chaow.xyz Open in urlscan Pro
2606:4700:4400::ac40:93a9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://chaow.xyz/
Effective URL:
https://chaow.xyz/
Submission: On November 29 via api (November 29th 2023, 3:52:23 am UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 44 HTTP transactions. The main IP is 2606:4700:4400::ac40:93a9, located in United States and belongs to CLOUDFLARENET, US. The main domain is chaow.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2023. Valid for: a year.

This is the only time chaow.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:440... 2606:4700:4400::6812:2857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:440... 2606:4700:4400::ac40:93a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2600:9000:206... 2600:9000:206f:8c00:4:b4b9:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.138.6.236 108.138.6.236	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:440... 2606:4700:4400::ac40:9a0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
44	11

1 2606:4700:4400::6812:2857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

chaow.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::ac40:93a9 (United States)

ASN13335 (CLOUDFLARENET, US)

chaow.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:206f:8c00:4:b4b9:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

substackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.6.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-236.fra56.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:9a0b (United States)

ASN13335 (CLOUDFLARENET, US)

substack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	substackcdn.com substackcdn.com — Cisco Umbrella Rank: 17917	1 MB
8	chaow.xyz 1 redirects chaow.xyz	29 KB
6	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899 cloudflareinsights.com — Cisco Umbrella Rank: 881	14 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	232 KB
3	substack.com substack.com — Cisco Umbrella Rank: 17604	8 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	563 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	563 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	3 KB
2	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1471	95 KB
2	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 5817	4 KB
1	gstatic.com fonts.gstatic.com	14 KB
44	11

	Domain	Requested by
14	substackcdn.com	chaow.xyz substack.com
8	chaow.xyz	1 redirects chaow.xyz substackcdn.com
4	cloudflareinsights.com	static.cloudflareinsights.com www.datadoghq-browser-agent.com
3	www.googletagmanager.com	substackcdn.com www.googletagmanager.com
3	substack.com	substackcdn.com substack.com
2	www.google.de
2	www.google.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.datadoghq-browser-agent.com	chaow.xyz substack.com
2	static.cloudflareinsights.com	chaow.xyz substack.com
2	js.sentry-cdn.com	chaow.xyz substack.com
1	fonts.gstatic.com	chaow.xyz
44	12

This site contains links to these domains. Also see Links.

Domain
substack.com

Subject Issuer	Validity	Valid
chaow.xyz Cloudflare Inc ECC CA-3	`2023-07-04` - `2024-07-02`	a year	crt.sh
substackcdn.com Amazon RSA 2048 M02	`2023-03-14` - `2024-04-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
substack.com Cloudflare Inc ECC CA-3	`2023-09-13` - `2024-09-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://chaow.xyz/
Frame ID: 5377E0D79CF4CA505935E5B3588982D1
Requests: 27 HTTP requests in this frame

Frame: https://substack.com/channel-frame
Frame ID: E5164BEBD64D131EE1C7BFC9725CFE73
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Future Mosaic | Chao Wang | Substack

Page URL History Show full URLs

http://chaow.xyz/ HTTP 301
https://chaow.xyz/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

44
Requests

100 %
HTTPS

92 %
IPv6

11
Domains

12
Subdomains

11
IPs

2
Countries

1514 kB
Transfer

5120 kB
Size

12
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://substack.com/@futuremosaic
Title: Chao Wang

Search URL Search Domain Scan URL

URL: https://substack.com/tos
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://substack.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://substack.com/ccpa#personal-data-collected
Title: Information Collection Notice

Search URL Search Domain Scan URL

URL: https://substack.com/signup?utm_source=substack&utm_medium=web&utm_content=footer
Title: Start Writing

Search URL Search Domain Scan URL

URL: https://substack.com/app/app-store-redirect?utm_campaign=app-marketing&utm_content=web-footer-button
Title: Get the app

Search URL Search Domain Scan URL

URL: https://substack.com/
Title: Substack

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://chaow.xyz/ HTTP 301
https://chaow.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
chaow.xyz/
Redirect Chain

http://chaow.xyz/
https://chaow.xyz/

240 KB
22 KB

427ms
379ms

Document
text/html

2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chaow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9af10e96807cb86fa03217c1dfb7353f6d67d52da494928f240fd338d87fdb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: MISS
cf-ray: 82d7e5aa9bdd6939-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 29 Nov 2023 03:52:18 GMT
etag: W/"3c1fe-usQrs+xtgty88curHW4e3BEtG0M"
link: <https://substackcdn.com>; rel=preconnect
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cluster: substack
x-deploy: 7c6c9a7e8b
x-frame-options: sameorigin
x-powered-by: Express
x-served-by: Substack
x-sub: futuremosaic

Redirect headers

CF-RAY: 82d7e5aa1ae39030-FRA
Connection: keep-alive
Content-Length: 0
Date: Wed, 29 Nov 2023 03:52:18 GMT
Location: https://chaow.xyz/
Server: cloudflare
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.963dfe53fbb019933f38.css
substackcdn.com/bundle/theme/ 476 KB
66 KB 108ms
26ms Stylesheet
text/css 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/theme/main.963dfe53fbb019933f38.css
Requested by: Host: chaow.xyz
URL: https://chaow.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ace3430bf3da35fd677dcbd8a735dfd9f44318a934fa31ca37b4599777700450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 16:52:05 GMT
content-encoding: gzip
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 39614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Sun, 26 May 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Mon, 27 Nov 2023 16:44:44 GMT
server: AmazonS3
etag: W/"963dfe53fbb019933f384eb98e0da3ec"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: XIUyOv6-cDw9xaM_E3-ovwdD4wf3EiiH_MnAUeJXvjunu8aCbcNNVg==

