www.forestcitypost.com Open in urlscan Pro
2606:4700:4400::ac40:93a9  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.forestcitypost.com/	70 KB 15 KB	111ms 54ms	Document text/html	2606:4700:4400::ac40:93a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.forestcitypost.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 8352d0c61bab16b4508e69259dd167f9be46df50cb54040ed535bcfd4c05c7f7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options sameorigin Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 0 cache-control no-cache cf-cache-status HIT cf-ray 759649598e009030-FRA content-encoding gzip content-type text/html; charset=utf-8 date Thu, 13 Oct 2022 07:15:51 GMT etag W/"117d1-T/TfC5lMVpPYtp4D0AH/Oe5mnSM" server cloudflare strict-transport-security max-age=31536000 vary Accept-Encoding x-backend Z x-cluster substack x-frame-options sameorigin x-powered-by Express x-served-by Substack
GET H2	200	main.css substackcdn.com/theme/	799 KB 103 KB	151ms 93ms	Stylesheet text/css	2600:9000:223e:f400:4:b4b9:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://substackcdn.com/theme/main.css?v=afcf902071c581752e8fb56b597b2062 Requested by Host: www.forestcitypost.com URL: https://www.forestcitypost.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:f400:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash 2fcb6d133ac4daef8442e8f79ba85c7c2cd9f0b74b2b7a02953d50df4ca89e3f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 22:53:22 GMT x-cluster substack content-encoding gzip strict-transport-security max-age=31536000 via 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront) x-backend Z x-amz-cf-pop FRA56-P4 age 30150 x-powered-by Express x-cache Hit from cloudfront x-served-by Substack etag W/"c7a2a-pio5S9XCYmDCMq1xr+eJ5lXjS30" vary Accept-Encoding content-type text/css; charset=utf-8 cache-control public, max-age=31557600 x-amz-cf-id kAgAyOQDBnmJJQU9wcHzjI0V5dhMQWnbWeuhcd_2PUqNmtcDxHFpbw==
GET H2	200	main.css substackcdn.com/min/	81 KB 14 KB	76ms 18ms	Stylesheet text/css	2600:9000:223e:f400:4:b4b9:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://substackcdn.com/min/main.css?v=1456c-183ce601d48 Requested by Host: www.forestcitypost.com URL: https://www.forestcitypost.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:f400:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash 349c7600e99be99bf9b420cab5416318e82b1cdc64d9c141ab7316099414a0c4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 22:53:27 GMT x-cluster substack content-encoding gzip strict-transport-security max-age=31536000 via 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront) x-backend Z x-amz-cf-pop FRA56-P4 age 30145 x-powered-by Express x-cache Hit from cloudfront x-served-by Substack last-modified Wed, 12 Oct 2022 22:45:49 GMT etag W/"1456c-183ce601d48" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000000 x-amz-cf-id 1SLB6N7qxiVKPQ5vgvWijh9DVbmqQ5X1LLYLgJvgxLwVQleNZH16kw==
GET H2	200	https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0ff648e-e418-41f5-8e60-8b4d0c72af96_1280x1280.png substackcdn.com/image/fetch/w_96,c_limit,f_auto,q_auto:good,fl_progressive:steep/	2 KB 2 KB	151ms 115ms	Image image/png	2600:9000:223e:f400:4:b4b9:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://substackcdn.com/image/fetch/w_96,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0ff648e-e418-41f5-8e60-8b4d0c72af96_1280x1280.png Requested by Host: www.forestcitypost.com URL: https://www.forestcitypost.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:f400:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software imgproxy / Resource Hash a43d0f769a2b32b07057bc283d38db1041ef0394ec8d221c0d24575a35c53c9c Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 12:28:01 GMT via 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront) server imgproxy x-amz-cf-pop FRA56-P4 age 154071 etag "BFcyhJUgw6kDr9UPxBpSsKXSMElaOAVla8V55nXtu48/RIjJkYzI5Y2IzYjI5ZTAwYmYxYWU0Y2U3MmRlMmQ2MTM5Ig" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=31536000 content-disposition inline; filename="d0ff648e-e418-41f5-8e60-8b4d0c72af96_1280x1280.png" content-length 1838 x-amz-cf-id 246Hhf5HQauQSFgQRW489AdWu_f0tRCLN68ZChlNbNFNYxn4kC5kgg== x-request-id vFbzpQ0oduoX8Wsu5yBV9
