d3nfa3f6tqjjbl.cloudfront.net Open in urlscan Pro
2600:9000:23ca:e00:1a:21fd:a440:21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://doorcountyfond.org/
Effective URL:
https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjN...
Submission: On April 17 via api (April 17th 2023, 12:46:24 am UTC) from US — Scanned from CA

Summary HTTP 84 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 12 domains to perform 84 HTTP transactions. The main IP is 2600:9000:23ca:e00:1a:21fd:a440:21, located in United States and belongs to AMAZON-02, US. The main domain is d3nfa3f6tqjjbl.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on December 8th 2022. Valid for: a year.

This is the only time d3nfa3f6tqjjbl.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 32	35.183.253.56 35.183.253.56	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1 6	162.55.76.206 162.55.76.206	24940 (HETZNER-AS) (HETZNER-AS)
9	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	85.239.34.190 85.239.34.190	200019 (ALEXHOST) (ALEXHOST)
1 3	134.209.192.77 134.209.192.77	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2600:1f18:43d... 2600:1f18:43d1:2a02:b6ee:327b:545e:e578	14618 (AMAZON-AES) (AMAZON-AES)
28	2600:9000:23c... 2600:9000:23ca:e00:1a:21fd:a440:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
84	11

32 35.183.253.56 (Montreal, Canada) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

doorcountyfond.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.doorcountyfond.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.55.76.206 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.206.76.55.162.clients.your-server.de

get.sortyellowapples.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
for.firstblackphase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.statisticline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stock.statisticline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
far.statisticline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
come.sortyellowapples.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:820::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.239.34.190 (Secaucus, United States)

ASN200019 (ALEXHOST, MD)
PTR: d9.vm

cdn.statisticline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 134.209.192.77 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

whiteforwardlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.whiteforwardlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:43d1:2a02:b6ee:327b:545e:e578 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

track.themaccleanup.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.pageinfo.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2600:9000:23ca:e00:1a:21fd:a440:21 (United States)

ASN16509 (AMAZON-02, US)

d3nfa3f6tqjjbl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	doorcountyfond.org 2 redirects doorcountyfond.org www.doorcountyfond.org	2 MB
28	cloudfront.net d3nfa3f6tqjjbl.cloudfront.net	576 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	198 KB
4	statisticline.com 1 redirects stats.statisticline.com — Cisco Umbrella Rank: 909321 cdn.statisticline.com — Cisco Umbrella Rank: 669358 stock.statisticline.com — Cisco Umbrella Rank: 640955 far.statisticline.com — Cisco Umbrella Rank: 616912 Failed	6 KB
3	whiteforwardlines.com whiteforwardlines.com — Cisco Umbrella Rank: 745837 Failed 0.whiteforwardlines.com	36 KB
2	sortyellowapples.com get.sortyellowapples.com come.sortyellowapples.com — Cisco Umbrella Rank: 644683	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	14 KB
1	pageinfo.org track.pageinfo.org	891 B
1	themaccleanup.info track.themaccleanup.info	2 KB
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1835	2 KB
1	firstblackphase.com for.firstblackphase.com	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	2 KB
84	12

	Domain	Requested by
30	www.doorcountyfond.org	www.doorcountyfond.org
28	d3nfa3f6tqjjbl.cloudfront.net	d3nfa3f6tqjjbl.cloudfront.net
8	fonts.gstatic.com	fonts.googleapis.com
2	0.whiteforwardlines.com	1 redirects www.doorcountyfond.org
2	doorcountyfond.org	2 redirects
1	www.gstatic.com	d3nfa3f6tqjjbl.cloudfront.net
1	cdnjs.cloudflare.com	d3nfa3f6tqjjbl.cloudfront.net
1	track.pageinfo.org
1	track.themaccleanup.info	www.doorcountyfond.org
1	whiteforwardlines.com	come.sortyellowapples.com
1	come.sortyellowapples.com	stock.statisticline.com
1	far.statisticline.com	stock.statisticline.com
1	stock.statisticline.com	cdn.statisticline.com
1	cdn.statisticline.com	for.firstblackphase.com
1	stats.statisticline.com	get.sortyellowapples.com
1	secure.gravatar.com	www.doorcountyfond.org
1	for.firstblackphase.com	www.doorcountyfond.org
1	get.sortyellowapples.com	www.doorcountyfond.org
1	fonts.googleapis.com	www.doorcountyfond.org
84	19

This site contains links to these domains. Also see Links.

Domain
track.themaccleanup.info

Subject Issuer	Validity	Valid
doorcountyfond.org R3	`2023-03-04` - `2023-06-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
get.sortyellowapples.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
for.firstblackphase.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
stats.statisticline.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
cdn.statisticline.com R3	`2023-04-03` - `2023-07-02`	3 months	crt.sh
stock.statisticline.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
come.sortyellowapples.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
whiteforwardlines.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
track.themaccleanup.info R3	`2023-04-16` - `2023-07-15`	3 months	crt.sh
track.pageinfo.org R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=d58b1d32-f91f-464d-8375-06be9cbd8685..c1=feed14986..c2=4a5d46ed..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.whiteforwardlines.com%2F..ts=1681692382845
Frame ID: 4BBF0D8589EAB4EE42A0DF79AA0F3FD4
Requests: 84 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

McAfee® Total Protection

Page URL History Show full URLs

http://doorcountyfond.org/ HTTP 302
https://doorcountyfond.org/ HTTP 301
https://www.doorcountyfond.org/ Page URL
https://far.statisticline.com/away/back.php?id=64785e55-66-45776433 HTTP 302
https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=7958... Page URL
https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=7958197689 Page URL
https://0.whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=7958197689 Page URL
https://0.whiteforwardlines.com/?auf=myztoolcg45diojygyxtqmbrgixtemrpge3dqmjwhezdgobs&s=1&sub1=&sub2=7958197... HTTP 302
https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=d58b1d32-f91f-... Page URL
https://track.pageinfo.org/?redirectUrl=https%3A%2F%2Fd3nfa3f6tqjjbl.cloudfront.net%2FEnglish%2Findex.h... Page URL
https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiM... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

84
Requests

95 %
HTTPS

60 %
IPv6

12
Domains

19
Subdomains

11
IPs

5
Countries

2838 kB
Transfer

4255 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://track.themaccleanup.info/click
Title: Renew Subscription

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://doorcountyfond.org/ HTTP 302
https://doorcountyfond.org/ HTTP 301
https://www.doorcountyfond.org/ Page URL
https://far.statisticline.com/away/back.php?id=64785e55-66-45776433 HTTP 302
https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=7958197689 Page URL
https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=7958197689 Page URL
https://0.whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=7958197689 Page URL
https://0.whiteforwardlines.com/?auf=myztoolcg45diojygyxtqmbrgixtemrpge3dqmjwhezdgobs&s=1&sub1=&sub2=7958197689&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=d58b1d32-f91f-464d-8375-06be9cbd8685&feed=feed14986&hash=4a5d46ed&creative=0&campaign=64771&country=CA&platform=Windows&browser=Chrome&subday=0 Page URL
https://track.pageinfo.org/?redirectUrl=https%3A%2F%2Fd3nfa3f6tqjjbl.cloudfront.net%2FEnglish%2Findex.html%3Fkey%3DeyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ%253D%253D%26bemobdata%3Dc%253D70bbac94-8fb3-46e5-a455-a05f447155f4..l%253D79f441ce-7780-4f45-85eb-c20e42808e3c..f%253D9b637e48-cfee-4d4f-8a1e-24cce0697a13..a%253D1..b%253D0..z%253D0.00901..e%253Dd58b1d32-f91f-464d-8375-06be9cbd8685..c1%253Dfeed14986..c2%253D4a5d46ed..c3%253D0..c4%253D64771..c5%253DCA..c6%253DWindows..c7%253DChrome..c8%253D0..r%253Dhttps%25253A%25252F%25252F0.whiteforwardlines.com%25252F..ts%253D1681692382845 Page URL
https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=d58b1d32-f91f-464d-8375-06be9cbd8685..c1=feed14986..c2=4a5d46ed..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.whiteforwardlines.com%2F..ts=1681692382845 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://doorcountyfond.org/ HTTP 302
https://doorcountyfond.org/ HTTP 301
https://www.doorcountyfond.org/