GET
H2 200 main.f7e56df5253f537e26b8.css
substackcdn.com/bundle/ 367 KB
46 KB 135ms
53ms Stylesheet
text/css 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/main.f7e56df5253f537e26b8.css
Requested by: Host: chaow.xyz
URL: https://chaow.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79f5659b644ef0d3003fe9ccde9810ddb5e63548669438fccfe06f9968f7e4ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 22:55:57 GMT
content-encoding: br
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 17782
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Mon, 27 May 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Tue, 28 Nov 2023 22:41:34 GMT
server: AmazonS3
etag: W/"5763682fdeba482b159eccc09792404f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: IVDmMUA5xcYDYexYaReic8QCZklPFqlXs4XoeWcQhyAS457cayHMsg==

GET
H2 200 rnCr-xNNww_2s0amA9M5knjsS_ul.woff2
fonts.gstatic.com/s/spectral/v13/ 13 KB
14 KB 75ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spectral/v13/rnCr-xNNww_2s0amA9M5knjsS_ul.woff2

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

478eee9ac68ef242aeda59b8b37b388003eb3eac12af90b8c38fa65d3a34f3a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chaow.xyz/
Origin: https://chaow.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:54:19 GMT
x-content-type-options: nosniff
age: 316679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13780
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 22:36:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 11:54:19 GMT

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff337c8a9-5c2a-4dd2-a2de-34ffcc02571d_512x512.png
substackcdn.com/image/fetch/w_96,c_limit,f_auto,q_auto:good,fl_progressive:steep/ 4 KB
4 KB 202ms
121ms Image
image/jpeg 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_96,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff337c8a9-5c2a-4dd2-a2de-34ffcc02571d_512x512.png

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

d08ff4d89b6c5100dc7f6885fe0b84a4d901f4e4b1329f8bbc0ca1c64c4dd7ca

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:09:20 GMT
content-security-policy: script-src 'none'
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 56578
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="f337c8a9-5c2a-4dd2-a2de-34ffcc02571d_512x512.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 3841
x-request-id: t4mrAAFSx1uXio_W-MtQ-
server: imgproxy
etag: "BFcyhJUgw6kDr9UPxBpSsKXSMElaOAVla8V55nXtu48/RImFlNzhjMWI2MzI0MDQ4NTNjYjk0NTAxMzBlODU5NDA5Ig"
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-id: 4C16IrKnbJ7jE88YWKh-XAkeSVhhzzc6BR7pxgSFRrkcvfYSfCz5ew==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F529653e7-eede-4289-b40a-62ee0f158309_4096x4096.jpeg
substackcdn.com/image/fetch/w_848,h_565,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_center/ 133 KB
134 KB 651ms
569ms Image
image/webp 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_848,h_565,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_center/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F529653e7-eede-4289-b40a-62ee0f158309_4096x4096.jpeg

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

2d0b6fec78ce75b235afef2612b5355d174095003914f0fc6f444d7e062f1838

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:52:19 GMT
content-security-policy: script-src 'none'
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
server: imgproxy
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: "wyQjTwQTUXkBnMU8wTOlWpu_yQXt1YOC0F8UiMKljrU/RImEyYWIyODQ3NjJmMjlhYzE0MjZlMzNhYjQyY2U3YTBkIg"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="529653e7-eede-4289-b40a-62ee0f158309_4096x4096.webp"
alt-svc: h3=":443"; ma=86400
content-length: 136646
x-amz-cf-id: _vhB7qg9bQCnn6yCe48ltDsS6yjESQElTbQfwouns_JM31rVOV3v8w==
x-request-id: wNV3YmyoQ-unc_jY6UQnb

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff337c8a9-5c2a-4dd2-a2de-34ffcc02571d_512x512.png
substackcdn.com/image/fetch/w_88,c_limit,f_auto,q_auto:good,fl_progressive:steep/ 3 KB
4 KB 196ms
120ms Image
image/jpeg 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_88,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff337c8a9-5c2a-4dd2-a2de-34ffcc02571d_512x512.png

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

22834bce08a8a6f03d18d155133ab5c36ba43971eddb1c1ba289796225375b69

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:09:20 GMT
content-security-policy: script-src 'none'
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 56578
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="f337c8a9-5c2a-4dd2-a2de-34ffcc02571d_512x512.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 3478
x-request-id: ws0PlB0OX2ZL2RIgcsu4L
server: imgproxy
etag: "KpEvGLcOf77HgKHSbtA4DR-5GlsPYs2nTXoNQFZEZZ4/RImFlNzhjMWI2MzI0MDQ4NTNjYjk0NTAxMzBlODU5NDA5Ig"
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-id: 6AgogxUejOEycUKQ-BjezOaFkUPQrZxpov7sj-olTAeT1M_SSkKGbQ==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff337c8a9-5c2a-4dd2-a2de-34ffcc02571d_512x512.png
substackcdn.com/image/fetch/w_264,c_limit,f_webp,q_auto:best,fl_progressive:steep/ 50 KB
50 KB 198ms
122ms Image
image/webp 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_264,c_limit,f_webp,q_auto:best,fl_progressive:steep/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Ff337c8a9-5c2a-4dd2-a2de-34ffcc02571d_512x512.png

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

e7e2f399341f249250d00255c3118331d520efd327013c5c2d8f0d14586d6ed0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:09:20 GMT
content-security-policy: script-src 'none'
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 56578
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="f337c8a9-5c2a-4dd2-a2de-34ffcc02571d_512x512.webp"
alt-svc: h3=":443"; ma=86400
content-length: 50838
x-request-id: Jwf6F5GxlUSZo12U_y4KM
server: imgproxy
etag: "UamCbJlPhUkLk3YB3RPHsM8ARwwxWfdNyhiHSRBXRxw/RImFlNzhjMWI2MzI0MDQ4NTNjYjk0NTAxMzBlODU5NDA5Ig"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: jQp5LJV14wNm9K1dWjfIx1tfd0afe2SwhDwFJEiA_FoNyPPvk317GQ==