GET H2	200	https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2F9bd82823-bbcc-49bb-a9e5-4e6d28f6f327_2000x424.png substackcdn.com/image/fetch/w_294,h_56,c_fill,f_auto,q_auto:good,fl_progressive:steep/	7 KB 7 KB	149ms 114ms	Image image/png	2600:9000:223e:f400:4:b4b9:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://substackcdn.com/image/fetch/w_294,h_56,c_fill,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2F9bd82823-bbcc-49bb-a9e5-4e6d28f6f327_2000x424.png Requested by Host: www.forestcitypost.com URL: https://www.forestcitypost.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:f400:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software imgproxy / Resource Hash 15238c78f4aa641322fb808d2d43f5e969e41b3a27cd0605c453f4f9e5a1cdbc Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 12:29:22 GMT via 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront) server imgproxy x-amz-cf-pop FRA56-P4 age 153990 etag "kJ_TgbsgWATYITU978-f2zeZkSm_ycPgqcTSlIhhnOc/RIjVlZmQxZWIxMjY5ZDBiNjBkNTQ1YjQ4Y2ZjNzVlYjEyIg" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=31536000 content-disposition inline; filename="9bd82823-bbcc-49bb-a9e5-4e6d28f6f327_2000x424.png" content-length 6867 x-amz-cf-id OsY3dT22aZT47O5d5RDQneOSbPZ3AvmALvLj6OBA9QF8Cqzep9Kncg== x-request-id JZ9kFCvn73OhG0WgEZw0G
GET H2	200	https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2Ff99c02b2-8ec8-4d9a-91eb-ae6853ad6b66_1278x271.png substackcdn.com/image/fetch/w_1272,c_limit,f_webp,q_auto:best,fl_progressive:steep/	21 KB 22 KB	153ms 118ms	Image image/webp	2600:9000:223e:f400:4:b4b9:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://substackcdn.com/image/fetch/w_1272,c_limit,f_webp,q_auto:best,fl_progressive:steep/https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2Ff99c02b2-8ec8-4d9a-91eb-ae6853ad6b66_1278x271.png Requested by Host: www.forestcitypost.com URL: https://www.forestcitypost.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:f400:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software imgproxy / Resource Hash a78966454629e6838d71d79dc45d962be81082e37b433a9dc9a6cb5643165f53 Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 07:52:42 GMT via 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront) server imgproxy x-amz-cf-pop FRA56-P4 age 170590 etag "Aps806jfxUcRZG4p9umXyj7lC5HaZUarJm085KzKL3s/RIjAzOGUxMTk1NmRkMTczMmU0MGVmNTc5OTg1ZWM3YTY0Ig" x-cache Hit from cloudfront content-type image/webp cache-control public, max-age=31536000 content-disposition inline; filename="f99c02b2-8ec8-4d9a-91eb-ae6853ad6b66_1278x271.webp" content-length 21766 x-amz-cf-id S5l3JkQol_OOSdZ-CPzxRUtnEIdkiIySpQXeZKMuGFIA8DcQVYRmIA== x-request-id LDWfj22rC8m__8RXqoYQi
GET H2	200	https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0ff648e-e418-41f5-8e60-8b4d0c72af96_1280x1280.png substackcdn.com/image/fetch/w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/	8 KB 8 KB	387ms 387ms	Image image/webp	2600:9000:223e:f400:4:b4b9:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://substackcdn.com/image/fetch/w_848,c_limit,f_webp,q_auto:good,fl_progressive:steep/https%3A%2F%2Fbucketeer-e05bbc84-baa3-437e-9518-adb32be77984.s3.amazonaws.com%2Fpublic%2Fimages%2Fd0ff648e-e418-41f5-8e60-8b4d0c72af96_1280x1280.png Requested by Host: www.forestcitypost.com URL: https://www.forestcitypost.