334440498472:darbh_wpfqi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b03fa714e6e0d7165a21071df73d662cbd68fa94746bbc1b6d2882eec5b5b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 19:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102672
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 17:07:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 24 Mar 2023 19:38:09 GMT

GET
H3 200 default+en.css
www.google.com/cse/static/element/3e1664f444e6eb06/ 41 KB
9 KB 9ms
9ms Stylesheet
text/css 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3e1664f444e6eb06/default+en.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=008247561334440498472:darbh_wpfqi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 14:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 17:07:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 22 Mar 2023 14:51:56 GMT

GET
H3 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=008247561334440498472:darbh_wpfqi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 25 Mar 2022 10:28:54 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 30ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=359631877829150&ev=PageView&dl=https%3A%2F%2Fwww.fieldmuseum.org%2Fvisit%2Fgroup-visits&rl=&if=false&ts=1648201748611&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648201748608.1953492710&it=1648201747610&coo=false&exp=p0&rqm=GET

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 25 Mar 2022 09:49:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
215 B 31ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=369621310192351&ev=PageView&dl=https%3A%2F%2Fwww.fieldmuseum.org%2Fvisit%2Fgroup-visits&rl=&if=false&ts=1648201748614&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22661601851111972%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22587274001985468%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22215199973174185%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22608482393199952%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%223121111027938159%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22665310970739771%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[6]=%7B%22extractorID%22%3A%22838603663633406%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[7]=%7B%22extractorID%22%3A%22769704430523572%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1648201748608.1953492710&it=1648201747610&coo=false&exp=p0&rqm=GET

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 25 Mar 2022 09:49:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 31ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=596452570727473&ev=PageView&dl=https%3A%2F%2Fwww.fieldmuseum.org%2Fvisit%2Fgroup-visits&rl=&if=false&ts=1648201748615&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648201748608.1953492710&it=1648201747610&coo=false&exp=p0&rqm=GET

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 25 Mar 2022 09:49:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
214 B 31ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=169605357217286&ev=PageView&dl=https%3A%2F%2Fwww.fieldmuseum.org%2Fvisit%2Fgroup-visits&rl=&if=false&ts=1648201748616&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648201748608.1953492710&it=1648201747610&coo=false&exp=p0&rqm=GET

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 25 Mar 2022 09:49:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
215 B 31ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=220501508758457&ev=PageView&dl=https%3A%2F%2Fwww.fieldmuseum.org%2Fvisit%2Fgroup-visits&rl=&if=false&ts=1648201748617&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648201748608.1953492710&it=1648201747610&coo=false&exp=p0&rqm=GET

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 25 Mar 2022 09:49:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
215 B 31ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=137583253778334&ev=PageView&dl=https%3A%2F%2Fwww.fieldmuseum.org%2Fvisit%2Fgroup-visits&rl=&if=false&ts=1648201748618&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648201748608.1953492710&it=1648201747610&coo=false&exp=p0&rqm=GET

Requested by

Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:49:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 25 Mar 2022 09:49:08 GMT

GET
H2 200 nr-1215.min.js Show response
js-agent.newrelic.com/ 36 KB
14 KB 25ms
7ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1215.min.js
Requested by: Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding: gzip
etag: "615035bb6557b191e767e19087efabaf"
fastly-original-body-size: 13666
x-amz-request-id: X1N89V5HCY4P9X08
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13666
x-amz-id-2: wANHNnet4T3S2CiHga5+Y0EU67A9tw7DwvB0uqq8YJQv7jZCcdV7KHhoEzJ9siYLO/04H4EjTGE=
x-served-by: cache-hhn4025-HHN
last-modified: Mon, 24 Jan 2022 22:13:53 GMT
server: AmazonS3
x-timer: S1648201749.674570,VS0,VE0
date: Fri, 25 Mar 2022 09:49:08 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1253