Request Chain 46

https://far.statisticline.com/away/back.php?id=64785e55-66-45776433 HTTP 302
https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=7958197689

Request Chain 52

https://0.whiteforwardlines.com/?auf=myztoolcg45diojygyxtqmbrgixtemrpge3dqmjwhezdgobs&s=1&sub1=&sub2=7958197689&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=d58b1d32-f91f-464d-8375-06be9cbd8685&feed=feed14986&hash=4a5d46ed&creative=0&campaign=64771&country=CA&platform=Windows&browser=Chrome&subday=0

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
www.doorcountyfond.org/
Redirect Chain

http://doorcountyfond.org/
https://doorcountyfond.org/
https://www.doorcountyfond.org/

255 KB
28 KB

699ms
611ms

Document
text/html

35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache / PHP/7.4.15

Resource Hash

0524d86c6d23726abfd3ea87664d6e7edea50f669e4623b4b51825fef92ff639

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, s-maxage=10
Connection: Keep-Alive
Content-Encoding: br
Content-Length: 28486
Content-Type: text/html; charset=UTF-8
Date: Mon, 17 Apr 2023 00:46:18 GMT
Keep-Alive: timeout=2, max=100
Link: <https://www.doorcountyfond.org/wp-json/>; rel="https://api.w.org/", <https://www.doorcountyfond.org/wp-json/wp/v2/pages/89>; rel="alternate"; type="application/json", <https://www.doorcountyfond.org/>; rel=shortlink
P3P: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Mod-Pagespeed: 1.13.35.2-0
X-Powered-By: PHP/7.4.15

Redirect headers

Connection: Keep-Alive
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 17 Apr 2023 00:46:18 GMT
Keep-Alive: timeout=2, max=100
Location: https://www.doorcountyfond.org/
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK style.min.css
www.doorcountyfond.org/wp-includes/css/dist/block-library/ 95 KB
12 KB 24ms
24ms Stylesheet
text/css 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-includes/css/dist/block-library/style.min.css?ver=6.2

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Thu, 30 Mar 2023 01:22:08 GMT
Server: Apache
ETag: "17ced-5f813ebdb42e4-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 11727

GET
H/1.1 200
OK classic-themes.min.css
www.doorcountyfond.org/wp-includes/css/ 291 B
508 B 42ms
17ms Stylesheet
text/css 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-includes/css/classic-themes.min.css?ver=6.2

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Thu, 30 Mar 2023 01:22:08 GMT
Server: Apache
ETag: "123-5f813ebdac5e4-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 164

GET
H/1.1 200
OK style.css
www.doorcountyfond.org/wp-content/plugins/td-composer/td-multi-purpose/ 37 KB
5 KB 70ms
43ms Stylesheet
text/css 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Mon, 11 Apr 2022 12:12:08 GMT
Server: Apache
ETag: "92ec-5dc5fda6af600-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 4412

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 88ms
37ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCabin%3A500%2C400%2C700%7CZilla+Slab%3A400%2C300%2C500%7COpen+Sans+Condensed%3A400%7COswald%3A300%2C200%2C400%7CBerkshire+Swash%3A400&display=swap&ver=11.4.3

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55349cc42a969e115f651f3820bdd02d7489a21936e0e7e186133ec40b5a2b71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Apr 2023 00:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 00:46:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Apr 2023 00:46:19 GMT

GET
H/1.1 200
OK font-awesome.css
www.doorcountyfond.org/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 43 KB
7 KB 66ms
38ms Stylesheet
text/css 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

af49f53268c08752ca4c11e7f467dbb93d1c3a192a123c837e278869754f94f7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Mon, 11 Apr 2022 12:12:08 GMT
Server: Apache
ETag: "ab38-5dc5fda6af600-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 6646

GET
H/1.1 200
OK open-iconic.css
www.doorcountyfond.org/wp-content/plugins/td-composer/assets/fonts/open-iconic/ 13 KB
2 KB 52ms
22ms Stylesheet
text/css 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-content/plugins/td-composer/assets/fonts/open-iconic/open-iconic.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

5ebffa8d62c74ac74115fad19b69f43a291056d1ed9a1e42154744bc1d9af6d3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Mon, 11 Apr 2022 12:12:08 GMT
Server: Apache
ETag: "34b4-5dc5fda6af600-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 1945

GET
H/1.1 200
OK style.css
www.doorcountyfond.org/wp-content/themes/Newspaper/ 147 KB
24 KB 118ms
88ms Stylesheet
text/css 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-content/themes/Newspaper/style.css?ver=11.4.3

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

f1551d0d58ad6979fd7597990d8315ed7d741ba57296505f6463f6b5a0c32acc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Mon, 11 Apr 2022 12:12:04 GMT
Server: Apache
ETag: "24a56-5dc5fda2ded00-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 23779

GET
H/1.1 200
OK td_legacy_main.css
www.doorcountyfond.org/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 159 KB
22 KB 121ms
91ms Stylesheet
text/css 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

720de15d9dfbcbfdf4e83799f0ff80214a4a1ca899149e5e8e5f9a1414d1abaf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Mon, 11 Apr 2022 12:12:08 GMT
Server: Apache
ETag: "27af5-5dc5fda6af600-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 22642

GET
H/1.1 200
OK jquery.min.js Show response
www.doorcountyfond.org/wp-includes/js/jquery/ 88 KB
30 KB 120ms
77ms Script
application/javascript 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Thu, 30 Mar 2023 01:22:09 GMT
Server: Apache
ETag: "15ed7-5f813ebe69d21-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 30404

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.doorcountyfond.org/wp-includes/js/jquery/ 13 KB
5 KB 67ms
15ms Script
application/javascript 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Thu, 30 Mar 2023 01:22:09 GMT
Server: Apache
ETag: "3470-5f813ebe6acc1-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 4612

GET
H/1.1 200
OK / Show response
www.doorcountyfond.org/ 425 B
551 B 118ms
53ms Script
text/html 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/?54ea9ce011a14109498b68c25632e5d1&ver=6.2

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache / PHP/7.4.15

Resource Hash

0e956378e514c2d8b2eb5eef88486b8fc5220d72d4bda66315754633c6ea4431

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Server: Apache
X-Powered-By: PHP/7.4.15
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Mod-Pagespeed: 1.13.35.2-0
Cache-Control: max-age=0, no-cache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 197

GET
H/1.1 200
OK ai.min.js Show response
www.doorcountyfond.org/wp-content/plugins/advanced-iframe/js/ 52 KB
12 KB 112ms
44ms Script
application/javascript 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-content/plugins/advanced-iframe/js/ai.min.js?ver=203421

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

79c720a45b0536c9a3dea1d9803f5e663751e49226491c84f6e7903d87b8eb19

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Wed, 05 Apr 2023 18:53:05 GMT
Server: Apache
ETag: "d0dc-5f89b4d635f32-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 11795

GET
H/1.1 200
OK underscore.min.js Show response
www.doorcountyfond.org/wp-includes/js/ 18 KB
7 KB 96ms
27ms Script
application/javascript 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-includes/js/underscore.min.js?ver=1.13.4

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Tue, 28 Feb 2023 01:21:42 GMT
Server: Apache
ETag: "4991-5f5b86b11abfa-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 7198

GET
H/1.1 200
OK js_posts_autoload.min.js Show response
www.doorcountyfond.org/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 114ms
18ms Script
application/javascript 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=b2e02a383c117d2c27b181e37c1c9e0e

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Mon, 11 Apr 2022 12:12:16 GMT
Server: Apache
ETag: "14a0-5dc5fdae50800-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 1857

GET
H/1.1 200
OK tagdiv_theme.min.js Show response
www.doorcountyfond.org/wp-content/plugins/td-composer/legacy/Newspaper/js/ 275 KB
60 KB 159ms
47ms Script
application/javascript 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.4.3

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1c4d7c87ece708e4eff48af4949fd0e57970bb4b81dfe7b1181badff4b2e3203

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Mon, 11 Apr 2022 12:12:11 GMT
Server: Apache
ETag: "44c06-5dc5fda98bcc0-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 60572