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:f400:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software imgproxy / Resource Hash ea09a8db536043ac0aad9b4ca8c7921b82924ffcca7bf860556ccf0570c32acd Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 11 Oct 2022 13:26:05 GMT via 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront) server imgproxy x-amz-cf-pop FRA56-P4 age 150587 etag "Fy1O9LzRl1s4hoyH0dt5LifLZQZy_dKAf8nrhIWYwOA/RIjJkYzI5Y2IzYjI5ZTAwYmYxYWU0Y2U3MmRlMmQ2MTM5Ig" x-cache Hit from cloudfront content-type image/webp cache-control public, max-age=31536000 content-disposition inline; filename="d0ff648e-e418-41f5-8e60-8b4d0c72af96_1280x1280.webp" content-length 8078 x-amz-cf-id qtSRyEBdG88m8ITBRHLnKBkwwerGvFUhlGREDJarC2-c3DWST_wYbQ== x-request-id jge2IhMAGaIF4zQlGmQuT
GET H2	200	c41771aeccbb43fbbffbc4755e65c9be.min.js Show response js.sentry-cdn.com/	2 KB 1 KB	57ms 15ms	Script text/javascript	2a04:4e42::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.sentry-cdn.com/c41771aeccbb43fbbffbc4755e65c9be.min.js Requested by Host: www.forestcitypost.com URL: https://www.forestcitypost.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 031ae69b49b033571c622c2a4a447270636170abb5454c1dc7dc892471cf5a47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://www.forestcitypost.com/ Origin https://www.forestcitypost.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 13 Oct 2022 07:15:52 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains age 30 x-envoy-upstream-service-time 11 content-length 1018 x-xss-protection 1; mode=block x-served-by getsentry-web-default-production-fcb69cb5c-vm7wl, cache-hhn4073-HHN x-frame-options deny vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000 x-envoy-attempt-count 1 accept-ranges bytes timing-allow-origin https://sentry.io
GET H2	200	main.bundle.js Show response substackcdn.com/min/	2 MB 521 KB	57ms 22ms	Script application/javascript	2600:9000:223e:f400:4:b4b9:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://substackcdn.com/min/main.bundle.js?v=1ba134-183ce601d48 Requested by Host: www.forestcitypost.com URL: https://www.forestcitypost.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:f400:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash 1d0c224639a52d774f8ac21afff448c054d7cf66a133b439d16819091a9ec57a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 22:53:22 GMT x-cluster substack content-encoding gzip strict-transport-security max-age=31536000 via 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront) x-backend Z x-amz-cf-pop FRA56-P4 age 30150 x-powered-by Express x-cache Hit from cloudfront x-served-by Substack last-modified Wed, 12 Oct 2022 22:45:49 GMT etag W/"1ba134-183ce601d48" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000000 x-amz-cf-id l7pdGmbLxluVcrTl5koHez5KeFNYDQsIxHQVCt8zK_9g6alzLTtNGg==
GET		channel-frame substack.com/ Frame AD64	0 0
GET H2	200	channel-frame Show response substack.com/ Frame 42C0	22 KB 6 KB	166ms 158ms	Document text/html	2606:4700:4400::6812:21f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://substack.com/channel-frame Requested by Host: substackcdn.com URL: https://substackcdn.com/min/main.bundle.js?v=1ba134-183ce601d48 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:21f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 135f1652c4ca54be0c70dceb377d43e8e075e825547c59de3a29498154700252 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.forestcitypost.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 7596495cbba79293-FRA content-encoding gzip content-type text/html; charset=utf-8 date Thu, 13 Oct 2022 07:15:52 GMT etag W/"596c-GkYiKLrUpiq/rluy/5g9vXeNWf4" server cloudflare strict-transport-security max-age=31536000 vary Accept-Encoding x-backend Z x-cluster substack x-powered-by Express x-served-by Substack
