account.wordonfire.org Open in urlscan Pro
2606:4700:10::ac43:2641 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ac.wordonfire.org/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ3d3cud29yZG9uZmlyZS5vcmclMkZtYW5hZ2UteW91ci1lbW...
Effective URL:
https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9k...
Submission: On February 14 via api (February 14th 2024, 9:19:22 pm UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 51 HTTP transactions. The main IP is 2606:4700:10::ac43:2641, located in United States and belongs to CLOUDFLARENET, US. The main domain is account.wordonfire.org.
TLS certificate: Issued by GTS CA 1P5 on January 27th 2024. Valid for: 3 months.

This is the only time account.wordonfire.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6811:ca1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 13	2606:4700:10:... 2606:4700:10::ac43:2641	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:fa43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	99.86.4.99 99.86.4.99	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:4e7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700::68... 2606:4700::6810:a0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:440... 2606:4700:4400::ac40:992a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	13.227.219.28 13.227.219.28	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
2	151.101.192.176 151.101.192.176	() ()
51	22

1 2606:4700::6811:ca1f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ac.wordonfire.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::ac43:2641 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.wordonfire.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
account.wordonfire.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.wordonfire.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.wordonfire.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fa43 (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:4e7c (United States)

ASN13335 (CLOUDFLARENET, US)

api.wordonfire.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:a0d (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:992a (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-28.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.176 (None, )

ASN- ()

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	wordonfire.org 3 redirects ac.wordonfire.org — Cisco Umbrella Rank: 278474 www.wordonfire.org — Cisco Umbrella Rank: 887289 account.wordonfire.org api.wordonfire.org assets.wordonfire.org	800 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 548 p.typekit.net — Cisco Umbrella Rank: 694	61 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2400 www.google.com — Cisco Umbrella Rank: 2	721 B
3	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9733 prism.app-us1.com — Cisco Umbrella Rank: 9789	8 KB
3	stripe.com js.stripe.com — Cisco Umbrella Rank: 1356 q.stripe.com Failed	149 KB
2	stripe.network m.stripe.network	16 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5654	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 113	401 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 825 script.hotjar.com — Cisco Umbrella Rank: 1119	60 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	71 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	189 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2975	257 B
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 9938	315 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	185 B
1	fonts.net fast.fonts.net — Cisco Umbrella Rank: 4344	565 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 996	7 KB
0	taboola.com Failed cdn.taboola.com Failed
0	perfectaudience.com Failed tag.perfectaudience.com Failed
51	19

	Domain	Requested by
8	account.wordonfire.org	1 redirects account.wordonfire.org
6	api.wordonfire.org	account.wordonfire.org
3	js.stripe.com	account.wordonfire.org js.stripe.com
3	use.typekit.net	account.wordonfire.org use.typekit.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.google.de	account.wordonfire.org
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	prism.app-us1.com	diffuser-cdn.app-us1.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	account.wordonfire.org connect.facebook.net
2	www.googletagmanager.com	account.wordonfire.org www.googletagmanager.com
1	vc.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	www.google.com	account.wordonfire.org
1	trackcmp.net	diffuser-cdn.app-us1.com
1	www.facebook.com	account.wordonfire.org
1	static.hotjar.com	account.wordonfire.org
1	diffuser-cdn.app-us1.com	account.wordonfire.org
1	assets.wordonfire.org	account.wordonfire.org
1	fast.fonts.net	account.wordonfire.org
1	p.typekit.net	use.typekit.net
1	static.cloudflareinsights.com	account.wordonfire.org
1	www.wordonfire.org	1 redirects
1	ac.wordonfire.org	1 redirects
0	q.stripe.com Failed	account.wordonfire.org
0	cdn.taboola.com Failed	account.wordonfire.org
0	tag.perfectaudience.com Failed	account.wordonfire.org
51	28

This site contains no links.

Subject Issuer	Validity	Valid
wordonfire.org GTS CA 1P5	`2024-01-27` - `2024-04-26`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-24` - `2024-02-22`	3 months	crt.sh
diffuser-cdn.app-us1.com E1	`2024-01-31` - `2024-04-30`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
prism.app-us1.com E1	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPfRyiHNRBd9Um5y8vQP4hd
Frame ID: 1742F9E7D202B71CF4869443A8FC57D7
Requests: 39 HTTP requests in this frame

Frame: https://account.wordonfire.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
Frame ID: ED93A44E240BA2EC23566A91074A86D9
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 45918BDE7B14EB33A491D6C4EE5E8F1A
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: EDB092B71BC6CAF036B519F7C95FA5DE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Word on Fire | Manage My Preferences

Page URL History Show full URLs

https://ac.wordonfire.org/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ3d3cud29yZG9uZmlyZS5vcmclMk... HTTP 302
https://www.wordonfire.org/manage-your-email-preferences/?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&... HTTP 301
https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