GET
H/1.1 200
OK comment-reply.min.js Show response
www.doorcountyfond.org/wp-includes/js/ 3 KB
2 KB 130ms
15ms Script
application/javascript 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-includes/js/comment-reply.min.js?ver=6.2

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Mon, 27 Feb 2023 14:59:24 GMT
Server: Apache
ETag: "ba5-5f5afb990e006-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 1229

GET
H/1.1 200
OK js_files_for_front.min.js Show response
www.doorcountyfond.org/wp-content/plugins/td-cloud-library/assets/js/ 39 KB
9 KB 135ms
17ms Script
application/javascript 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=b2e02a383c117d2c27b181e37c1c9e0e

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

7281c6ddf4da96e9b18dfd674540e531297797c9ed7dcd5c270c373db0cbd7d0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Mon, 11 Apr 2022 12:12:16 GMT
Server: Apache
ETag: "9dd3-5dc5fdae50800-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 8704

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.doorcountyfond.org/wp-includes/js/ 18 KB
5 KB 26ms
26ms Script
application/javascript 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-includes/js/wp-emoji-release.min.js?ver=6.2

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Last-Modified: Thu, 30 Mar 2023 01:22:09 GMT
Server: Apache
ETag: "4904-5f813ebea94c1-br"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 4647

GET
H/1.1 200
OK / Show response
www.doorcountyfond.org/ 0
336 B 32ms
32ms Script
text/html 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/?5c8be7b3c429de9f3d5d3c0584a4eb3c&88624&undefined

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/?54ea9ce011a14109498b68c25632e5d1&ver=6.2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache / PHP/7.4.15

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: br
Server: Apache
X-Powered-By: PHP/7.4.15
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=0, no-cache, s-maxage=10
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 1

GET
H/1.1 200
OK get.js Show response
get.sortyellowapples.com/scripts/ 2 KB
2 KB 327ms
104ms Script
application/javascript 162.55.76.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://get.sortyellowapples.com/scripts/get.js
Requested by: Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.206.76.55.162.clients.your-server.de
Software: nginx /
Resource Hash: 0fbe83485f74f46dffd55c0015ea41574ba33498c4db5b08e5abb4f5f6e69942

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Last-Modified: Sat, 11 Mar 2023 11:17:05 GMT
Server: nginx
ETag: "640c6331-73c"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1852
Expires: Thu, 27 Apr 2023 00:46:19 GMT

GET
H/1.1 200
OK trbbbbb2 Show response
for.firstblackphase.com/ 2 KB
1 KB 358ms
128ms Script
text/plain 162.55.76.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://for.firstblackphase.com/trbbbbb2
Requested by: Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.206.76.55.162.clients.your-server.de
Software: nginx /
Resource Hash: eee5d4b33b49d21af643b7c5827d5d9aa8dd4bc75d7b72ec761c9927bec2993e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 00:46:19 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 851
Expires: 0

GET
H/1.1 200
OK hero-bg.jpg
www.doorcountyfond.org/wp-content/uploads/2021/03/ 240 KB
241 KB 22ms
22ms Image
image/jpeg 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.doorcountyfond.org/wp-content/uploads/2021/03/hero-bg.jpg

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

03ef3a2320cb6ac4725f860a3540b6151adeda163f9bf33a24d29b2914919806

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Last-Modified: Sat, 17 Apr 2021 19:11:01 GMT
Server: Apache
ETag: "3c1fd-5c02fdb6e7b40"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 246269

GET
H/1.1 200
OK sturgeon-bay-brians-bay.jpg
www.doorcountyfond.org/wp-content/uploads/2021/04/ 842 KB
842 KB 34ms
34ms Image
image/jpeg 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.doorcountyfond.org/wp-content/uploads/2021/04/sturgeon-bay-brians-bay.jpg

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4e456120586b6aa32063f5fa02a768a513c4605725d1ce36970c2f9f06e16376

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Last-Modified: Fri, 23 Apr 2021 13:57:03 GMT
Server: Apache
ETag: "d2785-5c0a42ba5a9c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 862085

GET
H/1.1 200
OK potawatomi-park-tower-1068x737.webp
www.doorcountyfond.org/wp-content/uploads/2023/01/ 137 KB
138 KB 13ms
13ms Image
image/webp 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.doorcountyfond.org/wp-content/uploads/2023/01/potawatomi-park-tower-1068x737.webp

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

81a8de60a56f0e57a099bc7d623c84f8526615a6659f8d2704c600e5b79e7ef1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Last-Modified: Mon, 23 Jan 2023 02:06:07 GMT
Server: Apache
ETag: "2258a-5f2e4d796c1c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 140682

GET
H/1.1 200
OK maxresdefault-1068x601.jpeg
www.doorcountyfond.org/wp-content/uploads/2021/09/ 174 KB
174 KB 18ms
17ms Image
image/jpeg 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.doorcountyfond.org/wp-content/uploads/2021/09/maxresdefault-1068x601.jpeg

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

032f1654b990b30846f30da23e5fd9b58463b80863052405cbbe2252c6de2d51

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Last-Modified: Sun, 26 Sep 2021 07:13:47 GMT
Server: Apache
ETag: "2b811-5cce0b8b280c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 178193

GET
H/1.1 200
OK potawatomi-park-tower-696x480.webp
www.doorcountyfond.org/wp-content/uploads/2023/01/ 56 KB
56 KB 13ms
13ms Image
image/webp 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.doorcountyfond.org/wp-content/uploads/2023/01/potawatomi-park-tower-696x480.webp

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

5339753b63bde24bb059d325dd5a8514d040bc5afc234b280ee0401c05424962

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Last-Modified: Mon, 23 Jan 2023 02:06:07 GMT
Server: Apache
ETag: "e052-5f2e4d796c1c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 57426

GET
H/1.1 200
OK Structural_engineer_says_Potawatomi_Stat_0_87658787_ver1.0-696x392.webp
www.doorcountyfond.org/wp-content/uploads/2023/01/ 69 KB
69 KB 15ms
15ms Image
image/webp 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.doorcountyfond.org/wp-content/uploads/2023/01/Structural_engineer_says_Potawatomi_Stat_0_87658787_ver1.0-696x392.webp

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

6349773dabd47cdd72617de07458af5eedceca03fc8e604fc028e2a29bb2f1e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Last-Modified: Mon, 23 Jan 2023 02:06:07 GMT
Server: Apache
ETag: "11242-5f2e4d796c1c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 70210

GET
H/1.1 200
OK town-of-sevastapol-votes-against-atv-utv-proposal-696x392.jpeg
www.doorcountyfond.org/wp-content/uploads/2021/12/ 41 KB
41 KB 17ms
16ms Image
image/jpeg 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.doorcountyfond.org/wp-content/uploads/2021/12/town-of-sevastapol-votes-against-atv-utv-proposal-696x392.jpeg

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1cf9cc6ca87ae8863259ca763b5fc51666344868c44e09b1a21e51a19af0782d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Last-Modified: Thu, 30 Dec 2021 20:37:08 GMT
Server: Apache
ETag: "a45b-5d46304a00500"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 42075

GET
H/1.1 200
OK maxresdefault-696x392.jpeg
www.doorcountyfond.org/wp-content/uploads/2021/09/ 84 KB
84 KB 14ms
13ms Image
image/jpeg 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.doorcountyfond.org/wp-content/uploads/2021/09/maxresdefault-696x392.jpeg

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

b0f1a9c51bba1dcee1d41590883ea668d0cd1a1bf19c81e918cb1617805cd8de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Last-Modified: Sun, 26 Sep 2021 07:13:47 GMT
Server: Apache
ETag: "15079-5cce0b8b280c0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 86137

GET
H2 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v26/ 25 KB
26 KB 103ms
53ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CCabin%3A500%2C400%2C700%7CZilla+Slab%3A400%2C300%2C500%7COpen+Sans+Condensed%3A400%7COswald%3A300%2C200%2C400%7CBerkshire+Swash%3A400&display=swap&ver=11.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.doorcountyfond.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 08:04:44 GMT
x-content-type-options: nosniff
age: 319295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26100
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Apr 2024 08:04:44 GMT