GET H2	200	firehose www.forestcitypost.com/api/v1/	35 B 578 B	148ms 147ms	Image image/gif	2606:4700:4400::ac40:93a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.forestcitypost.com/api/v1/firehose?_=1665645352192&d=eyJldmVudCI6IlBhZ2VzIiwicHJvcGVydGllcyI6eyJicm93c2VyU2Vzc2lvbklkIjoiYXhwMXltaWJ5MWEiLCJpZnJhbWVWaXNpdElkIjpmYWxzZX0sImNvbnRleHQiOnsiY2xpZW50X3R5cGUiOiJ3ZWIiLCJwYWdlIjp7InJlZmVycmVyIjoiIiwidGl0bGUiOiJGb3Jlc3QgQ2l0eSBQb3N0IHwgU3Vic3RhY2siLCJ1cmwiOiJodHRwczovL3d3dy5mb3Jlc3RjaXR5cG9zdC5jb20vIn19fQ%3D%3D Requested by Host: www.forestcitypost.com URL: https://www.forestcitypost.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 13 Oct 2022 07:15:52 GMT strict-transport-security max-age=31536000 x-cluster substack cf-cache-status DYNAMIC x-backend Z server cloudflare x-powered-by Express vary Accept-Encoding content-type image/gif cache-control no-cache cf-ray 7596495cbb3c9030-FRA content-length 35 x-served-by Substack
GET H2	200	firehose www.forestcitypost.com/api/v1/	35 B 410 B	148ms 148ms	Image image/gif	2606:4700:4400::ac40:93a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.forestcitypost.com/api/v1/firehose?_=1665645352420&d=eyJldmVudCI6IkNvdmVyIFBhZ2UgU2hvd24iLCJwcm9wZXJ0aWVzIjp7ImJyb3dzZXJTZXNzaW9uSWQiOiJheHAxeW1pYnkxYSIsImlmcmFtZVZpc2l0SWQiOmZhbHNlLCJoYXNfY292ZXJfcGhvdG8iOnRydWV9LCJjb250ZXh0Ijp7ImNsaWVudF90eXBlIjoid2ViIiwicGFnZSI6eyJyZWZlcnJlciI6IiIsInRpdGxlIjoiRm9yZXN0IENpdHkgUG9zdCB8IFN1YnN0YWNrIiwidXJsIjoiaHR0cHM6Ly93d3cuZm9yZXN0Y2l0eXBvc3QuY29tLyJ9fX0%3D Requested by Host: www.forestcitypost.com URL: https://www.forestcitypost.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 13 Oct 2022 07:15:52 GMT strict-transport-security max-age=31536000 x-cluster substack cf-cache-status DYNAMIC x-backend Z server cloudflare x-powered-by Express vary Accept-Encoding content-type image/gif cache-control no-cache cf-ray 7596495cbb519030-FRA content-length 35 x-served-by Substack
GET H2	200	channelFrame.css substackcdn.com/theme/ Frame 42C0	0 390 B	20ms 19ms	Stylesheet text/css	2600:9000:223e:f400:4:b4b9:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://substackcdn.com/theme/channelFrame.css?v=d41d8cd98f00b204e9800998ecf8427e Requested by Host: substack.com URL: https://substack.com/channel-frame Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:f400:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cowboy / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://substack.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-cluster substack via 1.1 vegur, 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront) date Thu, 30 Jun 2022 21:37:00 GMT server Cowboy x-amz-cf-pop FRA56-P4 age 9020332 x-powered-by Express etag W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk" x-cache Hit from cloudfront content-type text/css; charset=utf-8 cache-control public, max-age=31557600 content-length 0 x-amz-cf-id hAfjflVCtPtSAQFGA07DJcFvF-_JdYEQSgvyD999yyq6PNq9fap4_g== x-served-by Substack
GET H2	200	channelFrame.css substackcdn.com/min/ Frame 42C0	8 KB 2 KB	16ms 15ms	Stylesheet text/css	2600:9000:223e:f400:4:b4b9:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://substackcdn.com/min/channelFrame.css?v=1fad-183ce601d48 Requested by Host: substack.com URL: https://substack.com/channel-frame Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:f400:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash 19d9ce494ba02c8f0b1c680b79ae17fea13a5bf4f6736052ae6ff03ebb95e052 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://substack.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 22:53:23 GMT x-cluster substack content-encoding gzip strict-transport-security max-age=31536000 via 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront) x-backend Z x-amz-cf-pop FRA56-P4 age 30149 x-powered-by Express x-cache Hit from cloudfront x-served-by Substack last-modified Wed, 12 Oct 2022 22:45:49 GMT etag W/"1fad-183ce601d48" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000000 x-amz-cf-id CprmW6hmADYa9MWwqmeugq9UooYoaM6gocmiMmSA5hjAtkx-qlmLxQ==