GET
H2 200 6c2ff3e3828e4017b7faf7b63e24cdf8.min.js Show response
js.sentry-cdn.com/ 2 KB
2 KB 71ms
24ms Script
text/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/6c2ff3e3828e4017b7faf7b63e24cdf8.min.js

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f13b0179776799676c3415bd18e9ba3a80b4b6fa68b5c7e6a5b0c82b0769bc18

Security Headers

Name	Value
Content-Security-Policy	img-src blob: data: ; font-src data:; connect-src 'self' sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; style-src 'unsafe-inline' ; frame-src js.stripe.com sentry.io; frame-ancestors 'self' .sentry.io; media-src ; object-src 'self'; base-uri 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=b6f9ad2005ffeca64bda26669a071d818c3751da
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chaow.xyz/
Origin: https://chaow.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: img-src blob: data: *; font-src * data:; connect-src 'self' sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; style-src 'unsafe-inline' *; frame-src js.stripe.com sentry.io; frame-ancestors 'self' *.sentry.io; media-src *; object-src 'self'; base-uri 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=b6f9ad2005ffeca64bda26669a071d818c3751da
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 03:52:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 37
x-envoy-upstream-service-time: 32
content-length: 1224
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-ffb6cf77f-8sz2f, cache-chi-kigq8000087-CHI, cache-fra-eddf8230037-FRA
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
content-language: en
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.9ba860679a3472987ad3.bundle.js Show response
substackcdn.com/bundle/ 2 MB
644 KB 57ms
57ms Script
application/javascript 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/main.9ba860679a3472987ad3.bundle.js
Requested by: Host: chaow.xyz
URL: https://chaow.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c066bd06121b43350d92f9187f5942a48332e156cd21c443a0e326d99364bad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 00:36:10 GMT
content-encoding: br
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 11769
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Tue, 28 May 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Wed, 29 Nov 2023 00:07:28 GMT
server: AmazonS3
etag: W/"b10315826c4e431fbb4839999059bd6c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: ArtyPSJDGM62n-P9_y8T8tg8CYI3PwB1xDk_zbgeRQvzGonJlr4pvA==

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 20 KB
7 KB 97ms
50ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: chaow.xyz
URL: https://chaow.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:52:18 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 82d7e5ad7cf72c65-FRA

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fca74be9a-8f56-4709-af3f-4bf3055d148a_2000x1500.jpeg
substackcdn.com/image/fetch/w_320,h_213,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_center/ 7 KB
7 KB 121ms
120ms Image
image/webp 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_320,h_213,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_center/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fca74be9a-8f56-4709-af3f-4bf3055d148a_2000x1500.jpeg

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

68dbc7ef400d84e7cc670c93d3dcb1b4d42b33aff3dcd9acebbb1ccec892615c

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:09:23 GMT
content-security-policy: script-src 'none'
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 56575
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="ca74be9a-8f56-4709-af3f-4bf3055d148a_2000x1500.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6780
x-request-id: vplZuLVB1czUvf2bho8Yy
server: imgproxy
etag: "7iB3qrOsRDoXXjCq3o1xIubbBpzlDrQjnfMSzCM-oCk/RImQyOWQyMGIyMzYzYmQ1NzYxYzNiNGEwN2ViMjg2MWJiIg"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: DrZLWybJY2GSUOItdnlNt2HVUExbJ3Rodc5Cwmw8Fz3PKd7BMZeKVA==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3d93b8d1-6afd-44ee-b9ab-618e076a002a_4096x3072.jpeg
substackcdn.com/image/fetch/w_320,h_213,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_center/ 23 KB
23 KB 122ms
121ms Image
image/webp 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_320,h_213,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_center/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F3d93b8d1-6afd-44ee-b9ab-618e076a002a_4096x3072.jpeg

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

e26b5b78c6fe04e1cc4cdf08249c6814cb535ef20345d7b467ac909028961ffe

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:09:23 GMT
content-security-policy: script-src 'none'
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 56575
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="3d93b8d1-6afd-44ee-b9ab-618e076a002a_4096x3072.webp"
alt-svc: h3=":443"; ma=86400
content-length: 23460
x-request-id: dCbDCikJIOtj5Qnq-mvC0
server: imgproxy
etag: "7iB3qrOsRDoXXjCq3o1xIubbBpzlDrQjnfMSzCM-oCk/RIjI4ZTU0ZDJkN2VhZTM4NTc0YmI5YjU5Yzk1Y2U3NTFmIg"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: HbblHNxxYVbvzBP9NTCHMO3ZhxoUoRw-nsG1C43zJhBS-meb3U_mUw==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2e719993-b2f2-4cc1-bfec-87254408a3de_3456x2304.jpeg
substackcdn.com/image/fetch/w_320,h_213,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_center/ 9 KB
9 KB 120ms
120ms Image
image/webp 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substackcdn.com/image/fetch/w_320,h_213,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_center/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F2e719993-b2f2-4cc1-bfec-87254408a3de_3456x2304.jpeg