GET
H2 200 dFa5ZfeM_74wlPZtksIFYpEY6HOpWw.woff2
fonts.gstatic.com/s/zillaslab/v11/ 25 KB
25 KB 116ms
67ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/zillaslab/v11/dFa5ZfeM_74wlPZtksIFYpEY6HOpWw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d8b4f85860c6f87fb76f7ac6af96a470d3b04ecf29f5db4e932279ca3dcf24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.doorcountyfond.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:57:26 GMT
x-content-type-options: nosniff
age: 478133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25824
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:52:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:57:26 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.doorcountyfond.org/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 75 KB
76 KB 24ms
14ms Font
font/woff2 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.doorcountyfond.org/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b
Origin: https://www.doorcountyfond.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Last-Modified: Mon, 11 Apr 2022 12:12:08 GMT
Server: Apache
ETag: "12d68-5dc5fda6af600"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 77160

GET
H2 200 dFa5ZfeM_74wlPZtksIFYskZ6HOpWw.woff2
fonts.gstatic.com/s/zillaslab/v11/ 26 KB
26 KB 121ms
72ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/zillaslab/v11/dFa5ZfeM_74wlPZtksIFYskZ6HOpWw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81422e7b0b20334fb7aaece03998a2a53c8430104ee3f3255ff038317192df8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.doorcountyfond.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:26:03 GMT
x-content-type-options: nosniff
age: 224416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26572
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 10:26:03 GMT

GET
H/1.1 200
OK open-iconic.woff
www.doorcountyfond.org/wp-content/plugins/td-composer/assets/fonts/open-iconic/ 15 KB
15 KB 38ms
13ms Font
font/woff 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-content/plugins/td-composer/assets/fonts/open-iconic/open-iconic.woff

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/wp-content/plugins/td-composer/assets/fonts/open-iconic/open-iconic.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

7193ea5654497d2356d0a690e3e50f39767fbff4335e57a3443c1435d648a1f2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.doorcountyfond.org/wp-content/plugins/td-composer/assets/fonts/open-iconic/open-iconic.css?ver=bcb4f14ba9142ca1fd172c7d9de6043b
Origin: https://www.doorcountyfond.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Last-Modified: Mon, 11 Apr 2022 12:12:08 GMT
Server: Apache
ETag: "3a88-5dc5fda6af600"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 14984

GET
H/1.1 200
OK newspaper.woff
www.doorcountyfond.org/wp-content/themes/Newspaper/images/icons/ 28 KB
28 KB 46ms
16ms Font
font/woff 35.183.253.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.doorcountyfond.org/wp-content/themes/Newspaper/images/icons/newspaper.woff?20

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/wp-content/themes/Newspaper/style.css?ver=11.4.3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

35.183.253.56 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-253-56.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.doorcountyfond.org/wp-content/themes/Newspaper/style.css?ver=11.4.3
Origin: https://www.doorcountyfond.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:19 GMT
Last-Modified: Mon, 11 Apr 2022 12:12:04 GMT
Server: Apache
ETag: "703c-5dc5fda2ded00"
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 28732

GET
H2 200 dFa6ZfeM_74wlPZtksIFajo6_Q.woff2
fonts.gstatic.com/s/zillaslab/v11/ 26 KB
26 KB 126ms
78ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/zillaslab/v11/dFa6ZfeM_74wlPZtksIFajo6_Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d480e0aa4ea24da26c51228f1a55be87831d4d7d4b9206c38887bdd9916265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.doorcountyfond.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 12:35:50 GMT
x-content-type-options: nosniff
age: 475829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26468
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 12:35:50 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 18 KB
18 KB 108ms
61ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs13Fv40pKlN4NNSeSASwcEWlWHYg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24559cb630d9fc7ad4c9c2ceb19663a2dacdc44af12c572d7f08a28e1e74218a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.doorcountyfond.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:13:12 GMT
x-content-type-options: nosniff
age: 473587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17928
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 13:13:12 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 69ms
25ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.doorcountyfond.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:32:14 GMT
x-content-type-options: nosniff
age: 483245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:32:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 61ms
21ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.doorcountyfond.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 12:26:31 GMT
x-content-type-options: nosniff
age: 217188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 12:26:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 57ms
56ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.doorcountyfond.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 18:07:16 GMT
x-content-type-options: nosniff
age: 23943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Apr 2024 18:07:16 GMT

GET
H2 200 b58996c504c5638798eb6b511e6f49af
secure.gravatar.com/avatar/ 1 KB
2 KB 63ms
17ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/b58996c504c5638798eb6b511e6f49af?s=96&d=mm&r=g
Requested by: Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Mon, 17 Apr 2023 00:46:19 GMT
last-modified: Fri, 29 Feb 2008 23:27:01 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="b58996c504c5638798eb6b511e6f49af.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/b58996c504c5638798eb6b511e6f49af?s=96&d=mm&r=g>; rel="canonical"
content-length: 1528
expires: Mon, 17 Apr 2023 00:51:19 GMT

GET
H/1.1 200
OK Y1hjNr Show response
stats.statisticline.com/ 2 KB
1 KB 340ms
120ms Script
text/plain 162.55.76.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.statisticline.com/Y1hjNr?&se_referrer=&default_keyword=Home%20-%20Friends%20of%20North%20Duluth%20-%20Door%20County&&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105
Requested by: Host: get.sortyellowapples.com
URL: https://get.sortyellowapples.com/scripts/get.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.206.76.55.162.clients.your-server.de
Software: nginx /
Resource Hash: eee5d4b33b49d21af643b7c5827d5d9aa8dd4bc75d7b72ec761c9927bec2993e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Apr 2023 00:46:20 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 851
Expires: 0

GET
H2 200 swaynew.js Show response
cdn.statisticline.com/scripts/ 5 KB
2 KB 585ms
137ms Script
application/javascript 85.239.34.190
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statisticline.com/scripts/swaynew.js

Requested by

Host: for.firstblackphase.com
URL: https://for.firstblackphase.com/trbbbbb2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.239.34.190 Secaucus, United States, ASN200019 (ALEXHOST, MD),

Reverse DNS

d9.vm

Software

nginx /

Resource Hash

f5718b18f5a27e73cf8ed785fc2039781dbe2d0cf2cc741993ea795cbda96535

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:46:20 GMT
strict-transport-security: max-age=15768000;
content-encoding: gzip
last-modified: Mon, 03 Apr 2023 14:18:45 GMT
server: nginx
etag: W/"642ae045-1391"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK swaytrick.js Show response
stock.statisticline.com/scripts/ 6 KB
2 KB 323ms
103ms Script
application/javascript 162.55.76.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stock.statisticline.com/scripts/swaytrick.js
Requested by: Host: cdn.statisticline.com
URL: https://cdn.statisticline.com/scripts/swaynew.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.206.76.55.162.clients.your-server.de
Software: nginx /
Resource Hash: 5d8f04969ad7e1a70d53cca8f35f91d3a4f6bddbe86f32ca29ec0fa5ab6d6777

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.doorcountyfond.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Mon, 17 Apr 2023 00:46:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 15:51:50 GMT
Server: nginx
ETag: W/"64148c96-170a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Expires: Thu, 27 Apr 2023 00:46:20 GMT

GET back.php
far.statisticline.com/away/ 0
0

GET
H/1.1

200
OK

go.php
come.sortyellowapples.com/away/
Redirect Chain

https://far.statisticline.com/away/back.php?id=64785e55-66-45776433
https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=7958197689

861 B
673 B

328ms
112ms

Document
text/html

162.55.76.206
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=7958197689
Requested by: Host: stock.statisticline.com
URL: https://stock.statisticline.com/scripts/swaytrick.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.206.76.55.162.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

Referer: https://www.doorcountyfond.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 17 Apr 2023 00:46:21 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 17 Apr 2023 00:46:21 GMT
Location: https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=7958197689
Server: nginx
Transfer-Encoding: chunked

GET /
whiteforwardlines.com/ 0
0

GET
H2 200 / Show response
whiteforwardlines.com/ 18 KB
18 KB 315ms
103ms Document
text/html 134.209.192.77
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=7958197689

Requested by

Host: come.sortyellowapples.com
URL: https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=7958197689

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

134.209.192.77 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4711e4d5830b6ff013d9e0b6db290031f6ba3377f4480a2ecea16be6d0b4be48

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://come.sortyellowapples.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 17 Apr 2023 00:46:21 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 / Show response
0.whiteforwardlines.com/ 18 KB
18 KB 120ms
107ms Document
text/html 134.209.192.77
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://0.whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=7958197689

Requested by

Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

134.209.192.77 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3e87e8d45ea70a7369345c5493df5310d97b914570571c9470339007a5a0fb16

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://whiteforwardlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 17 Apr 2023 00:46:22 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2

200

70bbac94-8fb3-46e5-a455-a05f447155f4 Show response
track.themaccleanup.info/go/
Redirect Chain

https://0.whiteforwardlines.com/?auf=myztoolcg45diojygyxtqmbrgixtemrpge3dqmjwhezdgobs&s=1&sub1=&sub2=7958197689&sub3=&sub4=&cpc=0&cpm=0
https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=d58b1d32-f91f-464d-8375-06be9cbd8685&feed=feed14986&hash=4a5d46ed&creative=0&campaign=64771&country=CA...