51
Requests

88 %
HTTPS

77 %
IPv6

19
Domains

28
Subdomains

22
IPs

3
Countries

1385 kB
Transfer

3405 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ac.wordonfire.org/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ3d3cud29yZG9uZmlyZS5vcmclMkZtYW5hZ2UteW91ci1lbWFpbC1wcmVmZXJlbmNlcyUyRiUzRmVtYWlsJTNEdG9ueWEubG9uZ2pvaG5zb24lNDBiY2JzbmMuY29tJTI2REdSJTNET0ZGJTI2Y29udGVudCUzRE9OJTI2bmV3cyUzRE9O&sig=AYraBijZy3KHieCKnffKiqxHEhXXcbaB5vLKuSHcUDs&iat=1700405127&a=||999795128||&account=wordonfire.activehosted.com&email=5ZBCxB0vziT9kjlijv7Z6TjEM+Dtywmq2AnPmmFDB/g8p3a39gYDL32OhpA=:n4C6kUm/kYPfRyiHNRBd9Um5y8vQP4hd&s=208769b69298eee75fc205caf58cd1cc&i=10026A20745A137A1492092 HTTP 302
https://www.wordonfire.org/manage-your-email-preferences/?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPfRyiHNRBd9Um5y8vQP4hd HTTP 301
https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPfRyiHNRBd9Um5y8vQP4hd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://account.wordonfire.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://account.wordonfire.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request preferences Show response
account.wordonfire.org/
Redirect Chain

https://ac.wordonfire.org/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ3d3cud29yZG9uZmlyZS5vcmclMkZtYW5hZ2UteW91ci1lbWFpbC1wcmVmZXJlbmNlcyUyRiUzRmVtYWlsJTNEdG9ueWEubG9uZ2pvaG5zb24lNDBiY2JzbmMuY...
https://www.wordonfire.org/manage-your-email-preferences/?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3...
https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPf...

2 KB
1 KB

405ms
371ms

Document
text/html

2606:4700:10::ac43:2641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPfRyiHNRBd9Um5y8vQP4hd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f856a61d65f2c0678927d9cc53b85b2083af8094699c368fd78b1f9f13032542

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8558591fccf2693d-FRA
content-encoding: gzip
content-type: text/html
date: Wed, 14 Feb 2024 21:19:14 GMT
last-modified: Tue, 06 Feb 2024 17:20:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: max-age=3600
cf-ray: 8558591f6c5c693d-FRA
date: Wed, 14 Feb 2024 21:19:13 GMT
expires: Wed, 14 Feb 2024 22:19:13 GMT
location: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPfRyiHNRBd9Um5y8vQP4hd
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 fonts.css
account.wordonfire.org/assets/css/ 105 B
250 B 365ms
364ms Stylesheet
text/css 2606:4700:10::ac43:2641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.wordonfire.org/assets/css/fonts.css

Requested by

Host: account.wordonfire.org
URL: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPfRyiHNRBd9Um5y8vQP4hd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0099e3ddb5785f834c768c20705d560c2b1afc5da1799ebe2e07a4bb55cab60a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPfRyiHNRBd9Um5y8vQP4hd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 06 Feb 2024 17:21:22 GMT
server: cloudflare
etag: W/"65c26a92-69"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31104000
cf-ray: 855859222fd4693d-FRA
expires: Sat, 08 Feb 2025 21:19:14 GMT

GET
H2 200 jbi8nlz.css
use.typekit.net/ 16 KB
2 KB 69ms
21ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/jbi8nlz.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

68114968f782654c5cbdb8f5c4d0d29f046bd49eb2ebf63eeb54db0cd76b43a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 14 Feb 2024 21:19:14 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1546

GET
H2 200 runtime.3c92661a204e2e51.js Show response
account.wordonfire.org/ 3 KB
2 KB 31ms
30ms Script
application/javascript 2606:4700:10::ac43:2641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.wordonfire.org/runtime.3c92661a204e2e51.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17adbda8e235c2cbbbbf5ce6661a613dd2cabc865a02e4b87f44dac88c1a093e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPfRyiHNRBd9Um5y8vQP4hd
Origin: https://account.wordonfire.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 17:20:49 GMT
server: cloudflare
age: 23163
etag: W/"65c26a71-b33"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 855859222fda693d-FRA
expires: Sat, 08 Feb 2025 14:53:11 GMT

GET
H2 200 polyfills.1748887faddf40ad.js Show response
account.wordonfire.org/ 97 KB
35 KB 44ms
44ms Script
application/javascript 2606:4700:10::ac43:2641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.wordonfire.org/polyfills.1748887faddf40ad.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f56fc164fe732e0aa7191936502da237e4e4a00150ec270af4d3f0373a7af24c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPfRyiHNRBd9Um5y8vQP4hd
Origin: https://account.wordonfire.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 17:20:49 GMT
server: cloudflare
age: 49918
etag: W/"65c26a71-185ab"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 855859222fdf693d-FRA
expires: Sat, 08 Feb 2025 07:27:16 GMT

