urlscan.io logo urlscan.io
SecurityTrails logo

hope.hazeldenbettyford.org Open in urlscan Pro
35.202.21.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ct.coppermail-usa.com/rd/cts?d=140-30162-16831-21556-44851-1893719-0-0-0-1-2-22
Effective URL: https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Submission: On March 08 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 16 domains to perform 39 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is hope.hazeldenbettyford.org.
TLS certificate: Issued by R3 on February 5th 2021. Valid for: 3 months.
This is the only time hope.hazeldenbettyford.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    68.233.130.163 (United States)

ASN12154 (INFOUSA, US)
ct.coppermail-usa.com
1    35.202.21.90 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 90.21.202.35.bc.googleusercontent.com
hope.hazeldenbettyford.org
1    2a00:1450:4001:813::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.leadpages.net
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2a00:1450:4001:829::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
js.center.io
5    52.21.178.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-2-ue1.aws.pardot.com
e2.hazeldenbettyford.org
go.pardot.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    35.192.151.63 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 63.151.192.35.bc.googleusercontent.com
api.leadpages.io
1    2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    35.174.150.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-3-ue1.aws.pardot.com
pi.pardot.com
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com hope.hazeldenbettyford.org
e2.hazeldenbettyford.org
www.gstatic.com
www.google.com
3 go.pardot.com e2.hazeldenbettyford.org
go.pardot.com
3 api.leadpages.io js.center.io
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 pi.pardot.com e2.hazeldenbettyford.org
pi.pardot.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 e2.hazeldenbettyford.org hope.hazeldenbettyford.org
pi.pardot.com
2 js.center.io hope.hazeldenbettyford.org
js.center.io
2 lh3.googleusercontent.com hope.hazeldenbettyford.org
1 www.google.de hope.hazeldenbettyford.org
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com hope.hazeldenbettyford.org
1 fonts.googleapis.com hope.hazeldenbettyford.org
1 static.leadpages.net hope.hazeldenbettyford.org
1 hope.hazeldenbettyford.org
1 ct.coppermail-usa.com 1 redirects
0 fast.wistia.com Failed pi.pardot.com
0 www.leadpages.com Failed e2.hazeldenbettyford.org
39 19

This site contains no links.

Subject Issuer Validity Valid
hope.hazeldenbettyford.org
R3		 2021-02-05 -
2021-05-06		 3 months crt.sh
*.leadpages.net
Go Daddy Secure Certificate Authority - G2		 2021-02-16 -
2022-03-20		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.center.io
Go Daddy Secure Certificate Authority - G2		 2020-01-21 -
2022-01-21		 2 years crt.sh
e2.hazeldenbettyford.org
R3		 2021-01-27 -
2021-04-27		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.leadpages.io
Go Daddy Secure Certificate Authority - G2		 2019-11-12 -
2021-11-12		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
go.pardot.com
DigiCert SHA2 Secure Server CA		 2020-12-05 -
2021-12-04		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
pi.pardot.com
DigiCert SHA2 Secure Server CA		 2020-12-05 -
2021-12-04		 a year crt.sh

This page contains 5 frames:

Primary Page: https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Frame ID: E3AA444E95C4CAD04BEDB374007375FA
Requests: 17 HTTP requests in this frame

Frame: https://e2.hazeldenbettyford.org/l/220262/2021-02-09/24z8dx
Frame ID: DED86BF231E7D1F07FC6F3CC9C2C7BA9
Requests: 11 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 2DEC18D6519616E7512802086B83105C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9lMi5oYXplbGRlbmJldHR5Zm9yZC5vcmc6NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=normal&cb=1u0lwm82s0ht
Frame ID: DACE23657D1852FC5255BF0008EF6604
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&cb=1w5eckv84kk8
Frame ID: C7B957FF7A6F67578E47EE06FB26149F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ct.coppermail-usa.com/rd/cts?d=140-30162-16831-21556-44851-1893719-0-0-0-1-2-22 HTTP 302
    https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

39
Requests

95 %
HTTPS

72 %
IPv6

16
Domains

19
Subdomains

18
IPs

3
Countries

748 kB
Transfer

1926 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ct.coppermail-usa.com/rd/cts?d=140-30162-16831-21556-44851-1893719-0-0-0-1-2-22 HTTP 302
    https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://www.leadpages.net/assets/js/pardot.min.js HTTP 0
  • http://www.leadpages.com/assets/js/pardot.min.js