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

5191c1829e1a1dea9efb243ec3230a8945a343e2bdf567c05e293b2710aca118

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:09:23 GMT
content-security-policy: script-src 'none'
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 56575
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="2e719993-b2f2-4cc1-bfec-87254408a3de_3456x2304.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9042
x-request-id: lBI_2yvSiwzQGkrdF-qA7
server: imgproxy
etag: "7iB3qrOsRDoXXjCq3o1xIubbBpzlDrQjnfMSzCM-oCk/RIjAxMTJiNWQ4NjU2MWRlZTIwZGM3YWE4YmVmODViYTU3Ig"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: 46pHH8u5OttNVj9PSBkUidueISK__iGDA51VR9UFsqt3CMk5rQrKiw==

GET
H2 200 https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2Fae75fa1b-91f7-4a4c-9a7e-313fcf750e67_768x768.jpeg
substackcdn.com/image/fetch/w_320,h_213,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_center/ 19 KB
20 KB 125ms
125ms Image
image/webp 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgproxy / Express

Resource Hash

fba47821fdb6c667fe2c929e30d10ef4c78e3814341b136f6082dfc725c0adc2

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:09:23 GMT
content-security-policy: script-src 'none'
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 56575
x-powered-by: Express
x-cache: Hit from cloudfront
content-disposition: inline; filename="ae75fa1b-91f7-4a4c-9a7e-313fcf750e67_768x768.webp"
alt-svc: h3=":443"; ma=86400
content-length: 19460
x-request-id: trhuHkXG_9X_5MDYfwgLw
server: imgproxy
etag: "7iB3qrOsRDoXXjCq3o1xIubbBpzlDrQjnfMSzCM-oCk/RIjMzNWM1MDc1NzY3YjlkOGNjNTg0NDY5YWJmM2Q0NGFmIg"
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-id: G1k6S-nS9PylOqELAG7vC6PouglrlTuZL0P1IDyuurpvYEyqvcJ0zg==

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 150 KB
48 KB 96ms
25ms Script
application/javascript 108.138.6.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: chaow.xyz
URL: https://chaow.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-236.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:51:42 GMT
content-encoding: br
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 37
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: B7dwmpHGwNGdRRruf6159dywUegUT2xFcmi9aM89WRBU1m_dvTZAWg==

GET
H2 200 channel-frame Show response
substack.com/ Frame E516 25 KB
7 KB 217ms
155ms Document
text/html 2606:4700:4400::ac40:9a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://substack.com/channel-frame

Requested by

Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.9ba860679a3472987ad3.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

41c6fb93940eac71fa83e54209e63771fc999851f8bc1c435f2636ee4246fb1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://chaow.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82d7e5b1bdd39142-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 29 Nov 2023 03:52:19 GMT
etag: W/"6528-PAY2RArEM02yyrpzCTMm6XzqkWE"
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cluster: substack
x-deploy: 7c6c9a7e8b
x-powered-by: Express
x-served-by: Substack

GET
H2 200 firehose
chaow.xyz/api/v1/ 35 B
945 B 143ms
142ms Image
image/gif 2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chaow.xyz/api/v1/firehose?_=1701229939312&d=eyJldmVudCI6IlBhZ2VzIiwicHJvcGVydGllcyI6eyJicm93c2VyU2Vzc2lvbklkIjoiM3g1NnBqdDV1Y2MiLCJpZnJhbWVWaXNpdElkIjpmYWxzZX0sImNvbnRleHQiOnsiY2xpZW50X3R5cGUiOiJ3ZWIiLCJkaXNwbGF5TW9kZSI6ImJyb3dzZXIiLCJwYWdlIjp7InJlZmVycmVyIjoiIiwidGl0bGUiOiJGdXR1cmUgTW9zYWljIHwgQ2hhbyBXYW5nIHwgU3Vic3RhY2siLCJ1cmwiOiJodHRwczovL2NoYW93Lnh5ei8ifSwiY2FtcGFpZ24iOnt9fX0%3D

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:52:19 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 7c6c9a7e8b
cache-control: no-cache
cf-ray: 82d7e5b1bf316939-FRA
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H3 200 homepage_data Show response
chaow.xyz/api/v1/ 96 B
1 KB 143ms
143ms XHR
application/json 2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chaow.xyz/api/v1/homepage_data

Requested by

Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.9ba860679a3472987ad3.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b4d8bd7fa73b13e2c19e10add81a02de7087352629db6b97fe2372b9c5bfcdd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:52:19 GMT
strict-transport-security: max-age=31536000
x-cluster: substack
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"60-JSxVdSDI/kpTdXBA7qz6JjAmYbU"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-deploy: 7c6c9a7e8b
cache-control: no-cache
cf-ray: 82d7e5b209328fec-FRA
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H3 200 firehose
chaow.xyz/api/v1/ 35 B
1 KB 141ms
141ms Image
image/gif 2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chaow.xyz/api/v1/firehose?_=1701229939518&d=eyJldmVudCI6IkZ1bGwgRW1haWwgRm9ybSBTaG93biIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6IjN4NTZwanQ1dWNjIiwiaWZyYW1lVmlzaXRJZCI6ZmFsc2UsInNvdXJjZSI6ImNvdmVyX3BhZ2UiLCJmdW5jdGlvbmFsX3ZlcnNpb24iOnRydWV9LCJjb250ZXh0Ijp7ImNsaWVudF90eXBlIjoid2ViIiwiZGlzcGxheU1vZGUiOiJicm93c2VyIiwicGFnZSI6eyJyZWZlcnJlciI6IiIsInRpdGxlIjoiRnV0dXJlIE1vc2FpYyB8IENoYW8gV2FuZyB8IFN1YnN0YWNrIiwidXJsIjoiaHR0cHM6Ly9jaGFvdy54eXovIn0sImNhbXBhaWduIjp7fX19