775 B
2 KB

134ms
50ms

Document
text/html

2600:1f18:43d1:2a02:b6ee:327b:545e:e578
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=d58b1d32-f91f-464d-8375-06be9cbd8685&feed=feed14986&hash=4a5d46ed&creative=0&campaign=64771&country=CA&platform=Windows&browser=Chrome&subday=0
Requested by: Host: www.doorcountyfond.org
URL: https://www.doorcountyfond.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1f18:43d1:2a02:b6ee:327b:545e:e578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: openresty /
Resource Hash: 33d01fb5f3d781b487aac5155f41af47c2569f22469a0f28bc85628bcb898be7

Request headers

Referer: https://0.whiteforwardlines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 17 Apr 2023 00:46:22 GMT
etag: W/"307-bwpfV6BcWoOZ0GhwU7QFwOcwfQo"
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
vary: Accept-Encoding
x-response-time: 25.047ms

Redirect headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 17 Apr 2023 00:46:22 GMT
location: https://track.themaccleanup.info/go/70bbac94-8fb3-46e5-a455-a05f447155f4?price=0.00901&clickid=d58b1d32-f91f-464d-8375-06be9cbd8685&feed=feed14986&hash=4a5d46ed&creative=0&campaign=64771&country=CA&platform=Windows&browser=Chrome&subday=0
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 / Show response
track.pageinfo.org/ 624 B
891 B 134ms
27ms Document
text/html 2600:1f18:43d1:2a02:b6ee:327b:545e:e578
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.pageinfo.org/?redirectUrl=https%3A%2F%2Fd3nfa3f6tqjjbl.cloudfront.net%2FEnglish%2Findex.html%3Fkey%3DeyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ%253D%253D%26bemobdata%3Dc%253D70bbac94-8fb3-46e5-a455-a05f447155f4..l%253D79f441ce-7780-4f45-85eb-c20e42808e3c..f%253D9b637e48-cfee-4d4f-8a1e-24cce0697a13..a%253D1..b%253D0..z%253D0.00901..e%253Dd58b1d32-f91f-464d-8375-06be9cbd8685..c1%253Dfeed14986..c2%253D4a5d46ed..c3%253D0..c4%253D64771..c5%253DCA..c6%253DWindows..c7%253DChrome..c8%253D0..r%253Dhttps%25253A%25252F%25252F0.whiteforwardlines.com%25252F..ts%253D1681692382845
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1f18:43d1:2a02:b6ee:327b:545e:e578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: openresty /
Resource Hash: 81e6cbee03bfc5ae960efba774c8403ea03a7c9de5f203c1000db20287c6daf3

Request headers

Referer: https://track.themaccleanup.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 17 Apr 2023 00:46:22 GMT
etag: W/"270-T1HEEomCECr64yv80vjD6pR082M"
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
vary: Accept-Encoding
x-response-time: 1.912ms

GET
H2 200 Primary Request index.html Show response
d3nfa3f6tqjjbl.cloudfront.net/English/ 2 KB
1 KB 75ms
21ms Document
text/html 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=d58b1d32-f91f-464d-8375-06be9cbd8685..c1=feed14986..c2=4a5d46ed..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.whiteforwardlines.com%2F..ts=1681692382845
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d00803227cc83b92a70fc2977de7bdcfe7e6129b5d8d0820fce0de17867b677

Request headers

Referer: https://track.pageinfo.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 48748
content-encoding: gzip
content-type: text/html
date: Sun, 16 Apr 2023 11:13:56 GMT
etag: W/"07766fdfb575b864b3f30f54bae953c4"
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
x-amz-cf-id: rBZCbBXzp-4pbZxh8HtMY3m8XoXr1FihMB7NyPKJXtjYz14C6geaIg==
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/ 47 KB
14 KB 126ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js

Requested by

Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=d58b1d32-f91f-464d-8375-06be9cbd8685..c1=feed14986..c2=4a5d46ed..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.whiteforwardlines.com%2F..ts=1681692382845

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d3nfa3f6tqjjbl.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8145374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13696
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-bb47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wk84BjyYwnSEPFOX6T2MeNFkCZ1qxD7f%2B8lm5yAOl8B%2BNp9kqZfavzC0aV0KjSljV5D2JHBV2x0BY%2FFDUtj2w9Yv11JFr9uLpMcRw1PvbmcyZNVY38GJ2vg%2F0nm3vhErvNYMeVP9M45xbIpAgKVGTKq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b90a6930d3f4bca-YUL
expires: Sat, 06 Apr 2024 00:46:23 GMT

GET
H2 200 script.js Show response
d3nfa3f6tqjjbl.cloudfront.net/English/js/ 85 KB
30 KB 24ms
23ms Script
application/javascript 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/js/script.js
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=d58b1d32-f91f-464d-8375-06be9cbd8685..c1=feed14986..c2=4a5d46ed..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.whiteforwardlines.com%2F..ts=1681692382845
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 09:47:08 GMT
content-encoding: gzip
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 53956
x-amz-server-side-encryption: AES256
etag: W/"a09e13ee94d51c524b7e2a728c7d4039"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ny1XgbfNA_7nt5vB9CAYrZkC4ixrx8T8aa5_m7crX3kbbfCdHX6X0A==

GET
H2 200 modules.js Show response
d3nfa3f6tqjjbl.cloudfront.net/English/js/ 224 KB
77 KB 43ms
42ms Script
application/javascript 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/js/modules.js
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=d58b1d32-f91f-464d-8375-06be9cbd8685..c1=feed14986..c2=4a5d46ed..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.whiteforwardlines.com%2F..ts=1681692382845
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de27d8901cbc3c7069d94a4c89267f10861e5eb1a1d906871e3ca75102562f1b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 11:22:33 GMT
content-encoding: gzip
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 48231
x-amz-server-side-encryption: AES256
etag: W/"c58c9188742521818ab13ca8b3e988ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: rq2GBHYbR7givneWANNZ0xRKnUMQJA8V4N9OhXXwMw6PpKmnBoiG5A==

GET
H2 200 custom.js Show response
d3nfa3f6tqjjbl.cloudfront.net/English/js/ 4 KB
1 KB 24ms
24ms Script
application/javascript 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/js/custom.js
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=d58b1d32-f91f-464d-8375-06be9cbd8685..c1=feed14986..c2=4a5d46ed..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.whiteforwardlines.com%2F..ts=1681692382845
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e497502ccd62847fe887656d239686ad1c7ee291f3a27a5ee4bb74eb09e3bb5

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 11:41:07 GMT
content-encoding: gzip
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 47117
x-amz-server-side-encryption: AES256
etag: W/"2414861da864646b2a5b01a142f87b7f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: byQ8zmSc3V1gFPJ8HvTlkiw-9MICidxaBaFjPS-qTOR9-q0t8xmSZw==