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Redirect Chain
  • http://ct.coppermail-usa.com/rd/cts?d=140-30162-16831-21556-44851-1893719-0-0-0-1-2-22
  • https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
78 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
c6501f7e756573e8bd7bc36e667c594d8af3444059004af071e87ca2dd9283c1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
hope.hazeldenbettyford.org
:scheme
https
:path
/130548-brain-disease-of-addiction-external/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 19:34:24 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Tue, 09 Feb 2021 16:13:38 GMT
etag
W/"fea6ca13afcbf2832cfb301908d7c6b8"
x-cache
MISS, MISS
cache-control
no-cache
server
Leadpages
strict-transport-security
max-age=15768000
content-encoding
br

Redirect headers

Set-Cookie
dc_ecomm=140-30162-16831-21556-44851-1893719-0-0-0-1-2-22; Max-Age=8640000; Expires=Wed, 16-Jun-2021 19:34:23 GMT
Location
https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Content-Type
text/html
Content-Length
0
Date
Mon, 08 Mar 2021 19:34:22 GMT
all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by
Host: hope.hazeldenbettyford.org
URL: https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Mar 2021 22:04:59 GMT
content-encoding
gzip
server
Google Frontend
age
77365
etag
"i301xQ"
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
f7579322541d8dc4804ec1e6c79d4b92;o=1
cache-control
public, max-age=31536000
content-length
14628
expires
Mon, 07 Mar 2022 22:04:59 GMT
css
fonts.googleapis.com/ 		2 KB
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,500,700
Requested by
Host: hope.hazeldenbettyford.org
URL: https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a2dd21532e68bb69249e38f9f22315cd53843f618a78b6169c3ae64ac02294f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Mar 2021 19:03:42 GMT
server
ESF
date
Mon, 08 Mar 2021 19:34:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Mar 2021 19:34:24 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46984223-1
Requested by
Host: hope.hazeldenbettyford.org
URL: https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e6179d265059507881c3a71c7932b714d8081e582c1ddd40dce77279c2b29f2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://hope.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 19:34:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39451
x-xss-protection
0
last-modified
Mon, 08 Mar 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Mar 2021 19:34:24 GMT
OGMG1JN5KccKIjihWHiTHOng9iBgYJApIHSOapzWsUt5k3oItPSTJumXha8FGey-sva5J3b5uf60jxr597BW2A=w16
lh3.googleusercontent.com/ 		374 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/OGMG1JN5KccKIjihWHiTHOng9iBgYJApIHSOapzWsUt5k3oItPSTJumXha8FGey-sva5J3b5uf60jxr597BW2A=w16
Requested by
Host: hope.hazeldenbettyford.org
URL: https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
41282f161564d870983363584629baecfaaf564bd23f112031763182a5533529
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hope.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 19:34:24 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
374
x-xss-protection
0
expires
Tue, 09 Mar 2021 19:34:24 GMT
center.js
js.center.io/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.center.io/center.js
Requested by
Host: hope.hazeldenbettyford.org
URL: https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

Referer
https://hope.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 19:31:46 GMT
content-encoding
gzip
server
Google Frontend
age
158
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
d78e56b4e35971fba556ba044d042938
cache-control
public, max-age=300
content-length
5417
expires
Mon, 08 Mar 2021 19:36:46 GMT
Cookie set 24z8dx
e2.hazeldenbettyford.org/l/220262/2021-02-09/ Frame DED8 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e2.hazeldenbettyford.org/l/220262/2021-02-09/24z8dx
Requested by
Host: hope.hazeldenbettyford.org
URL: https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-2-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
9210c3d6d50fa352f1566e0a2b68b13cb51fac6472d7ce9cf3f85a3c8356f1c3

Request headers

Host
e2.hazeldenbettyford.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hope.hazeldenbettyford.org/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hope.hazeldenbettyford.org/

Response headers

Date
Mon, 08 Mar 2021 19:34:24 GMT
Set-Cookie
pardot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 visitor_id220262=267396614; expires=Thu, 06-Mar-2031 19:34:24 GMT; Max-Age=315359999; path=/; secure; SameSite=None visitor_id220262-hash=9e7b40833419613cc0fc7098343a98d167b0581865b89cf5f732ebce822e8d2d8a802b20cd23edaca6563ad551bec4c718ce5bf6; expires=Thu, 06-Mar-2031 19:34:24 GMT; Max-Age=315359999; path=/; secure; SameSite=None
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
X-Pardot-Rsp
16/106/122
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
5369
Content-Type
text/html; charset=utf-8
X-Pardot-Route
32427ff3465437d362f61c790f7d2406
Server
PardotServer
X-Pardot-LB
7044ba9c794aba658bc1be2f8b8ad85c
Connection
keep-alive
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hope.hazeldenbettyford.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 06:05:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
age
480509
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
expires
Thu, 03 Mar 2022 06:05:55 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hope.hazeldenbettyford.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 04:06:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
401270
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 04 Mar 2022 04:06:34 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46984223-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hope.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
5508
date
Mon, 08 Mar 2021 18:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Mon, 08 Mar 2021 20:02:36 GMT
identify.html
js.center.io/ Frame 2DEC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