GET H2	200	c41771aeccbb43fbbffbc4755e65c9be.min.js Show response js.sentry-cdn.com/ Frame 42C0	2 KB 1 KB	17ms 16ms	Script text/javascript	2a04:4e42::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.sentry-cdn.com/c41771aeccbb43fbbffbc4755e65c9be.min.js Requested by Host: substack.com URL: https://substack.com/channel-frame Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 031ae69b49b033571c622c2a4a447270636170abb5454c1dc7dc892471cf5a47 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://substack.com/ Origin https://substack.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 13 Oct 2022 07:15:52 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains age 30 x-envoy-upstream-service-time 11 content-length 1018 x-xss-protection 1; mode=block x-served-by getsentry-web-default-production-fcb69cb5c-vm7wl, cache-hhn4073-HHN x-frame-options deny vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000 x-envoy-attempt-count 1 accept-ranges bytes timing-allow-origin https://sentry.io
GET H2	200	channelFrame.bundle.js Show response substackcdn.com/min/ Frame 42C0	334 KB 112 KB	16ms 16ms	Script application/javascript	2600:9000:223e:f400:4:b4b9:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://substackcdn.com/min/channelFrame.bundle.js?v=5376d-183ce601d48 Requested by Host: substack.com URL: https://substack.com/channel-frame Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:f400:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash e44f39a89ac55a19492f515fdfbfe3eb27ebbf99abb51ce15a1e2fda5379dc16 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://substack.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 12 Oct 2022 22:54:03 GMT x-cluster substack content-encoding gzip strict-transport-security max-age=31536000 via 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront) x-backend Z x-amz-cf-pop FRA56-P4 age 30109 x-powered-by Express x-cache Hit from cloudfront x-served-by Substack last-modified Wed, 12 Oct 2022 22:45:49 GMT etag W/"5376d-183ce601d48" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000000 x-amz-cf-id X76BOHP1xWLmOXHGcanpKcFueWQLqL1mIIPiPAOFiKbV_KNrIAgGgQ==
GET H2	200	firehose substack.com/api/v1/ Frame 42C0	35 B 517 B	142ms 141ms	Image image/gif	2606:4700:4400::6812:21f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://substack.com/api/v1/firehose?_=1665645352647&d=eyJldmVudCI6IlBhZ2VzIiwicHJvcGVydGllcyI6eyJicm93c2VyU2Vzc2lvbklkIjoiZTdubWwxeGRrdCIsImlmcmFtZVZpc2l0SWQiOnsiaWQiOiIxM2I0YWU0Ny0zNzJiLTRmZTEtOTZhZS1mNjlmMTc3Njg1ODkiLCJ0aW1lc3RhbXAiOiIyMDIyLTEwLTEzVDA3OjE1OjUyLjY0NloifX0sImNvbnRleHQiOnsiY2xpZW50X3R5cGUiOiJ3ZWIiLCJwYWdlIjp7InJlZmVycmVyIjoiaHR0cHM6Ly93d3cuZm9yZXN0Y2l0eXBvc3QuY29tLyIsInRpdGxlIjoiIiwidXJsIjoiaHR0cHM6Ly9zdWJzdGFjay5jb20vY2hhbm5lbC1mcmFtZSJ9fX0%3D Requested by Host: substack.com URL: https://substack.com/channel-frame Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:21f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://substack.com/channel-frame User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 13 Oct 2022 07:15:52 GMT strict-transport-security max-age=31536000 x-cluster substack cf-cache-status DYNAMIC x-backend Z server cloudflare x-powered-by Express vary Accept-Encoding content-type image/gif cache-control no-cache cf-ray 7596495e2df19293-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 35 x-served-by Substack