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 43ms
8ms Script
application/x-javascript 2600:9000:223c:7200:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.fieldmuseum.org
URL: https://www.fieldmuseum.org/visit/group-visits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7200:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 08:20:44 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 04:15:35 GMT
server: nginx
age: 5304
etag: W/"62297b67-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: YE_IWRamPqNWvOaFZGeGFm5zfPZc8UcSPRa5sl7RvWzG_BBGux-o5Q==
expires: Fri, 25 Mar 2022 10:20:44 GMT

GET
H/1.1 200
OK 83dcf59c27 Show response
bam-cell.nr-data.net/1/ 49 B
711 B 575ms
556ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/83dcf59c27?a=445546410&v=1215.1253ab8&to=b1ZbNUBQW0MDWxdbXVYceAJGWFpeTUgCVVdnXlgPU1ZQQj1WDFZXZ0VQBEVuRVEFXQ%3D%3D&rst=3147&ck=1&ref=https://www.fieldmuseum.org/visit/group-visits&ap=582&be=1164&fe=3113&dc=2847&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1648201745541,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:12,%22c%22:12,%22s%22:300,%22ce%22:589,%22rq%22:589,%22rp%22:1132,%22rpe%22:1251,%22dl%22:1135,%22di%22:1896,%22ds%22:2847,%22de%22:2862,%22dc%22:3112,%22l%22:3112,%22le%22:3115%7D,%22navigation%22:%7B%7D%7D&fp=1850&fcp=2161&at=QxFYQwhKSE0%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Mar 2022 09:49:09 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6f16bc2179fe9a21-FRA

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 313ms
97ms Image
image/gif 18.213.89.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=fieldmuseum.org&p=%2Fvisit%2Fgroup-visits&u=BHmRC5BJfL7AowBZR&d=fieldmuseum.org&g=23411&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4809&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3112&t=B_0tg1DZFJhnCX1hLkCM0uinBCWY_5&V=129&i=Group%20Visits%20%7C%20Field%20Museum&tz=0&sn=1&sv=CWSisHBR8Od2B0Huuf-cyd73HQV4&sd=1&im=067b0ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.89.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-89-211.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Mar 2022 09:49:08 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 174D 0
18 B 17ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.fieldmuseum.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.fieldmuseum.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Fri, 25 Mar 2022 09:49:09 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame BBDC 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.fieldmuseum.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.fieldmuseum.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Fri, 25 Mar 2022 09:49:09 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 13E5 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.fieldmuseum.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.fieldmuseum.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Fri, 25 Mar 2022 09:49:09 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7291 0
15 B 9ms
9ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.fieldmuseum.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.fieldmuseum.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Fri, 25 Mar 2022 09:49:09 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 594C 0
15 B 9ms
8ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.fieldmuseum.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.fieldmuseum.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Fri, 25 Mar 2022 09:49:09 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5D79 0
15 B 8ms
8ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.fieldmuseum.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fieldmuseum.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.fieldmuseum.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Fri, 25 Mar 2022 09:49:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ws7.hotjar.com
URL: https://ws7.hotjar.com/api/v2/sites/1600039/recordings/content