GET
H2 200 main.0d35476cf9602aa0.js Show response
account.wordonfire.org/ 807 KB
221 KB 30ms
29ms Script
application/javascript 2606:4700:10::ac43:2641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.wordonfire.org/main.0d35476cf9602aa0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54d210148481202148d7258ba13e5cc85a255f8627053d0cb2c2fdd3f1192b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPfRyiHNRBd9Um5y8vQP4hd
Origin: https://account.wordonfire.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 49918
cf-polished: origSize=826184
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 17:20:49 GMT
server: cloudflare
etag: W/"65c26a71-c9b48"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31104000
cf-ray: 855859222fe8693d-FRA
expires: Sat, 08 Feb 2025 07:27:16 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 64ms
48ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: account.wordonfire.org
URL: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPfRyiHNRBd9Um5y8vQP4hd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://account.wordonfire.org/
Origin: https://account.wordonfire.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8558592239ac360f-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 78ms
14ms Stylesheet
text/css 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=jbi8nlz&ht=tk&f=139.140.173.174.175.176.5474.5475.25136.25137.1997.1998.1999.2000.2017.2018.6160.45404.45405.45406.45407.45410.45411&a=85914480&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jbi8nlz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
last-modified: Sun, 10 Sep 2023 12:39:23 GMT
server: nginx
etag: "64fdb8fb-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 1.css
fast.fonts.net/t/ 0
565 B 60ms
33ms Stylesheet
text/css 2606:4700::6810:fa43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=adaf91e8-dbab-490e-af58-66471d735ece
Requested by: Host: account.wordonfire.org
URL: https://account.wordonfire.org/assets/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fa43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: YCZCAVK7GFE7JGAV
age: 483001
content-length: 0
x-amz-id-2: rQsmuN69MG75cnMMYW1RL3xeR+2i/EramjB77JhH/zg12Es3BPyHgeQFvvDtKcMJQnw1NAm9tau0WKiLCWr6c3vi52dcoW1u
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
cf-ray: 85585924984b5d59-FRA
x-amz-meta-mtime: 1519217722

GET
H2 200 v3 Show response
js.stripe.com/ 597 KB
147 KB 2127ms
16ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: account.wordonfire.org
URL: https://account.wordonfire.org/main.0d35476cf9602aa0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8319175321d53572caca2cb710e19c79feaed6fafbe48921a890be2b5234f3eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:18:30 GMT
content-encoding: br
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 59
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 14 Feb 2024 18:25:21 GMT
server: Cloudfront
etag: W/"85a51f77cbc0358c9875da911eeacf90"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 2mmhX3VZ3dN0WOPy76m3OIaxnyr4z3bJHFGR9xTxt6v1KsJHHgNN7Q==

GET
H2

200

main.js Show response
account.wordonfire.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/ Frame ED93
Redirect Chain

https://account.wordonfire.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://account.wordonfire.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

8 KB
4 KB

17ms
17ms

Script
application/javascript

2606:4700:10::ac43:2641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.wordonfire.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

Requested by

Protocol

Server

2606:4700:10::ac43:2641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f08efdda8ecad8f1fe6557b244d231a0eec0aa71fc983be96f18b833aa075f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 855859253c3a693d-FRA

Redirect headers

date: Wed, 14 Feb 2024 21:19:14 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
cache-control: max-age=300, public
cf-ray: 855859251bfb693d-FRA

OPTIONS
H2 204 user
api.wordonfire.org/ Frame 0
0 417ms
386ms Preflight
text/html 2606:4700:10::6816:4e7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.wordonfire.org/user

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4e7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.helpscout.net;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://account.wordonfire.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET
access-control-allow-origin: https://account.wordonfire.org
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 85585925594d9bc4-FRA
content-security-policy: frame-ancestors 'self' https://secure.helpscout.net;
content-type: text/html; charset=UTF-8
date: Wed, 14 Feb 2024 21:19:15 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 401 user Show response
api.wordonfire.org/ 30 B
966 B 410ms
410ms XHR
application/json 2606:4700:10::ac43:2641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.wordonfire.org/user

Requested by

Host: account.wordonfire.org
URL: https://account.wordonfire.org/main.0d35476cf9602aa0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8031180d4d982a471ca97ef5a04e8d013d003c5c19e80d0a5f45401c4463ec27