GET
H2 200 froala.min.css
d3nfa3f6tqjjbl.cloudfront.net/English/css/ 7 KB
2 KB 23ms
23ms Stylesheet
text/css 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/css/froala.min.css
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=d58b1d32-f91f-464d-8375-06be9cbd8685..c1=feed14986..c2=4a5d46ed..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.whiteforwardlines.com%2F..ts=1681692382845
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 18:04:25 GMT
content-encoding: gzip
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 24118
x-amz-server-side-encryption: AES256
etag: W/"8d4fba5186f02a0c4458986b0cf91667"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: UynylzY1EZA_-zo_EN9ICPS5Z0xsA0NcVuepZwE_7gPsy94Z5JEUIw==

GET
H2 200 style.css
d3nfa3f6tqjjbl.cloudfront.net/English/css/ 18 KB
4 KB 37ms
37ms Stylesheet
text/css 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/css/style.css
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=d58b1d32-f91f-464d-8375-06be9cbd8685..c1=feed14986..c2=4a5d46ed..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.whiteforwardlines.com%2F..ts=1681692382845
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49843610a21ee923bdec4d71775cbde80546a3d42e6b026c989bb120e2e664eb

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 09:47:08 GMT
content-encoding: gzip
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 53956
x-amz-server-side-encryption: AES256
etag: W/"1a230ec60ecc7ea03295e24cb5d40378"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: qplrqeYVyqwJakw2a2VlVggIp7Xvh5aZnt1oEEqEIn-xxoWmazXwgA==

GET
H2 200 custom.css
d3nfa3f6tqjjbl.cloudfront.net/English/css/ 11 KB
2 KB 42ms
42ms Stylesheet
text/css 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/css/custom.css
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=d58b1d32-f91f-464d-8375-06be9cbd8685..c1=feed14986..c2=4a5d46ed..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.whiteforwardlines.com%2F..ts=1681692382845
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f293e85b57979f8b60faf784b11b159858ebeae3abd3a50928d078d6c9833d1

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 08:14:50 GMT
content-encoding: br
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 59494
x-amz-server-side-encryption: AES256
etag: W/"afa5fe55f8ea711be28492c72405ce3a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: CSgL3DdzjSYikA48wTI9AUHu6r9seVum8ivk6VSyEOrd5KM2ajr6Hw==

GET
H2 200 main.d953d00b.js Show response
d3nfa3f6tqjjbl.cloudfront.net/English/static/js/ 153 KB
48 KB 21ms
20ms Script
application/javascript 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/static/js/main.d953d00b.js
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=d58b1d32-f91f-464d-8375-06be9cbd8685..c1=feed14986..c2=4a5d46ed..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.whiteforwardlines.com%2F..ts=1681692382845
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6dc755750023fdfc750d9ff02ad2c5249c1a732e167a6f4684589ffb5f9fbb44

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 16:33:07 GMT
content-encoding: gzip
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 29597
etag: W/"38eb0d65f80caf7ea8fe1d063e96ea3c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: fLxilx6Ht8wiK5NXm7N57vO3f8OzgAyXfpgjOAZ_cC1hgF925-OdgQ==

GET
H2 200 main.e6c13ad2.css
d3nfa3f6tqjjbl.cloudfront.net/English/static/css/ 337 B
707 B 59ms
59ms Stylesheet
text/css 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/static/css/main.e6c13ad2.css
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html?key=eyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ==&bemobdata=c=70bbac94-8fb3-46e5-a455-a05f447155f4..l=79f441ce-7780-4f45-85eb-c20e42808e3c..f=9b637e48-cfee-4d4f-8a1e-24cce0697a13..a=1..b=0..z=0.00901..e=d58b1d32-f91f-464d-8375-06be9cbd8685..c1=feed14986..c2=4a5d46ed..c3=0..c4=64771..c5=CA..c6=Windows..c7=Chrome..c8=0..r=https%3A%2F%2F0.whiteforwardlines.com%2F..ts=1681692382845
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 439b3301299d2f3614d9ede61bceaeb7d023f5975147e08f33d6e4ca82cfed56

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 11:41:07 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 47117
x-amz-server-side-encryption: AES256
etag: "9f6fd7b89af737fe9ff6849a58501b1b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 337
x-amz-cf-id: X1cjHvy6iiYusk35v8LcD5oj2qhsZL2038e6mBVkJ_lTSMolsWiXJQ==

GET
H2 200 bg-image.png
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 296 KB
297 KB 23ms
22ms Image
image/png 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/bg-image.png
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/css/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af9a953b12a4994939f45054e31302a7b1f59577f69c21376821cf9b922b414b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d3nfa3f6tqjjbl.cloudfront.net/English/css/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 10:17:12 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 52152
x-amz-server-side-encryption: AES256
etag: "bc336a3a0c484d7c65299b9c4af45596"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 302963
x-amz-cf-id: rrUhqHOlWq2htFlwcV8hbEeS1svPZM7o3WIWNC1AnBmqq94SqEQb7Q==

GET
H2 200 --vector-logo.svg
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 1 KB
1001 B 53ms
47ms Image
image/svg+xml 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--vector-logo.svg
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4aef0aba15680c1b745414a7c7bc39cdbeda17f1de0c7bf57bf90378b6a5d26

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 11:11:56 GMT
content-encoding: gzip
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 48868
x-amz-server-side-encryption: AES256
etag: W/"6afb794723ba525f2c526c9899569924"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: iOqX_OTCRVKRwZpjESgn2DEKOeJbhxdt4CIRBeYlr_lhHoIr80tOwA==

GET
H2 200 --full-site-logo.png
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 5 KB
5 KB 54ms
48ms Image
image/png 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--full-site-logo.png
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf56bcceaf23dba6d290e2c6739ac2bab77b36e03c20a48cdbe49bcfe2fb31d0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 17:37:47 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 25717
x-amz-server-side-encryption: AES256
etag: "945db2cdbd67e8ad20315672f80c1f18"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4714
x-amz-cf-id: SGrnrLheFdIN48R9XPvQ_l8YvXE1PTlwf34_wn3idzicvpXydH75Ng==

GET
H2 200 --spread-sheet-image1.png
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 128 B
501 B 55ms
48ms Image
image/png 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--spread-sheet-image1.png
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 17:37:47 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 25717
x-amz-server-side-encryption: AES256
etag: "0bb86caf792dd7d24731c18cd37bb68e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 128
x-amz-cf-id: YprPMo52KuG-9G8GMW8UBHlyGSildid7Zs8Zwjc7L30a87LqMxnLxQ==

GET
H2 200 --spread-sheet-image2.png
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 293 B
665 B 55ms
49ms Image
image/png 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--spread-sheet-image2.png
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 11:41:07 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 47117
x-amz-server-side-encryption: AES256
etag: "9eb68d2ce05c151bda542a7a6356e22c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 293
x-amz-cf-id: rCk-2T3Fxkk-H1YmhQS1UfL7s98dO_wzawDJSuTQlHxuDv4ngZ9CKA==

GET
H2 200 --spread-sheet-image3.png
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 364 B
736 B 56ms
50ms Image
image/png 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--spread-sheet-image3.png
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 00:42:10 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2868
x-amz-server-side-encryption: AES256
etag: "e144c3378090087c8ce129a30cb6cb4e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 364
x-amz-cf-id: q6SpJzf-Qn4xSJnKSMQ3WXrt5EbHqqCTrX-XJ1eYj-DFxIQzrHxKEA==

GET
H2 200 --spread-sheet-image4.png
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 349 B
721 B 64ms
58ms Image
image/png 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--spread-sheet-image4.png
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 10:17:21 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 52143
x-amz-server-side-encryption: AES256
etag: "7454c652e0733d92de6c920c2d646ae0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 349
x-amz-cf-id: qy4qoBbgpH_DK97YnJy0qOAY2gvQkGUhml9ZfV6SZxLG8gQGipqnTw==

GET
H2 200 --section-image.png
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 69 KB
69 KB 56ms
51ms Image
image/png 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--section-image.png
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d00309ba24e28a196d0ce99ced950476954b7435a539e5157556cdb4c23fd310

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 15:23:52 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 33752
x-amz-server-side-encryption: AES256
etag: "9979fef59356099c8f41e2248fb3765d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 70593
x-amz-cf-id: tP4v19ji6SQ2G2q36rY6AOcSaFmyKFEqUew2pBjN4EhjbJNxNeFEqg==