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fieldmuseum.org/	1970-01-20 03:59:37	Name: _gcl_au Value: 1.1.1632315350.1648201748
.fieldmuseum.org/	1970-01-20 19:21:13	Name: _ga_6D04CKS05X Value: GS1.1.1648201747.1.0.1648201747.60
.doubleclick.net/	1970-01-20 01:50:02	Name: test_cookie Value: CheckForPermission
.fieldmuseum.org/	1970-01-20 19:21:13	Name: _ga Value: GA1.2.2070464741.1648201748
.fieldmuseum.org/	1970-01-20 01:51:28	Name: _gid Value: GA1.2.459088411.1648201748
.fieldmuseum.org/	1970-01-20 01:50:01	Name: _dc_gtm_UA-11881432-2 Value: 1
.fieldmuseum.org/	1970-01-20 10:35:37	Name: _hjSessionUser_1600039 Value: eyJpZCI6ImM5ZjU0OTI3LTk5MWQtNTI3MC05NjcwLTkwODc1MDZmN2MxZSIsImNyZWF0ZWQiOjE2NDgyMDE3NDc3MzksImV4aXN0aW5nIjpmYWxzZX0=
.fieldmuseum.org/	1970-01-20 01:50:03	Name: _hjFirstSeen Value: 1
www.fieldmuseum.org/	1970-01-20 01:50:01	Name: _hjIncludedInSessionSample Value: 1
.fieldmuseum.org/	1970-01-20 01:50:03	Name: _hjSession_1600039 Value: eyJpZCI6Ijk4NjBmNjIwLWRmN2UtNGNjOS1hNmVjLTQ0NGRjNTNmM2YyNSIsImNyZWF0ZWQiOjE2NDgyMDE3NDc3NzgsImluU2FtcGxlIjp0cnVlfQ==
www.fieldmuseum.org/	1970-01-20 01:50:01	Name: _hjIncludedInPageviewSample Value: 1
.fieldmuseum.org/	1970-01-20 01:50:03	Name: _hjAbsoluteSessionInProgress Value: 0
.fieldmuseum.org/	1970-01-20 03:59:37	Name: _fbp Value: fb.1.1648201748608.1953492710
.facebook.com/	1970-01-20 03:59:37	Name: fr Value: 0NyBnGocQcICOSnDD..BiPZAU...1.0.BiPZAU.
www.fieldmuseum.org/	1970-01-20 11:18:49	Name: _cb_ls Value: 1
www.fieldmuseum.org/	1970-01-20 11:18:49	Name: _cb Value: BHmRC5BJfL7AowBZR
www.fieldmuseum.org/	1970-01-20 11:18:49	Name: _chartbeat2 Value: .1648201748706.1648201748706.1.CWSisHBR8Od2B0Huuf-cyd73HQV4.1
www.fieldmuseum.org/	1970-01-20 01:50:03	Name: _cb_svref Value: null
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: c9c0faec105b87e9
www.fieldmuseum.org/	1969-12-31 23:59:59	Name: _hjSessionRejected Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
javascript	error	URL: https://www.fieldmuseum.org/visit/group-visits Message: Access to XMLHttpRequest at 'https://ws7.hotjar.com/api/v2/sites/1600039/recordings/content' from origin 'https://www.fieldmuseum.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ws7.hotjar.com/api/v2/sites/1600039/recordings/content Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js(Line 1) Message: WebSocket connection to 'wss://ws7.hotjar.com/api/v2/client/ws' failed: Error during WebSocket handshake: Unexpected response code: 503