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://account.wordonfire.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://account.wordonfire.org
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 85585927c8f0693d-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 285 KB
95 KB 51ms
31ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NS4K5RW&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b71344eb9ae10b86d28d6bd04babded49f03ac66ba755c82a8d02e1ce6453fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96512
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Feb 2024 21:19:14 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 21ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Feb 2024 21:19:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: SsKorJu4qt6OGTt4GZvuDfSH/g5AERjEnPBXEbW5Zq/sOYNLxCXT/XYSANkQsS+Hm6erBiNJkkaUerEqzuh6CA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rose_window.jpg
assets.wordonfire.org/img/ 532 KB
533 KB 391ms
380ms Image
image/jpeg 2606:4700:10::ac43:2641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.wordonfire.org/img/rose_window.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57ab5c5d3512e2f0ff5d173c6a189f17241d9f81f54210abbc622224758cd6ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:15 GMT
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPq1sQSEfUKBy91Co54GvduYTtuymupBOxhUnNzs5o1fqKUi17p7dlxqVSwchh0Ks9yIzw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 544879
last-modified: Wed, 30 Mar 2022 03:01:09 GMT
server: cloudflare
etag: "a9b5cb9eb4b350218c8c9e65c2109c4c"
vary: Origin, Accept-Encoding
x-goog-generation: 1648609269607134
content-type: image/jpeg
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=V6hTEg==, md5=qbXLnrSzUCGMjJ5lwhCcTA==
cache-control: public, max-age=14400
x-goog-stored-content-length: 544879
accept-ranges: bytes
cf-ray: 855859254c3e693d-FRA
expires: Wed, 14 Feb 2024 22:19:14 GMT

OPTIONS
H2 204 tonya.longjohnson%40bcbsnc.com
api.wordonfire.org/emails/ Frame 0
0 409ms
386ms Preflight
text/html 2606:4700:10::6816:4e7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.wordonfire.org/emails/tonya.longjohnson%40bcbsnc.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4e7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.helpscout.net;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://account.wordonfire.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET
access-control-allow-origin: https://account.wordonfire.org
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 85585925594e9bc4-FRA
content-security-policy: frame-ancestors 'self' https://secure.helpscout.net;
content-type: text/html; charset=UTF-8
date: Wed, 14 Feb 2024 21:19:15 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 tonya.longjohnson%40bcbsnc.com Show response
api.wordonfire.org/emails/ 210 B
1 KB 415ms
415ms XHR
application/json 2606:4700:10::ac43:2641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.wordonfire.org/emails/tonya.longjohnson%40bcbsnc.com

Requested by

Host: account.wordonfire.org
URL: https://account.wordonfire.org/main.0d35476cf9602aa0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

809214dd8d9fc40be510c8ec2c65a793a2edd3196f58f39159e501ac6651df67

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.helpscout.net;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://account.wordonfire.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:15 GMT
content-security-policy: frame-ancestors 'self' https://secure.helpscout.net;
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://account.wordonfire.org
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 85585927c8f1693d-FRA

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 31 KB
7 KB 58ms
21ms Script
application/javascript 2606:4700::6810:a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
content-encoding: gzip
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P2
age: 114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 04 Apr 2023 18:58:37 GMT
server: cloudflare
etag: W/"613257bb316d347d9417023321c6d62f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 855859257aa965cf-FRA
x-amz-cf-id: Znru-wHQkCoRkEzgI0NAmf5MD5O4bjR_iQvix3I5LQK_rysFOinPRg==

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 30 KB
30 KB 56ms
17ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jbi8nlz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423

Request headers

Referer: https://use.typekit.net/jbi8nlz.css
Origin: https://account.wordonfire.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
server: nginx
etag: "09d1a94c81035c62708e0a513ee76d7886d15a25"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30704

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 29 KB
29 KB 53ms
16ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/jbi8nlz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

Request headers

Referer: https://use.typekit.net/jbi8nlz.css
Origin: https://account.wordonfire.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
server: nginx
etag: "6aeae62b893768150f3460329dc461358e8ab2f5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 29820

POST
H2 200 8558591fccf2693d Show response
account.wordonfire.org/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame ED93 0
296 B 82ms
82ms XHR
text/plain 2606:4700:10::ac43:2641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account.wordonfire.org/cdn-cgi/challenge-platform/h/g/jsd/r/8558591fccf2693d
Requested by: Host: account.wordonfire.org
URL: https://account.wordonfire.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2641 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 85585925bd4f693d-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 1854989551440160 Show response
connect.facebook.net/signals/config/ 63 KB
13 KB 165ms
165ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1854989551440160?v=2.9.147&r=stable&domain=account.wordonfire.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0937ee0c96e78186a3b323ec8e41a4acab9b8f7c7692d9ba79f52932e2d76dcb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 14 Feb 2024 21:19:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: jRUVGng+2rn753xZZmAcZgJ8AENO3UOiwGZXoivF+2RwP2CrGxWT4pwjH9ZhxldGh9Cynq+ymS1Vm5bIHhtNwg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
94 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4081DYV3TL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NS4K5RW&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d65292fdda2dbb716c5159935bbd87481a36b8ad9be42afbc34f35b382adbf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96195
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 21:19:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 287ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NS4K5RW&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 19:30:40 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6515
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 14 Feb 2024 21:30:40 GMT