GET
H2 200 --security-image.gif
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 511 B
882 B 63ms
57ms Image
image/gif 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--security-image.gif
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa88fa9731a6021cd8c0f80ef76476fd055a9cf0bff3ad9fbefbedbd255e26fa

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 22:12:32 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 9232
x-amz-server-side-encryption: AES256
etag: "af3aca2036675c5979fb535c5d190f15"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 511
x-amz-cf-id: HRbfsSpgHFzdJq9kYoYnq8XRrrP-jq5WbM59YtFD1Jrc6MM9pFwAbA==

GET
H2 200 --identity-image.gif
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 2 KB
2 KB 65ms
60ms Image
image/gif 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--identity-image.gif
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 15:23:52 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 33752
x-amz-server-side-encryption: AES256
etag: "af52e51f42fd0c55bc3cf2c8ece71492"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 1547
x-amz-cf-id: pPGnXnAp4BVACjeTA_00IrR01EsJcGEvafIFKm9gwkj-KvThOaySkw==

GET
H2 200 --performance-image.gif
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 949 B
1 KB 68ms
63ms Image
image/gif 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--performance-image.gif
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 06:25:14 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 66070
x-amz-server-side-encryption: AES256
etag: "da9d153375da51a616a7663f1504e3a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 949
x-amz-cf-id: Ou4NoFibPlLA2rMYcpcxUITA8eGIllhzurKEibcAd4k8mYZYCr01mw==

GET
H2 200 --logo.png
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 2 KB
2 KB 64ms
60ms Image
image/png 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--logo.png
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c60d95afdfb06b36758c44ee23b82f5c5504f0119a2c86d83c990821e8f5cae6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 10:17:24 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 52140
x-amz-server-side-encryption: AES256
etag: "f460adcdcb62bffc8961d6681d5042be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1709
x-amz-cf-id: SnjIMABXiJZiYyXc_caa15kpG493x7in9ky3K4IXxueZaTrqyjQViQ==

GET
H2 200 --scanning-image.png
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 2 KB
2 KB 63ms
59ms Image
image/png 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--scanning-image.png
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b7a5ce48e7e6a77ba8c97eae67a4556c325b7a80ad8bc1e831d08069e8ed37c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 22:12:32 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 9232
x-amz-server-side-encryption: AES256
etag: "c391e0f03315c1de2f0c3091c1170b38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2178
x-amz-cf-id: pXUv4aTI2sss8X_tA0rMZZ3VGWXdfwFutknYpuJgDVh2e3SY9ftlnA==

GET
H2 200 --full-site-logo1.png
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 7 KB
7 KB 66ms
62ms Image
image/png 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--full-site-logo1.png
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6dbe00201def9dbf69293b028055f8ea0513ef52cb1f2e60212a5061c37d283d

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 15:23:52 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 33752
x-amz-server-side-encryption: AES256
etag: "63fb2900e5622e4a6cadfd616f84476e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 7254
x-amz-cf-id: umSBplzzQTPmX4hiAXu959MYwmuRHZsmj3EGQD8Sh050Q0XhjBE3zw==

GET
H2 200 --spread-sheet-image5.gif
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 69 B
440 B 65ms
61ms Image
image/gif 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--spread-sheet-image5.gif
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 15:23:52 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 33752
x-amz-server-side-encryption: AES256
etag: "3ae573d079dcd1d2da4086f2c0c72c45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 69
x-amz-cf-id: gBEXUHfDKDC66QGBukLlNxoLlJ3bP7lTYWpIrzcRhC97A2yQLe1fSQ==

GET
H2 200 --spread-sheet-image6.gif
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 377 B
748 B 67ms
63ms Image
image/gif 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--spread-sheet-image6.gif
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 21:37:17 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 11347
x-amz-server-side-encryption: AES256
etag: "c10bdec858cb0cf9e6cc5865d5925746"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 377
x-amz-cf-id: 0oMJ-fe0x4mhrZioylxOGUn21jVwd-8M4sGjgxuu3S9GMmCX44EGLQ==

GET
H2 200 --spread-sheet-image7.gif
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 234 B
604 B 67ms
64ms Image
image/gif 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--spread-sheet-image7.gif
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 10:17:27 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 52137
x-amz-server-side-encryption: AES256
etag: "9ce99ec458daf212f9812a90f3fadd13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 234
x-amz-cf-id: scXrYLhkCwHTpqd0fZebQzx68m8NhM-61SD6-iE5le9fGm60MeRO2A==

GET
H2 200 --translate.png
d3nfa3f6tqjjbl.cloudfront.net/English/img/ 846 B
1 KB 69ms
66ms Image
image/png 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/img/--translate.png
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 15:23:52 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 33752
x-amz-server-side-encryption: AES256
etag: "e9cd262114358f26b7608b56905185dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 846
x-amz-cf-id: NtC7xpr4kiQCA4i1tN-fmvb3nXYKnjKu4gqmhn0USZFCEtogdNqWOQ==

GET
H2 206 ring.mp3
d3nfa3f6tqjjbl.cloudfront.net/English/audio/ 16 KB
16 KB 70ms
67ms Media
audio/mp3 2600:9000:23ca:e00:1a:21fd:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/audio/ring.mp3
Requested by: Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:e00:1a:21fd:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8ef8e78f08ac34193423319b86566a442440ec663d09f26911e9fa10c4c9db7

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 16 Apr 2023 10:19:04 GMT
via: 1.1 c1685d59e35fdb859ab8a1f97feb5652.cloudfront.net (CloudFront)
last-modified: Mon, 02 Jan 2023 09:02:16 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 52040
x-amz-server-side-encryption: AES256
etag: "d6040c63cafad92b0c2933569de365c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: audio/mp3
Content-Range: bytes 0-15931/15932
accept-ranges: bytes
x-amz-cf-id: TlNDoPnVys1addQmGWB_yZFBIIs0yzOdtEXWGMUvmdPWj2yF4qB_2g==
Content-Length: 15932

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 69ms
20ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: d3nfa3f6tqjjbl.cloudfront.net
URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://d3nfa3f6tqjjbl.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 13:56:18 GMT
x-content-type-options: nosniff
age: 125405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 14 Apr 2024 13:56:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: far.statisticline.com
URL: https://far.statisticline.com/away/back.php?id=64785e55-66-45776433

Domain: whiteforwardlines.com
URL: https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=7958197689

Domain: whiteforwardlines.com
URL: https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=7958197689

Domain: whiteforwardlines.com
URL: https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=7958197689

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.doorcountyfond.org/	1970-01-20 11:08:41	Name: wp-simple-duser Value: 1
.whiteforwardlines.com/	1970-01-20 11:51:24	Name: uuid Value: b44aa432-1e87-4c0f-91c4-e762c606a089
.0.whiteforwardlines.com/	1970-01-20 11:51:24	Name: uuid Value: b44aa432-1e87-4c0f-91c4-e762c606a089
0.whiteforwardlines.com/	1970-01-20 11:51:24	Name: uuid Value: b44aa432-1e87-4c0f-91c4-e762c606a089
.0.whiteforwardlines.com/	1970-01-20 11:09:38	Name: ccid Value: %5B64771%5D
.track.themaccleanup.info/	1970-01-20 11:09:38	Name: bemob-uniq-visit:70bbac94-8fb3-46e5-a455-a05f447155f4 Value: 1
.track.themaccleanup.info/	1970-01-20 11:09:38	Name: bemob-rotation:70bbac94-8fb3-46e5-a455-a05f447155f4:random:d5e470b63c22c64b74207027cdf79fc7 Value: 0-0-0
.track.themaccleanup.info/	1970-01-20 11:09:38	Name: bemob-track-url Value: https%3A%2F%2Fd3nfa3f6tqjjbl.cloudfront.net%2FEnglish%2Findex.html%3Fkey%3DeyJ0aW1lc3RhbXAiOiIxNjgxNjkyMzgyIiwiaGFzaCI6IjI0MGFiMDRiMzAyMzlkMDk2NjFjNWYxMzBlZDIwOTlmYjBlOGYyNjMifQ%253D%253D%26bemobdata%3Dc%253D70bbac94-8fb3-46e5-a455-a05f447155f4..l%253D79f441ce-7780-4f45-85eb-c20e42808e3c..f%253D9b637e48-cfee-4d4f-8a1e-24cce0697a13..a%253D1..b%253D0..z%253D0.00901..e%253Dd58b1d32-f91f-464d-8375-06be9cbd8685..c1%253Dfeed14986..c2%253D4a5d46ed..c3%253D0..c4%253D64771..c5%253DCA..c6%253DWindows..c7%253DChrome..c8%253D0..r%253Dhttps%25253A%25252F%25252F0.whiteforwardlines.com%25252F..ts%253D1681692382845