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:52:19 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 7c6c9a7e8b
cache-control: no-cache
cf-ray: 82d7e5b209348fec-FRA
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H3 200 firehose
chaow.xyz/api/v1/ 35 B
1 KB 146ms
146ms Image
image/gif 2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chaow.xyz/api/v1/firehose?_=1701229939519&d=eyJldmVudCI6IkNvdmVyIFBhZ2UgU2hvd24iLCJwcm9wZXJ0aWVzIjp7ImJyb3dzZXJTZXNzaW9uSWQiOiIzeDU2cGp0NXVjYyIsImlmcmFtZVZpc2l0SWQiOmZhbHNlLCJoYXNfY292ZXJfcGhvdG8iOmZhbHNlLCJoYXNfZnJlZV9zaWdudXBfZW1haWwiOmZhbHNlLCJoYXNfZnJlZV9zaWdudXAiOmZhbHNlLCJmdW5jdGlvbmFsX3ZlcnNpb24iOnRydWUsImxhdW5jaF93ZWxjb21lX3BhZ2UiOnRydWUsImhpZGRlbiI6ZmFsc2UsInRlc3RfZXhwZXJpbWVudF92YXJpYW50IjoiY29udHJvbCIsInRlc3RfZXhwZXJpbWVudF92YXJpYW50X3YzIjpudWxsfSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsImRpc3BsYXlNb2RlIjoiYnJvd3NlciIsInBhZ2UiOnsicmVmZXJyZXIiOiIiLCJ0aXRsZSI6IkZ1dHVyZSBNb3NhaWMgfCBDaGFvIFdhbmcgfCBTdWJzdGFjayIsInVybCI6Imh0dHBzOi8vY2hhb3cueHl6LyJ9LCJjYW1wYWlnbiI6e319fQ%3D%3D

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:52:19 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 7c6c9a7e8b
cache-control: no-cache
cf-ray: 82d7e5b209358fec-FRA
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

POST
H3 200 experiment_exposure Show response
chaow.xyz/api/v1/ 2 B
1 KB 200ms
200ms XHR
text/plain 2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chaow.xyz/api/v1/experiment_exposure

Requested by

Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.9ba860679a3472987ad3.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://chaow.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Nov 2023 03:52:19 GMT
strict-transport-security: max-age=31536000
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
x-deploy: 7c6c9a7e8b
cache-control: no-cache
cf-ray: 82d7e5b209388fec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2
x-served-by: Substack

GET
H3 200 channelFrame.d41d8cd98f00b204e980.css
substackcdn.com/bundle/theme/ Frame E516 0
417 B 24ms
24ms Stylesheet
text/css 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/theme/channelFrame.d41d8cd98f00b204e980.css
Requested by: Host: substack.com
URL: https://substack.com/channel-frame
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 08:01:33 GMT
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 71592
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-expiration: expiry-date="Sat, 18 May 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Sun, 19 Nov 2023 16:43:48 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: dCUA1dvOOVPK5Yhs9pfdLwMUqcQ5fIRalTBT7tHPWMJlo5fENzg7ZQ==

GET
H3 200 channelFrame.c660662fde39b4671c64.css
substackcdn.com/bundle/ Frame E516 14 KB
3 KB 24ms
24ms Stylesheet
text/css 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/channelFrame.c660662fde39b4671c64.css
Requested by: Host: substack.com
URL: https://substack.com/channel-frame
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e63b2a0b2c6578f2994354df47785e8cfeaf3d1335d38989c532d1afcbe6eee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 08:59:06 GMT
content-encoding: gzip
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
age: 68089
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Thu, 16 May 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Fri, 17 Nov 2023 23:35:27 GMT
server: AmazonS3
etag: W/"a2d84bc6baed836048d978c0d1c24629"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: 0kQI5c8uDnWgZ7v-3o4AxycrgzzGqTyRIQBdmsP291KgYhkWowcfFg==

GET
H2 200 6c2ff3e3828e4017b7faf7b63e24cdf8.min.js Show response
js.sentry-cdn.com/ Frame E516 2 KB
1 KB 22ms
22ms Script
text/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/6c2ff3e3828e4017b7faf7b63e24cdf8.min.js

Requested by

Host: substack.com
URL: https://substack.com/channel-frame

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f13b0179776799676c3415bd18e9ba3a80b4b6fa68b5c7e6a5b0c82b0769bc18

Security Headers

Name	Value
Content-Security-Policy	img-src blob: data: ; font-src data:; connect-src 'self' sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; style-src 'unsafe-inline' ; frame-src js.stripe.com sentry.io; frame-ancestors 'self' .sentry.io; media-src ; object-src 'self'; base-uri 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=b6f9ad2005ffeca64bda26669a071d818c3751da
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://substack.com/
Origin: https://substack.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: img-src blob: data: *; font-src * data:; connect-src 'self' sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; style-src 'unsafe-inline' *; frame-src js.stripe.com sentry.io; frame-ancestors 'self' *.sentry.io; media-src *; object-src 'self'; base-uri 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=b6f9ad2005ffeca64bda26669a071d818c3751da
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 03:52:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 38
x-envoy-upstream-service-time: 32
content-length: 1224
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-ffb6cf77f-8sz2f, cache-chi-kigq8000087-CHI, cache-fra-eddf8230037-FRA
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
content-language: en
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 channelFrame.f65daac92adf6d520f19.bundle.js Show response
substackcdn.com/bundle/ Frame E516 339 KB
104 KB 25ms
25ms Script
application/javascript 2600:9000:206f:8c00:4:b4b9:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://substackcdn.com/bundle/channelFrame.f65daac92adf6d520f19.bundle.js
Requested by: Host: substack.com
URL: https://substack.com/channel-frame
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:206f:8c00:4:b4b9:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b52f76e3bd88f28d5bd9715cf0796b9160880db285af94f8544015ed444b4381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 00:36:12 GMT
content-encoding: br
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
age: 11768
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-expiration: expiry-date="Tue, 28 May 2024 00:00:00 GMT", rule-id="StaticAssetIntelligentTiering"
last-modified: Wed, 29 Nov 2023 00:07:28 GMT
server: AmazonS3
etag: W/"060e8d6f8a649e6cc079bc376017669b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: jHd71cPqJOK6WgfyOpc8sQVjlwgbTSqom0ilb2vQs2eNCmgLK0drVw==