GET H2	200	firehose substack.com/api/v1/ Frame 42C0	35 B 526 B	140ms 140ms	Image image/gif	2606:4700:4400::6812:21f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://substack.com/api/v1/firehose?_=1665645352650&d=eyJldmVudCI6IkZyYW1lIE1lc3NhZ2UgU2VudCIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6ImU3bm1sMXhka3QiLCJpZnJhbWVWaXNpdElkIjp7ImlkIjoiMTNiNGFlNDctMzcyYi00ZmUxLTk2YWUtZjY5ZjE3NzY4NTg5IiwidGltZXN0YW1wIjoiMjAyMi0xMC0xM1QwNzoxNTo1Mi42NDZaIn0sImhhc1VzZXJTdGF0ZSI6ZmFsc2V9LCJjb250ZXh0Ijp7ImNsaWVudF90eXBlIjoid2ViIiwicGFnZSI6eyJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LmZvcmVzdGNpdHlwb3N0LmNvbS8iLCJ0aXRsZSI6IiIsInVybCI6Imh0dHBzOi8vc3Vic3RhY2suY29tL2NoYW5uZWwtZnJhbWUifX19 Requested by Host: substack.com URL: https://substack.com/channel-frame Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:21f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://substack.com/channel-frame User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 13 Oct 2022 07:15:52 GMT strict-transport-security max-age=31536000 x-cluster substack cf-cache-status DYNAMIC x-backend Z server cloudflare x-powered-by Express vary Accept-Encoding content-type image/gif cache-control no-cache cf-ray 7596495e2df39293-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 35 x-served-by Substack
GET H2	200	firehose www.forestcitypost.com/api/v1/	35 B 96 B	184ms 183ms	Image image/gif	2606:4700:4400::ac40:93a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.forestcitypost.com/api/v1/firehose?_=1665645352655&d=eyJldmVudCI6IkZyYW1lIE1lc3NhZ2UgSGFuZGxlZCIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6ImF4cDF5bWlieTFhIiwiaWZyYW1lVmlzaXRJZCI6ZmFsc2UsImxvZ2dlZEluQXRTdWJzdGFjayI6ZmFsc2UsImxvZ2dlZEluQXRDdXN0b21Eb21haW4iOmZhbHNlLCJhdHRlbXB0UmVkaXJlY3QiOmZhbHNlfSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsInBhZ2UiOnsicmVmZXJyZXIiOiIiLCJ0aXRsZSI6IkZvcmVzdCBDaXR5IFBvc3QgfCBTdWJzdGFjayIsInVybCI6Imh0dHBzOi8vd3d3LmZvcmVzdGNpdHlwb3N0LmNvbS8ifX19 Requested by Host: www.forestcitypost.com URL: https://www.forestcitypost.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 13 Oct 2022 07:15:52 GMT strict-transport-security max-age=31536000 x-cluster substack cf-cache-status DYNAMIC x-backend Z server cloudflare x-powered-by Express vary Accept-Encoding content-type image/gif cache-control no-cache cf-ray 7596495e2ddb9030-FRA content-length 35 x-served-by Substack
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 42C0	208 KB 74 KB	65ms 25ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-TLW0DF6G5V&l=localGaDataLayer Requested by Host: substackcdn.com URL: https://substackcdn.com/min/channelFrame.bundle.js?v=5376d-183ce601d48 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 58601e5a27247ca3a729c3c96247b22fff4474f04fddd0cdd30711a1967233c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://substack.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 13 Oct 2022 07:15:52 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 74861 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 13 Oct 2022 07:15:52 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	47ms 47ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=undefined&l=localGaDataLayer Requested by Host: substackcdn.com URL: https://substackcdn.com/min/main.bundle.js?v=1ba134-183ce601d48 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 00d82bbe4b0a91010e6dfa085a98df0c9661aabed8dfa7558f1c8a6294a07d4f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 13 Oct 2022 07:15:52 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36243 x-xss-protection 0 last-modified Thu, 13 Oct 2022 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 13 Oct 2022 07:15:52 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame 42C0	154 KB 58 KB	63ms 30ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TLW0DF6G5V&l=localGaDataLayer Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6247c25d915cdaef23466d4e436657dd6491117fde88b31a58b40a87b026d872 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://substack.