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.doorcountyfond.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.3(Line 1) Message: Mixed Content: The page at 'https://www.doorcountyfond.org/' was loaded over HTTPS, but requested an insecure element 'http://www.doorcountyfond.org/wp-content/uploads/2021/03/hero-bg.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.doorcountyfond.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.3(Line 1) Message: Mixed Content: The page at 'https://www.doorcountyfond.org/' was loaded over HTTPS, but requested an insecure element 'http://www.doorcountyfond.org/wp-content/uploads/2021/04/sturgeon-bay-brians-bay.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html# Message: Mixed Content: The page at 'https://d3nfa3f6tqjjbl.cloudfront.net/English/index.html#' was loaded over HTTPS, but requested an insecure element 'http://www.gstatic.com/images/branding/product/2x/translate_24dp.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.whiteforwardlines.com
cdn.statisticline.com
cdnjs.cloudflare.com
come.sortyellowapples.com
d3nfa3f6tqjjbl.cloudfront.net
doorcountyfond.org
far.statisticline.com
fonts.googleapis.com
fonts.gstatic.com
for.firstblackphase.com
get.sortyellowapples.com
secure.gravatar.com
stats.statisticline.com
stock.statisticline.com
track.pageinfo.org
track.themaccleanup.info
whiteforwardlines.com
www.doorcountyfond.org
www.gstatic.com
far.statisticline.com
whiteforwardlines.com
134.209.192.77
162.55.76.206
2600:1f18:43d1:2a02:b6ee:327b:545e:e578
2600:9000:23ca:e00:1a:21fd:a440:21
2606:4700::6811:180e
2607:f8b0:4006:80d::200a
2607:f8b0:4006:820::2003
2a04:fa87:fffe::c000:4902
35.183.253.56
85.239.34.190
032f1654b990b30846f30da23e5fd9b58463b80863052405cbbe2252c6de2d51
03ef3a2320cb6ac4725f860a3540b6151adeda163f9bf33a24d29b2914919806
0524d86c6d23726abfd3ea87664d6e7edea50f669e4623b4b51825fef92ff639
0e956378e514c2d8b2eb5eef88486b8fc5220d72d4bda66315754633c6ea4431
0fbe83485f74f46dffd55c0015ea41574ba33498c4db5b08e5abb4f5f6e69942
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c4d7c87ece708e4eff48af4949fd0e57970bb4b81dfe7b1181badff4b2e3203
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
1cf9cc6ca87ae8863259ca763b5fc51666344868c44e09b1a21e51a19af0782d
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739
22d480e0aa4ea24da26c51228f1a55be87831d4d7d4b9206c38887bdd9916265
24559cb630d9fc7ad4c9c2ceb19663a2dacdc44af12c572d7f08a28e1e74218a
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7
33d01fb5f3d781b487aac5155f41af47c2569f22469a0f28bc85628bcb898be7
3e87e8d45ea70a7369345c5493df5310d97b914570571c9470339007a5a0fb16
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
439b3301299d2f3614d9ede61bceaeb7d023f5975147e08f33d6e4ca82cfed56
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
4711e4d5830b6ff013d9e0b6db290031f6ba3377f4480a2ecea16be6d0b4be48
49843610a21ee923bdec4d71775cbde80546a3d42e6b026c989bb120e2e664eb
4d8b4f85860c6f87fb76f7ac6af96a470d3b04ecf29f5db4e932279ca3dcf24b
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e456120586b6aa32063f5fa02a768a513c4605725d1ce36970c2f9f06e16376
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5339753b63bde24bb059d325dd5a8514d040bc5afc234b280ee0401c05424962
55349cc42a969e115f651f3820bdd02d7489a21936e0e7e186133ec40b5a2b71
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5d8f04969ad7e1a70d53cca8f35f91d3a4f6bddbe86f32ca29ec0fa5ab6d6777
5ebffa8d62c74ac74115fad19b69f43a291056d1ed9a1e42154744bc1d9af6d3
6349773dabd47cdd72617de07458af5eedceca03fc8e604fc028e2a29bb2f1e1
67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7
6d00803227cc83b92a70fc2977de7bdcfe7e6129b5d8d0820fce0de17867b677
6dbe00201def9dbf69293b028055f8ea0513ef52cb1f2e60212a5061c37d283d
6dc755750023fdfc750d9ff02ad2c5249c1a732e167a6f4684589ffb5f9fbb44
6f293e85b57979f8b60faf784b11b159858ebeae3abd3a50928d078d6c9833d1
7193ea5654497d2356d0a690e3e50f39767fbff4335e57a3443c1435d648a1f2
720de15d9dfbcbfdf4e83799f0ff80214a4a1ca899149e5e8e5f9a1414d1abaf
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
7281c6ddf4da96e9b18dfd674540e531297797c9ed7dcd5c270c373db0cbd7d0
79c720a45b0536c9a3dea1d9803f5e663751e49226491c84f6e7903d87b8eb19
81422e7b0b20334fb7aaece03998a2a53c8430104ee3f3255ff038317192df8e
81a8de60a56f0e57a099bc7d623c84f8526615a6659f8d2704c600e5b79e7ef1
81e6cbee03bfc5ae960efba774c8403ea03a7c9de5f203c1000db20287c6daf3
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8b7a5ce48e7e6a77ba8c97eae67a4556c325b7a80ad8bc1e831d08069e8ed37c
8e497502ccd62847fe887656d239686ad1c7ee291f3a27a5ee4bb74eb09e3bb5
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107
aa88fa9731a6021cd8c0f80ef76476fd055a9cf0bff3ad9fbefbedbd255e26fa
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
af49f53268c08752ca4c11e7f467dbb93d1c3a192a123c837e278869754f94f7
af9a953b12a4994939f45054e31302a7b1f59577f69c21376821cf9b922b414b
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753
b0f1a9c51bba1dcee1d41590883ea668d0cd1a1bf19c81e918cb1617805cd8de
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9
bba05a999896e6d09e9a37b69ebb5e282d8aa0b20a5fd94a3d2a6f0a43a16a6c
c60d95afdfb06b36758c44ee23b82f5c5504f0119a2c86d83c990821e8f5cae6
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
cf56bcceaf23dba6d290e2c6739ac2bab77b36e03c20a48cdbe49bcfe2fb31d0
d00309ba24e28a196d0ce99ced950476954b7435a539e5157556cdb4c23fd310
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de27d8901cbc3c7069d94a4c89267f10861e5eb1a1d906871e3ca75102562f1b
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aef0aba15680c1b745414a7c7bc39cdbeda17f1de0c7bf57bf90378b6a5d26
e8ef8e78f08ac34193423319b86566a442440ec663d09f26911e9fa10c4c9db7
e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c
eee5d4b33b49d21af643b7c5827d5d9aa8dd4bc75d7b72ec761c9927bec2993e
f1551d0d58ad6979fd7597990d8315ed7d741ba57296505f6463f6b5a0c32acc
f5718b18f5a27e73cf8ed785fc2039781dbe2d0cf2cc741993ea795cbda96535
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

d3nfa3f6tqjjbl.cloudfront.net Open in urlscan Pro 2600:9000:23ca:e00:1a:21fd:a440:21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

95 %HTTPS

60 %IPv6

12 Domains

19 Subdomains

11 IPs

5 Countries

2838 kBTransfer

4255 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

d3nfa3f6tqjjbl.cloudfront.net Open in urlscan Pro
2600:9000:23ca:e00:1a:21fd:a440:21 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

95 %
HTTPS

60 %
IPv6

12
Domains

19
Subdomains

11
IPs

5
Countries

2838 kB
Transfer

4255 kB
Size

8
Cookies

84 HTTP transactions
0 data transactions