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame E516 20 KB
7 KB 90ms
90ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: substack.com
URL: https://substack.com/channel-frame
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:52:19 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 82d7e5b2a8142c65-FRA

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ Frame E516 150 KB
48 KB 25ms
25ms Script
application/javascript 108.138.6.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: substack.com
URL: https://substack.com/channel-frame
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-236.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:51:42 GMT
content-encoding: br
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 38
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: 2Ael6f0oFPgSyBMgUU0RhY8KVFsQRstMG7ZtKZoHK9C22i48QEXERw==

GET
H2 200 firehose
substack.com/api/v1/ Frame E516 35 B
197 B 139ms
139ms Image
image/gif 2606:4700:4400::ac40:9a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substack.com/api/v1/firehose?_=1701229939755&d=eyJldmVudCI6IlBhZ2VzIiwicHJvcGVydGllcyI6eyJicm93c2VyU2Vzc2lvbklkIjoiaWx5cTJnbXE5b2oiLCJpZnJhbWVWaXNpdElkIjp7ImlkIjoiMWI3NjBlNjYtOTM4ZC00ZjFmLThhYjctY2IzMGUwMTdhYTJkIiwidGltZXN0YW1wIjoiMjAyMy0xMS0yOVQwMzo1MjoxOS43NTJaIn19LCJjb250ZXh0Ijp7ImNsaWVudF90eXBlIjoid2ViIiwiZGlzcGxheU1vZGUiOiJicm93c2VyIiwicGFnZSI6eyJyZWZlcnJlciI6Imh0dHBzOi8vY2hhb3cueHl6LyIsInRpdGxlIjoiIiwidXJsIjoiaHR0cHM6Ly9zdWJzdGFjay5jb20vY2hhbm5lbC1mcmFtZSJ9LCJjYW1wYWlnbiI6e319fQ%3D%3D

Requested by

Host: substack.com
URL: https://substack.com/channel-frame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://substack.com/channel-frame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:52:19 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 7c6c9a7e8b
cache-control: no-cache
cf-ray: 82d7e5b38f189142-FRA
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H2 200 firehose
substack.com/api/v1/ Frame E516 35 B
189 B 150ms
150ms Image
image/gif 2606:4700:4400::ac40:9a0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://substack.com/api/v1/firehose?_=1701229939756&d=eyJldmVudCI6IkZyYW1lIE1lc3NhZ2UgU2VudCIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6ImlseXEyZ21xOW9qIiwiaWZyYW1lVmlzaXRJZCI6eyJpZCI6IjFiNzYwZTY2LTkzOGQtNGYxZi04YWI3LWNiMzBlMDE3YWEyZCIsInRpbWVzdGFtcCI6IjIwMjMtMTEtMjlUMDM6NTI6MTkuNzUyWiJ9LCJoYXNVc2VyU3RhdGUiOmZhbHNlfSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsImRpc3BsYXlNb2RlIjoiYnJvd3NlciIsInBhZ2UiOnsicmVmZXJyZXIiOiJodHRwczovL2NoYW93Lnh5ei8iLCJ0aXRsZSI6IiIsInVybCI6Imh0dHBzOi8vc3Vic3RhY2suY29tL2NoYW5uZWwtZnJhbWUifSwiY2FtcGFpZ24iOnt9fX0%3D

Requested by

Host: substack.com
URL: https://substack.com/channel-frame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://substack.com/channel-frame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:52:19 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 7c6c9a7e8b
cache-control: no-cache
cf-ray: 82d7e5b38f199142-FRA
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H3 200 firehose
chaow.xyz/api/v1/ 35 B
1 KB 140ms
140ms Image
image/gif 2606:4700:4400::ac40:93a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chaow.xyz/api/v1/firehose?_=1701229939758&d=eyJldmVudCI6IkZyYW1lIE1lc3NhZ2UgSGFuZGxlZCIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6IjN4NTZwanQ1dWNjIiwiaWZyYW1lVmlzaXRJZCI6ZmFsc2UsImxvZ2dlZEluQXRTdWJzdGFjayI6ZmFsc2UsImxvZ2dlZEluQXRDdXN0b21Eb21haW4iOmZhbHNlLCJhdHRlbXB0UmVkaXJlY3QiOmZhbHNlfSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsImRpc3BsYXlNb2RlIjoiYnJvd3NlciIsInBhZ2UiOnsicmVmZXJyZXIiOiIiLCJ0aXRsZSI6IkZ1dHVyZSBNb3NhaWMgfCBDaGFvIFdhbmcgfCBTdWJzdGFjayIsInVybCI6Imh0dHBzOi8vY2hhb3cueHl6LyJ9LCJjYW1wYWlnbiI6e319fQ%3D%3D

Requested by

Host: chaow.xyz
URL: https://chaow.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:93a9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:52:19 GMT
x-cluster: substack
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000
x-powered-by: Express
vary: Accept-Encoding
content-type: image/gif
x-deploy: 7c6c9a7e8b
cache-control: no-cache
cf-ray: 82d7e5b389eb8fec-FRA
alt-svc: h3=":443"; ma=86400
x-served-by: Substack

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame E516 257 KB
87 KB 84ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TLW0DF6G5V&l=localGaDataLayer