GET 5e553e1007d08ce5f90000ed.js
tag.perfectaudience.com/serve/ 0
0

GET
H2 200 hotjar-2041211.js Show response
static.hotjar.com/c/ 9 KB
4 KB 2086ms
37ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2041211.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

9ed33ec84c56e907efd947e10385463d7d609ef51d2998dd0fede50aa82555d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 21:19:16 GMT
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/517475e77ebd241eccace070566aa5c1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: vSxMqkLDS5D_LJq7ncFqjsxvIvkkxsx2fqj3OTACT26m-wsneHnn9A==

GET tfa.js
cdn.taboola.com/libtrc/unip/1482061/ 0
0

GET
H2 200 / Show response
prism.app-us1.com/ 329 B
363 B 534ms
475ms Script
application/javascript 2606:4700::6810:a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=999795128&ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPfRyiHNRBd9Um5y8vQP4hd&u=https%3A%2F%2Faccount.wordonfire.org%2Fpreferences%3Femail%3Dtonya.longjohnson%2540bcbsnc.com%26DGR%3DOFF%26content%3DON%26news%3DON

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.25

Resource Hash

983b6f80357ad41a82e5088b11d5df6471b6e22b14913c70c82a19ad0ae84412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.25
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 75
cf-ray: 855859264a5b4d52-FRA

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
492 B 265ms
208ms Script
application/javascript 2606:4700::6810:a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=999795128&u=https%3A%2F%2Faccount.wordonfire.org%2Fpreferences%3Femail%3Dtonya.longjohnson%2540bcbsnc.com%26DGR%3DOFF%26content%3DON%26news%3DON

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.25

Resource Hash

b8294ede7638e92bdb2b469dba2e39aa45bae350628aa380f294e4d4f12e449c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.25
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 71
cf-ray: 855859264a5c4d52-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4081DYV3TL&gtm=45je42c0v880255905z8830253616za200&_p=1707945554742&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1632533077.1707945555&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707945554&sct=1&seg=0&dl=https%3A%2F%2Faccount.wordonfire.org%2Fpreferences%3Femail%3Dtonya.longjohnson%2540bcbsnc.com%26DGR%3DOFF%26content%3DON%26news%3DON&dt=Word%20on%20Fire%20%7C%20Manage%20My%20Preferences&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4081DYV3TL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:19:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.wordonfire.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 62ms
22ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4081DYV3TL&cid=1632533077.1707945555&gtm=45je42c0v880255905z8830253616za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4081DYV3TL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:19:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.wordonfire.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 54ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4081DYV3TL&cid=1632533077.1707945555&gtm=45je42c0v880255905z8830253616za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1833743753

Requested by

Host: account.wordonfire.org
URL: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:19:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 21ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1854989551440160&ev=PageView&dl=https%3A%2F%2Faccount.wordonfire.org%2Fpreferences%3Femail%3Dtonya.longjohnson%2540bcbsnc.com%26DGR%3DOFF%26content%3DON%26news%3DON&rl=&if=false&ts=1707945555016&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1707945555015.724394574&cs_est=true&ler=empty&cdl=API_unavailable&it=1707945554843&coo=false&exp=e1&rqm=GET

Requested by

Host: account.wordonfire.org
URL: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 14 Feb 2024 21:19:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 175ms
152ms Script
text/javascript 2606:4700:4400::ac40:992a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=999795128&prismid=38f10e40-2771-4ffa-ae86-fd73ade9675b&url=https%3A%2F%2Faccount.wordonfire.org%2Fpreferences%3Femail%3Dtonya.longjohnson%2540bcbsnc.com%26DGR%3DOFF%26content%3DON%26news%3DON
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:992a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.24
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.24
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 11
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 85585927bd0d4dcc-FRA
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 14ms
13ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=302167669&t=pageview&_s=1&dl=https%3A%2F%2Faccount.wordonfire.org%2Fpreferences%3Femail%3Dtonya.longjohnson%2540bcbsnc.com%26DGR%3DOFF%26content%3DON%26news%3DON&ul=en-us&de=UTF-8&dt=Word%20on%20Fire%20%7C%20Manage%20My%20Preferences&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1451977869&gjid=852561388&cid=1632533077.1707945555&tid=UA-53432158-1&_gid=260834081.1707945555&_r=1&_slc=1&gtm=45He42c0n81NS4K5RWv830253616za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=36967553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.wordonfire.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:19:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.wordonfire.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-53432158-1&cid=1632533077.1707945555&jid=1451977869&gjid=852561388&_gid=260834081.1707945555&_u=YCDACEAABAAAACAAI~&z=84065219

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.wordonfire.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Feb 2024 21:19:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.wordonfire.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 51ms
32ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-53432158-1&cid=1632533077.1707945555&jid=1451977869&_u=YCDACEAABAAAACAAI~&z=1508513500