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 13 Oct 2022 07:15:52 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 59242 x-xss-protection 0 last-modified Thu, 13 Oct 2022 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 13 Oct 2022 07:15:52 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	154 KB 58 KB	71ms 44ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=undefined&l=localGaDataLayer Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash acd40da6f560ecd72f077e68e2cfed93f65ad6840b7a5583d28a954d5a8f8579 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 13 Oct 2022 07:15:52 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 59241 x-xss-protection 0 last-modified Thu, 13 Oct 2022 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 13 Oct 2022 07:15:52 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/ Frame 42C0	41 KB 15 KB	94ms 40ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://substack.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 13 Oct 2022 07:15:53 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15192 x-xss-protection 0 server cafe etag 699633608045481581 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 13 Oct 2022 07:15:53 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	41 KB 15 KB	96ms 61ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 13 Oct 2022 07:15:53 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15192 x-xss-protection 0 server cafe etag 699633608045481581 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 13 Oct 2022 07:15:53 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/ Frame 42C0	2 KB 2 KB	83ms 28ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/?random=1665645353129&cv=9&fst=1665645353129&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fsubstack.com%2Fchannel-frame&ref=https%3A%2F%2Fwww.forestcitypost.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 84845625158d0b25bd8ef0178770b4be5fccb06ab76542f4f22af0ef0a340c61 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://substack.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Thu, 13 Oct 2022 07:15:53 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1034 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/	2 KB 1 KB	81ms 41ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/?random=1665645353146&cv=9&fst=1665645353146&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.forestcitypost.com%2F&tiba=Forest%20City%20Post%20%7C%20Substack&auid=243164005.1665645353&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 76cd1a26947b307ff2a2889a8546e7a9aefdd357945ea60905459441597e50ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Thu, 13 Oct 2022 07:15:53 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1043 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/316245675/ Frame 42C0	42 B 108 B	72ms 33ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/316245675/?random=1665645353129&cv=9&fst=1665644400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fsubstack.com%2Fchannel-frame&ref=https%3A%2F%2Fwww.forestcitypost.com%2F&async=1&fmt=3&is_vtc=1&random=536291116&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://substack.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Thu, 13 Oct 2022 07:15:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/316245675/ Frame 42C0	42 B 548 B	70ms 30ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/316245675/?random=1665645353129&cv=9&fst=1665644400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fsubstack.com%2Fchannel-frame&ref=https%3A%2F%2Fwww.forestcitypost.com%2F&async=1&fmt=3&is_vtc=1&random=536291116&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://substack.