Requested by

Host: substackcdn.com
URL: https://substackcdn.com/bundle/channelFrame.f65daac92adf6d520f19.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

295f01b388e2848eaab3ba652a0098b585ae0de4ff9cf599015c7ded7e59172c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:52:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89357
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Nov 2023 03:52:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
73 KB 78ms
30ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer

Requested by

Host: substackcdn.com
URL: https://substackcdn.com/bundle/main.9ba860679a3472987ad3.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b26c43dba9ff6c3d6137499fc09e2a5de577aafcbe6756a64437ffdba52aedd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:52:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73856
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Nov 2023 03:52:19 GMT

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 86ms
24ms Preflight
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://substack.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://substack.com
access-control-max-age: 86400
cf-ray: 82d7e5b4e8c637fe-FRA
content-encoding: gzip
content-type: text/plain
date: Wed, 29 Nov 2023 03:52:19 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 204 rum Show response
cloudflareinsights.com/cdn-cgi/ Frame E516 0
60 B 44ms
44ms XHR
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://substack.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Wed, 29 Nov 2023 03:52:20 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://substack.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 82d7e5b518de37fe-FRA

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 84ms
23ms Preflight
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chaow.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://chaow.xyz
access-control-max-age: 86400
cf-ray: 82d7e5b4e8c437fe-FRA
content-encoding: gzip
content-type: text/plain
date: Wed, 29 Nov 2023 03:52:19 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 204 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
37 B 46ms
46ms XHR
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://chaow.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Wed, 29 Nov 2023 03:52:20 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://chaow.xyz
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 82d7e5b518dc37fe-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/ 3 KB
2 KB 83ms
33ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/?random=1701229940060&cv=11&fst=1701229940060&bg=ffffff&guid=ON&async=1&gtm=45be3b81v887153041&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fchaow.xyz%2F&hn=www.googleadservices.com&frm=0&tiba=Future%20Mosaic%20%7C%20Chao%20Wang%20%7C%20Substack&auid=2033269695.1701229940&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd519a5da57e24acdaf0d07738da02cfa8050510abb542d47a9d85216a628045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 03:52:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1275
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame E516 199 KB
72 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TLW0DF6G5V&l=localGaDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a25fd755f73c5bd1b0a5496f7853e35782342092c7077bfd8b64db612e35c0e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 03:52:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73935
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Nov 2023 03:52:20 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/ Frame E516 3 KB
1 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/316245675/?random=1701229940136&cv=11&fst=1701229940136&bg=ffffff&guid=ON&async=1&gtm=45be3b81v887153041&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsubstack.com%2Fchannel-frame&ref=https%3A%2F%2Fchaow.xyz%2F&top=https%3A%2F%2Fchaow.xyz%2F&hn=www.googleadservices.com&frm=2&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-316245675&l=localGaDataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90cd8edbc7d20db7f5a77957c26e03b43fe7dd12f7a4ab886e628ec77e56c997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 03:52:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/316245675/ 42 B
108 B 83ms
33ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/316245675/?random=1701229940060&cv=11&fst=1701226800000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v887153041&u_w=1600&u_h=1200&url=https%3A%2F%2Fchaow.xyz%2F&frm=0&tiba=Future%20Mosaic%20%7C%20Chao%20Wang%20%7C%20Substack&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNBFm2SHTWEW4xPgm0DxmrNAELsHcPDQ&random=2076493109&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 03:52:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/316245675/ 42 B
108 B 86ms
37ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/316245675/?random=1701229940060&cv=11&fst=1701226800000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v887153041&u_w=1600&u_h=1200&url=https%3A%2F%2Fchaow.xyz%2F&frm=0&tiba=Future%20Mosaic%20%7C%20Chao%20Wang%20%7C%20Substack&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNBFm2SHTWEW4xPgm0DxmrNAELsHcPDQ&random=2076493109&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chaow.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 03:52:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/316245675/ Frame E516 42 B
455 B 56ms
32ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/316245675/?random=1701229940136&cv=11&fst=1701226800000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v887153041&u_w=1600&u_h=1200&url=https%3A%2F%2Fsubstack.com%2Fchannel-frame&ref=https%3A%2F%2Fchaow.xyz%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN3rczhlZqj1PG8PXnB4fBu3J1t_suMg&random=2932039893&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 03:52:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/316245675/ Frame E516 42 B
455 B 58ms
34ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/316245675/?random=1701229940136&cv=11&fst=1701226800000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v887153041&u_w=1600&u_h=1200&url=https%3A%2F%2Fsubstack.com%2Fchannel-frame&ref=https%3A%2F%2Fchaow.xyz%2F&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN3rczhlZqj1PG8PXnB4fBu3J1t_suMg&random=2932039893&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 03:52:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.chaow.xyz/	1970-01-21 01:19:25	Name: ab_testing_id Value: %22b6f8dccf-e055-4696-af62-51716a66fc1e%22
.chaow.xyz/	1970-01-20 16:33:51	Name: __cf_bm Value: Mfjmr_kAdNe4wUKYTLZgnAIj16z09bLmUMTEUKu7_uU-1701229938-0-Ae7aLr5AGVCvqIMI/26/SFIUDSK+64G+MjJgyTUSl7BPYx5Eg7PAMIFD/GConrRqXcLfb9g6o+c4umtz3IoMU80=
chaow.xyz/	1970-01-21 01:19:25	Name: ajs_anonymous_id Value: %220a90c621-25db-4dce-b847-7ff8bc4fe870%22
.chaow.xyz/	1970-01-21 01:19:25	Name: ajs_anonymous_id Value: %220a90c621-25db-4dce-b847-7ff8bc4fe870%22
.substack.com/	1970-01-20 16:33:51	Name: __cf_bm Value: CWZfT3f0Q6IaE7c.o4872shSOFqb3IDikQ_c7Ty7484-1701229939-0-AecDhKpAI7GUlCargttd7zUn7brOP+2y8U5NGSOIYBoexYElPlzfsAUMJFCAS0BZAl1vfuYSTVuVhcoJiS8cIK8=
.chaow.xyz/	1970-01-20 16:33:51	Name: visit_id Value: %7B%22id%22%3A%22115d6e48-3340-44e6-8bd9-3f87fd4684c5%22%2C%22timestamp%22%3A%222023-11-29T03%3A52%3A19.644Z%22%7D
.chaow.xyz/	1970-01-20 19:26:37	Name: experiment_test_experiment_v2 Value: control
chaow.xyz/	1970-01-20 16:43:54	Name: AWSALBTG Value: ObJmmf5H6xSW0ihv9xRElCcNmmawfRGCxb4PvJ0V9TQiQA8Kn5WDdDGbAX0fVAt3Of83o06ivoIfJSP2xLsz7PCvnZcr7FCAMikE/wpKPdHTHfyVAdMocIWCDGTcrCP+2VCY9LdOAMA+AWbwWpvS3XzKzZAX2DwaV3o+CmWepx8Y
chaow.xyz/	1970-01-20 16:43:54	Name: AWSALBTGCORS Value: ObJmmf5H6xSW0ihv9xRElCcNmmawfRGCxb4PvJ0V9TQiQA8Kn5WDdDGbAX0fVAt3Of83o06ivoIfJSP2xLsz7PCvnZcr7FCAMikE/wpKPdHTHfyVAdMocIWCDGTcrCP+2VCY9LdOAMA+AWbwWpvS3XzKzZAX2DwaV3o+CmWepx8Y
.chaow.xyz/	1970-01-20 18:43:25	Name: _gcl_au Value: 1.1.2033269695.1701229940
.doubleclick.net/	1970-01-20 16:33:50	Name: test_cookie Value: CheckForPermission
chaow.xyz/	1970-01-20 16:33:50	Name: _dd_s Value: rum=0&expire=1701230839526