Requested by

Host: account.wordonfire.org
URL: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:19:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-53432158-1&cid=1632533077.1707945555&jid=1451977869&_u=YCDACEAABAAAACAAI~&z=1508513500

Requested by

Host: account.wordonfire.org
URL: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:19:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 401 user Show response
api.wordonfire.org/ 30 B
864 B 180ms
180ms XHR
application/json 2606:4700:10::ac43:2641
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.wordonfire.org/user

Requested by

Host: account.wordonfire.org
URL: https://account.wordonfire.org/main.0d35476cf9602aa0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2641 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8031180d4d982a471ca97ef5a04e8d013d003c5c19e80d0a5f45401c4463ec27

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://account.wordonfire.org/
X-XSRF-TOKEN: eyJpdiI6IldPK010V2Q0RDI4NUlUYnRmQWdIWUE9PSIsInZhbHVlIjoiODNGYlBNb3RMcnk0eVVPcGEydkFGM2VsRlNQMDhPYS9adXM5RjZONzlTdGU5c2JKZ09OOUVkQ1NXYTBMQTEwZ1RheHMzR1JJbW1HSVBYUFpEQUZZRXVLUVVTc0tpUFNIZkxqVFpnb0thdFVMR2xxWmxWRHFRQ2czVy9yY3BIaVkiLCJtYWMiOiI2YTlkYTczYzZiMDM2YWMyNjYxYjAyZjNhNWI4MTlkZWY5ZjQxOTA2ODlkMDRkYjlkYjBmN2FmMzVjNWFmYjE3IiwidGFnIjoiIn0=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://account.wordonfire.org
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 855859319d24693d-FRA

OPTIONS
H2 204 user
api.wordonfire.org/ Frame 0
0 161ms
161ms Preflight
text/html 2606:4700:10::6816:4e7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.wordonfire.org/user

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4e7c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.helpscout.net;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with,x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://account.wordonfire.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with,x-xsrf-token
access-control-allow-methods: GET
access-control-allow-origin: https://account.wordonfire.org
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 855859309e6b9bc4-FRA
content-security-policy: frame-ancestors 'self' https://secure.helpscout.net;
content-type: text/html; charset=UTF-8
date: Wed, 14 Feb 2024 21:19:16 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 modules.6a2b0e76f0cc82348e91.js Show response
script.hotjar.com/ 228 KB
56 KB 60ms
14ms Script
application/javascript 13.227.219.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6a2b0e76f0cc82348e91.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2041211.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-28.ams54.r.cloudfront.net

Software

Resource Hash

e5386090e0f576fec696133200d616900756efb2784138d1410727d45211e506

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 15:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 80826ca6c4fd6005aeacf5a03c8d42e8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 19691
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56273
last-modified: Wed, 14 Feb 2024 15:50:17 GMT
etag: "295963a599cd0d1e4cde1a0548000447"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 3S21CjMGeCU-vdxDcNbLQOjHLwaWHJoIzmvFKLjFGhOtbnXPpAe6KA==

GET
H2 204 2041211 Show response
vc.hotjar.io/sessions/ 0
257 B 53ms
34ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2041211?s=0.25&r=0.2462905820031518
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6a2b0e76f0cc82348e91.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.9.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 21:19:17 GMT
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.9.3
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 8CbBKBbhK5Dx3u_dpnaZWY9gdgaf0wtFXOstwf2CG7Nys5ffxPalbw==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 232ms
232ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4081DYV3TL&gtm=45je42c0v880255905za200&_p=1707945554742&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1632533077.1707945555&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1707945554&sct=1&seg=0&dl=https%3A%2F%2Faccount.wordonfire.org%2Fpreferences%3Femail%3Dtonya.longjohnson%2540bcbsnc.com%26DGR%3DOFF%26content%3DON%26news%3DON&dt=Word%20on%20Fire%20%7C%20Manage%20My%20Preferences&en=scroll&epn.percent_scrolled=90&_et=6&tfd=6495
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4081DYV3TL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.wordonfire.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 21:19:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.wordonfire.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 4591 200 B
1 KB 9ms
9ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.wordonfire.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2123
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 14 Feb 2024 20:44:01 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Tue, 06 Feb 2024 23:12:25 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id: Ow-t7jlLv3Zg6FWOy0SQMwu8M01n8y8NBvsACK_b8fZiMrLNlPFYvQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4591 526 B
1 KB 9ms
9ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 20:46:59 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 1943
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 526
last-modified: Tue, 06 Feb 2024 23:12:23 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KpYT-vzGBePKNc73m-lT6YBebsnwkEPXLbPKbnfdOKMok5oG-o8MYw==

POST csp-report
q.stripe.com/ Frame 4591 0
0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame EDB0 930 B
1 KB 36ms
7ms Document
text/html 151.101.192.176