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Thu, 13 Oct 2022 07:15:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/316245675/	42 B 548 B	59ms 32ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/316245675/?random=1665645353146&cv=9&fst=1665644400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.forestcitypost.com%2F&tiba=Forest%20City%20Post%20%7C%20Substack&async=1&fmt=3&is_vtc=1&random=3606034031&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Thu, 13 Oct 2022 07:15:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/316245675/	42 B 108 B	61ms 34ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/316245675/?random=1665645353146&cv=9&fst=1665644400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaaa0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.forestcitypost.com%2F&tiba=Forest%20City%20Post%20%7C%20Substack&async=1&fmt=3&is_vtc=1&random=3606034031&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.forestcitypost.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Thu, 13 Oct 2022 07:15:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

substack.com

URL

https://substack.com/channel-frame

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Sentry object| _preloads object| _analyticsConfig function| I object| localGaDataLayer function| gtag function| __captchaOnloadCallback object| google_tag_manager object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.forestcitypost.com/	1970-01-20 15:26:21	Name: ajs_anonymous_id Value: %226bafa1f1-d065-4805-abcc-d06050eec464%22
			.www.forestcitypost.com/	1970-01-20 15:26:21	Name: ajs_anonymous_id Value: %226bafa1f1-d065-4805-abcc-d06050eec464%22
			.www.forestcitypost.com/	1970-01-20 06:40:47	Name: visit_id Value: %7B%22id%22%3A%22464d351e-3be2-4103-b411-ee99d6b86ba1%22%2C%22timestamp%22%3A%222022-10-13T07%3A15%3A52.518Z%22%7D
			.www.forestcitypost.com/	1970-01-20 15:26:21	Name: ab_testing_id Value: %222b2cdc5a-8caa-4a69-86ea-953e79fc7e8b%22
			.substack.com/	1970-01-20 06:40:47	Name: __cf_bm Value: BO7sOfw9Cl1zO5QTaK7jS8H0ZzZr36ldT4bcYoAejf8-1665645352-0-AZzqRRl5P5TG++4kevtWprCDjYoh4MRm1VQVsvn0rFhC3J5mDBV5mAZegvqxvpftRq0DL9I3PWrVp+0OQ4HwRCo=
			.forestcitypost.com/	1970-01-20 08:50:21	Name: _gcl_au Value: 1.1.243164005.1665645353
			.doubleclick.net/	1970-01-20 06:40:46	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
js.sentry-cdn.com
substack.com
substackcdn.com
www.forestcitypost.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
substack.com
142.250.185.66
2600:9000:223e:f400:4:b4b9:d3c0:93a1
2606:4700:4400::6812:21f5
2606:4700:4400::ac40:93a9
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:827::2008
2a00:1450:4001:831::2002
2a04:4e42::729
00d82bbe4b0a91010e6dfa085a98df0c9661aabed8dfa7558f1c8a6294a07d4f
031ae69b49b033571c622c2a4a447270636170abb5454c1dc7dc892471cf5a47
135f1652c4ca54be0c70dceb377d43e8e075e825547c59de3a29498154700252
15238c78f4aa641322fb808d2d43f5e969e41b3a27cd0605c453f4f9e5a1cdbc
19d9ce494ba02c8f0b1c680b79ae17fea13a5bf4f6736052ae6ff03ebb95e052
1d0c224639a52d774f8ac21afff448c054d7cf66a133b439d16819091a9ec57a
2fcb6d133ac4daef8442e8f79ba85c7c2cd9f0b74b2b7a02953d50df4ca89e3f
349c7600e99be99bf9b420cab5416318e82b1cdc64d9c141ab7316099414a0c4
58601e5a27247ca3a729c3c96247b22fff4474f04fddd0cdd30711a1967233c1
6247c25d915cdaef23466d4e436657dd6491117fde88b31a58b40a87b026d872
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
76cd1a26947b307ff2a2889a8546e7a9aefdd357945ea60905459441597e50ac
8352d0c61bab16b4508e69259dd167f9be46df50cb54040ed535bcfd4c05c7f7
84845625158d0b25bd8ef0178770b4be5fccb06ab76542f4f22af0ef0a340c61
a43d0f769a2b32b07057bc283d38db1041ef0394ec8d221c0d24575a35c53c9c
a78966454629e6838d71d79dc45d962be81082e37b433a9dc9a6cb5643165f53
acd40da6f560ecd72f077e68e2cfed93f65ad6840b7a5583d28a954d5a8f8579
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44f39a89ac55a19492f515fdfbfe3eb27ebbf99abb51ce15a1e2fda5379dc16
ea09a8db536043ac0aad9b4ca8c7921b82924ffcca7bf860556ccf0570c32acd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19