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chaow.xyz
cloudflareinsights.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.sentry-cdn.com
static.cloudflareinsights.com
substack.com
substackcdn.com
www.datadoghq-browser-agent.com
www.google.com
www.google.de
www.googletagmanager.com
108.138.6.236
2600:9000:206f:8c00:4:b4b9:d3c0:93a1
2606:4700:4400::6812:2857
2606:4700:4400::ac40:93a9
2606:4700:4400::ac40:9a0b
2606:4700::6810:3965
2a00:1450:4001:811::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a04:4e42:200::729
22834bce08a8a6f03d18d155133ab5c36ba43971eddb1c1ba289796225375b69
295f01b388e2848eaab3ba652a0098b585ae0de4ff9cf599015c7ded7e59172c
2d0b6fec78ce75b235afef2612b5355d174095003914f0fc6f444d7e062f1838
41c6fb93940eac71fa83e54209e63771fc999851f8bc1c435f2636ee4246fb1d
478eee9ac68ef242aeda59b8b37b388003eb3eac12af90b8c38fa65d3a34f3a9
5191c1829e1a1dea9efb243ec3230a8945a343e2bdf567c05e293b2710aca118
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
68dbc7ef400d84e7cc670c93d3dcb1b4d42b33aff3dcd9acebbb1ccec892615c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e63b2a0b2c6578f2994354df47785e8cfeaf3d1335d38989c532d1afcbe6eee
79f5659b644ef0d3003fe9ccde9810ddb5e63548669438fccfe06f9968f7e4ef
90cd8edbc7d20db7f5a77957c26e03b43fe7dd12f7a4ab886e628ec77e56c997
9af10e96807cb86fa03217c1dfb7353f6d67d52da494928f240fd338d87fdb03
a25fd755f73c5bd1b0a5496f7853e35782342092c7077bfd8b64db612e35c0e2
ace3430bf3da35fd677dcbd8a735dfd9f44318a934fa31ca37b4599777700450
b26c43dba9ff6c3d6137499fc09e2a5de577aafcbe6756a64437ffdba52aedd4
b4d8bd7fa73b13e2c19e10add81a02de7087352629db6b97fe2372b9c5bfcdd4
b52f76e3bd88f28d5bd9715cf0796b9160880db285af94f8544015ed444b4381
c066bd06121b43350d92f9187f5942a48332e156cd21c443a0e326d99364bad6
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
d08ff4d89b6c5100dc7f6885fe0b84a4d901f4e4b1329f8bbc0ca1c64c4dd7ca
e26b5b78c6fe04e1cc4cdf08249c6814cb535ef20345d7b467ac909028961ffe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e2f399341f249250d00255c3118331d520efd327013c5c2d8f0d14586d6ed0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13b0179776799676c3415bd18e9ba3a80b4b6fa68b5c7e6a5b0c82b0769bc18
fba47821fdb6c667fe2c929e30d10ef4c78e3814341b136f6082dfc725c0adc2
fd519a5da57e24acdaf0d07738da02cfa8050510abb542d47a9d85216a628045

chaow.xyz Open in urlscan Pro 2606:4700:4400::ac40:93a9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

92 %IPv6

11 Domains

12 Subdomains

11 IPs

2 Countries

1514 kBTransfer

5120 kBSize

12 Cookies

7 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

chaow.xyz Open in urlscan Pro
2606:4700:4400::ac40:93a9 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

92 %
IPv6

11
Domains

12
Subdomains

11
IPs

2
Countries

1514 kB
Transfer

5120 kB
Size

12
Cookies

44 HTTP transactions
0 data transactions