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 189
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 14 Feb 2024 21:19:21 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 252
x-content-type-options: nosniff
x-request-id: 1b0ba26e-f10d-4194-8a21-e626822fa58d
x-served-by: cache-fra-eddf8230098-FRA
x-timer: S1707945562.947994,VS0,VE0

POST csp-report
q.stripe.com/ Frame EDB0 0
0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame EDB0 87 KB
15 KB 10ms
9ms Script
text/javascript 151.101.192.176

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 14 Feb 2024 21:19:21 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 65
x-cache: HIT
content-length: 15509
x-request-id: c5ebf9fc-12ef-41a7-a7d1-b4f240ba05c1
x-served-by: cache-fra-eddf8230098-FRA
server: Fastly
x-timer: S1707945562.961022,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 96

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tag.perfectaudience.com
URL: https://tag.perfectaudience.com/serve/5e553e1007d08ce5f90000ed.js

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1482061/tfa.js

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Domain: q.stripe.com
URL: https://q.stripe.com/csp-report

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fonts.net/	1970-01-20 18:25:47	Name: __cf_bm Value: OLQCdbjsz8RSlO3O41NCI4924kUuJArw2.dYOsku0og-1707945554-1.0-Acs61OxPSWkHUFKPvNDgliWM4HFOz8xCgfjUb7lCbY/rRDYoVX5dkKf70oNQhJi2N184oBJAQzZgqNr7xE5QqDI=
.wordonfire.org/	1970-01-20 20:35:21	Name: _gcl_au Value: 1.1.416702471.1707945555
.wordonfire.org/	1970-01-21 03:11:21	Name: cf_clearance Value: lYvVMEdxDu5P_CPmrFlJYhB0D0nLwl84er94DCtJ47Y-1707945554-1.0-AYnOOrc3cILX5JGe5Yjtr4QhqdWJSyhbnoXVhAt9qpURUCd6A4XGz0r3oj78cWCGjodO90qY/O3aW8LNKF6BK/I=
.wordonfire.org/	1970-01-21 04:01:45	Name: _ga_4081DYV3TL Value: GS1.1.1707945554.1.0.1707945554.60.0.0
.wordonfire.org/	1970-01-20 20:35:21	Name: _fbp Value: fb.1.1707945555015.724394574
.wordonfire.org/	1970-01-21 04:01:45	Name: _ga Value: GA1.2.1632533077.1707945555
.wordonfire.org/	1970-01-20 18:27:11	Name: _gid Value: GA1.2.260834081.1707945555
.wordonfire.org/	1970-01-20 18:25:45	Name: _gat_UA-53432158-1 Value: 1
prism.app-us1.com/	1970-01-20 19:08:57	Name: prism_999795128 Value: 38ddf0f2-0352-4371-9f90-b1b459b1892b
.wordonfire.org/	1970-01-20 19:08:57	Name: prism_999795128 Value: 38ddf0f2-0352-4371-9f90-b1b459b1892b
.wordonfire.org/	1970-01-21 03:11:21	Name: XSRF-TOKEN Value: eyJpdiI6IjFVeEVVUzBYNk55NVVORStidHc0Rnc9PSIsInZhbHVlIjoielNSeUlDRkpFYzQvUzAwMkZaTXlBL1dnZWt0OFpmTUIvQzNZMU51QUd0enZ6Wk1pVzBVSXM5cE9OdEIrRGJLbStXbk9VMW92RERhN0tmMHg3NG5uclgwckNRczFpelpCL2FLeGZVZEtTcmgvMHdIUzRlR3dDME80Rk5RZmU5di8iLCJtYWMiOiIxMWEzZTFhNmQ5ZjJkZmQxNWViZjJhYzdiY2ZlNjZmOGZjNDhkOTFiYjUwMmU2M2U0ZmRiZTdkNTUwNzY0ODUyIiwidGFnIjoiIn0%3D
.wordonfire.org/	1970-01-21 03:11:21	Name: wofapi_session Value: eyJpdiI6ImE1UXdHYWQxRjY3aFFFcTVsRVlLb3c9PSIsInZhbHVlIjoieUZLaitjbEtMZHBzbmZROFlscXpVVmloeGNFaWxlaHNHUVB1NUZTcXAyVEt4eXNsbDhMQVYycEFDa21JYXpoZEhSNzQvUFl6U2NJMG84Wnc5UTZYYVF5VGlTTE5Gc0VQWDZCV2ZHWHVmaytZa2psWVFWM2FST1lVaG52ZDBCZmgiLCJtYWMiOiI3ZGRhMzBhZDM2MTg4NjY0YmI3ODI2Yjk2ZDFiYWU3MTkzMzRiZmE1MjgxNTg3MjUxMzRiYzAzMjM0MGE5NmI1IiwidGFnIjoiIn0%3D
.wordonfire.org/	1970-01-21 03:11:21	Name: _hjSessionUser_2041211 Value: eyJpZCI6ImEwYzE2MjhhLTY4NjMtNTU4MC1iOTFlLTcxYjZiOTJhNjE2OSIsImNyZWF0ZWQiOjE3MDc5NDU1NTcwNDYsImV4aXN0aW5nIjpmYWxzZX0=