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' localhost localhost:3000 devfield.vercel.app nextfield.vercel.app
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
bam-cell.nr-data.net
connect.facebook.net
cse.google.com
googleads.g.doubleclick.net
in.hotjar.com
js-agent.newrelic.com
l.getsitecontrol.com
ping.chartbeat.net
script.hotjar.com
siteimproveanalytics.com
static.chartbeat.com
static.hotjar.com
stats.g.doubleclick.net
translate-pa.googleapis.com
translate.google.com
translate.googleapis.com
unpkg.com
vars.hotjar.com
ws7.hotjar.com
www.facebook.com
www.fieldmuseum.org
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
ws7.hotjar.com
108.138.7.111
108.157.4.102
108.157.4.118
142.250.186.98
151.101.66.137
162.247.243.147
18.213.89.211
2600:9000:223c:7200:18:1fcd:34f:cdc1
2606:4700::6810:7caf
2620:12a:8001::1
2a00:1450:4001:808::200e
2a00:1450:4001:810::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c06::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::7
52.17.146.14
84.17.46.53
00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee
069a383bf5e6c0e96a8f5049f8761261a4b2885e800bdbb1b56ba79bcac4c633
0c4a60b60c998ea7c89f0187af2b37ed7abde198050e375c3e3bd1e95dc4e47c
0ddfa2144a4569f24438ffa60e333c619386b85c2f22d32e2ccc93bd6df8b905
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d
299b841b038f19ac9fcf7333da6c095ba924a6b29879efadb9cdd6ff17e4d670
2a6bf60ff8bfe358f594ead341c3bfa5cbdfd05b20a8e3ec7af1825058c80a86
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
40180a434de21cde56caaf530149d57950565ba6062ba4d5cfb2c69a0ff759fd
4234ba1438221fe9c180ddb13b6a19c2a06acd0a2a5301c8f39ecbc86bfbb87f
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d2b2f81158aa353b22cbf65136a75b093fa693a7a8cef68b6e5cfea1d029759
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
5747925c89ef51bedd62da6d357695bdc54ec0b2c9b79e5cbedc2b581648c15e
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d
5e9326e715055b3033f192bfa9465a4ace813ee0efe0975ab5826a7f0aa471bc
6af3047c0459eb1ffc8466fd46bd1fe4e664dd85e36f807478dbeef1a0cd4df6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4e85c43aa32c88565dca2fe2cd9a7825c778e1b6c611ec8c2cd680aa8507c4
6c6c9c22076d89f56a4cdc28ee12c31cf47cba87790b3148c58facaffe903d9e
7409a692e702ce1eda31320649da18894fc93f6488efd0c5f26a81868cb0e39c
805a2180568c5e90a0852c9fdba104e28db0634aa475a593a3a9d9c75b9701f6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8b03fa714e6e0d7165a21071df73d662cbd68fa94746bbc1b6d2882eec5b5b52
8d551d25f9f0429ab29e731e314faf61884e7c664f8e6d8713ec4244168c387a
8ebdc51f8a765008be01c329265094c8d7031445fae1890cf598c2fc43c1cdc6
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9a5169a2542c19c0262df5a9459151df58c683bd647a0b5b1db6696ecb2fb80b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
acf2fa576acb702442f9d0101673354c398db67315c066ca48be8db8e0d2c75b
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
cb962fb10b69aeadace406e31b39eb1f92de2dbc5784a711572800745e7bef77
cee1ebb7e6e15f0c172cac99478a0929eeae5de562f920fd47b62de67ec32d32
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4bbb456ed06a94dbf8ffdf9a6f01383393845c08e693206fdf57a186c61ae78
d8bb15d165bf06486ec418aed77c578258ae3c235ade122360be8a58847649a7
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c44d37b94ac3ccdde717f64aefb65cb09dee2d19140ebd7e251c23931d2ea3
ea59e8e8515e41049e75e8e2aedff91e1ded909bb086f14a04c93ac8018cb326
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f89f0b5c9be8eb923dd8c78388720accb7eaf6b0187925c4c61e46562b25ca67
fb8ec1fe6134e3205f5d965ebe42aa08c2a64cfb8ccc166559846352fbc81bcc
fc1cea60838fdcf6ff7971e62810341f81db2a11f3d426b569d8a893cab54139
fe9fd1b9e3fd991c348c7f2969c00dbe76f3be8bb22087349f3e985786d5797d
ff1a5789525241f9e7442e3a2c2726d20b8d08b06cea6ad6262ae2b4030cc75e

www.fieldmuseum.org Open in urlscan Pro 2620:12a:8001::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

64 %IPv6

19 Domains

29 Subdomains

26 IPs

5 Countries

3013 kBTransfer

8411 kBSize

20 Cookies

6 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fieldmuseum.org Open in urlscan Pro
2620:12a:8001::1 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

64 %
IPv6

19
Domains

29
Subdomains

26
IPs

5
Countries

3013 kB
Transfer

8411 kB
Size

20
Cookies

72 HTTP transactions
0 data transactions