.wordonfire.org/	1970-01-20 18:25:47	Name: _hjSession_2041211 Value: eyJpZCI6IjVkMTg2NDk1LTkzYzYtNDE4My1iNjJjLWRhMThkZmQ4M2U1ZSIsImMiOjE3MDc5NDU1NTcwNDcsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON&vgo_ee=5ZBCxB0vziT9kjlijv7Z6TjEM%2BDtywmq2AnPmmFDB%2Fg8p3a39gYDL32OhpA%3D%3An4C6kUm%2FkYPfRyiHNRBd9Um5y8vQP4hd Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1854989551440160?v=2.9.147&r=stable&domain=account.wordonfire.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://account.wordonfire.org/preferences?email=tonya.longjohnson%40bcbsnc.com&DGR=OFF&content=ON&news=ON Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://api.wordonfire.org/user Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://api.wordonfire.org/user Message: Failed to load resource: the server responded with a status of 401 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ac.wordonfire.org
account.wordonfire.org
api.wordonfire.org
assets.wordonfire.org
cdn.taboola.com
connect.facebook.net
diffuser-cdn.app-us1.com
fast.fonts.net
js.stripe.com
m.stripe.network
p.typekit.net
prism.app-us1.com
q.stripe.com
region1.analytics.google.com
script.hotjar.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
tag.perfectaudience.com
trackcmp.net
use.typekit.net
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.wordonfire.org
cdn.taboola.com
q.stripe.com
tag.perfectaudience.com
13.227.219.28
151.101.192.176
18.66.112.110
18.66.97.49
2001:4860:4802:32::36
2606:4700:10::6816:4e7c
2606:4700:10::ac43:2641
2606:4700:4400::ac40:992a
2606:4700::6810:3865
2606:4700::6810:a0d
2606:4700::6810:fa43
2606:4700::6811:ca1f
2a00:1450:4001:806::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2004
2a00:1450:400c:c00::9b
2a02:26f0:480:f::213:7ec6
2a02:26f0:480:f::213:7edb
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
99.86.4.99
0099e3ddb5785f834c768c20705d560c2b1afc5da1799ebe2e07a4bb55cab60a
0937ee0c96e78186a3b323ec8e41a4acab9b8f7c7692d9ba79f52932e2d76dcb
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
17adbda8e235c2cbbbbf5ce6661a613dd2cabc865a02e4b87f44dac88c1a093e
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
54d210148481202148d7258ba13e5cc85a255f8627053d0cb2c2fdd3f1192b52
57ab5c5d3512e2f0ff5d173c6a189f17241d9f81f54210abbc622224758cd6ea
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
68114968f782654c5cbdb8f5c4d0d29f046bd49eb2ebf63eeb54db0cd76b43a4
6b71344eb9ae10b86d28d6bd04babded49f03ac66ba755c82a8d02e1ce6453fa
8031180d4d982a471ca97ef5a04e8d013d003c5c19e80d0a5f45401c4463ec27
809214dd8d9fc40be510c8ec2c65a793a2edd3196f58f39159e501ac6651df67
8319175321d53572caca2cb710e19c79feaed6fafbe48921a890be2b5234f3eb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
983b6f80357ad41a82e5088b11d5df6471b6e22b14913c70c82a19ad0ae84412
9d65292fdda2dbb716c5159935bbd87481a36b8ad9be42afbc34f35b382adbf1
9ed33ec84c56e907efd947e10385463d7d609ef51d2998dd0fede50aa82555d0
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b8294ede7638e92bdb2b469dba2e39aa45bae350628aa380f294e4d4f12e449c
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5386090e0f576fec696133200d616900756efb2784138d1410727d45211e506
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08efdda8ecad8f1fe6557b244d231a0eec0aa71fc983be96f18b833aa075f36
f56fc164fe732e0aa7191936502da237e4e4a00150ec270af4d3f0373a7af24c
f856a61d65f2c0678927d9cc53b85b2083af8094699c368fd78b1f9f13032542

account.wordonfire.org Open in urlscan Pro 2606:4700:10::ac43:2641 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

88 %HTTPS

77 %IPv6

19 Domains

28 Subdomains

22 IPs

3 Countries

1385 kBTransfer

3405 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

account.wordonfire.org Open in urlscan Pro
2606:4700:10::ac43:2641 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

88 %
HTTPS

77 %
IPv6

19
Domains

28
Subdomains

22
IPs

3
Countries

1385 kB
Transfer

3405 kB
Size

14
Cookies

51 HTTP transactions
0 data transactions