:method
GET
:authority
js.center.io
:scheme
https
:path
/identify.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hope.hazeldenbettyford.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hope.hazeldenbettyford.org/

Response headers

date
Mon, 08 Mar 2021 19:33:58 GMT
expires
Mon, 08 Mar 2021 19:38:58 GMT
etag
"OMWYXg"
x-cloud-trace-context
11f8cb6ab55de54bc61f61c3ee684104
content-type
text/html
content-encoding
gzip
server
Google Frontend
content-length
2016
age
26
cache-control
public, max-age=300
OGMG1JN5KccKIjihWHiTHOng9iBgYJApIHSOapzWsUt5k3oItPSTJumXha8FGey-sva5J3b5uf60jxr597BW2A=w300
lh3.googleusercontent.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/OGMG1JN5KccKIjihWHiTHOng9iBgYJApIHSOapzWsUt5k3oItPSTJumXha8FGey-sva5J3b5uf60jxr597BW2A=w300
Requested by
Host: hope.hazeldenbettyford.org
URL: https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e5794ec4cf14c9d241c4ae60c9ce80f8f395970703c1d0f952271c4789e5ec16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hope.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 19:34:24 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10931
x-xss-protection
0
expires
Tue, 09 Mar 2021 19:34:24 GMT
collect
www.google-analytics.com/j/ 		2 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=937945828&t=pageview&_s=1&dl=https%3A%2F%2Fhope.hazeldenbettyford.org%2F130548-brain-disease-of-addiction-external%2F&ul=en-us&de=UTF-8&dt=130548%20Brain%20Disease%20of%20Addiction%20(External)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=727794682&gjid=487489795&cid=678792522.1615232065&tid=UA-46984223-1&_gid=1838540165.1615232065&_r=1&gtm=2ou2o0&z=113299126
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hope.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 19:34:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hope.hazeldenbettyford.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
capture
api.leadpages.io/analytics/v1/events/ 		35 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=cq38PBReCP4dixaCD2Wa5M&v=&e=&st=&lc=en-US&pid=YcAk5Usrz2FNFjEsojoSQn-default-prop&uid=WKFk5H27ZS3xfUekLuCFxt&sid=jRhhu9BfSnEAU6e7hMha5e&cid=lp-cq38PBReCP4dixaCD2Wa5M&uri=https%3A%2F%2Fhope.hazeldenbettyford.org%2F130548-brain-disease-of-addiction-external%2F&rf=&rx=1600&ry=1200&tz=%2B01%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://hope.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 19:34:25 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
185.212.171.67
Content-Type
image/gif
access-control-allow-origin
https://hope.hazeldenbettyford.org
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
access-control-max-age
600
Connection
keep-alive
x-request-id
02tankq6ulrtmrcdlnog
collect
stats.g.doubleclick.net/j/ 		4 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-46984223-1&cid=678792522.1615232065&jid=727794682&gjid=487489795&_gid=1838540165.1615232065&_u=IEBAAUAAAAAAAC~&z=1512031960
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hope.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Mar 2021 19:34:24 GMT
content-type
text/plain
access-control-allow-origin
https://hope.hazeldenbettyford.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-46984223-1&cid=678792522.1615232065&jid=727794682&_u=IEBAAUAAAAAAAC~&z=304903338
Requested by
Host: hope.hazeldenbettyford.org
URL: https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hope.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 19:34:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-46984223-1&cid=678792522.1615232065&jid=727794682&_u=IEBAAUAAAAAAAC~&z=304903338
Requested by
Host: hope.hazeldenbettyford.org
URL: https://hope.hazeldenbettyford.org/130548-brain-disease-of-addiction-external/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hope.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Mar 2021 19:34:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
form.css
go.pardot.com/css/ Frame DED8 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://go.pardot.com/css/form.css?ver=2020-10-19
Requested by
Host: e2.hazeldenbettyford.org
URL: https://e2.hazeldenbettyford.org/l/220262/2021-02-09/24z8dx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-2-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
338de273f529e717971d06587c95a880c0c4240b0cd24e79e14ac07a9522cd1d

Request headers

Referer
https://e2.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 19:34:25 GMT
Content-Encoding
gzip
X-Pardot-Route
32427ff3465437d362f61c790f7d2406
X-Pardot-LB
7044ba9c794aba658bc1be2f8b8ad85c
Last-Modified
Thu, 29 Oct 2020 20:44:24 GMT
Server
PardotServer
ETag
"7bd2-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
7657
Expires
Wed, 08 Mar 2023 19:34:25 GMT
piUtils.js
go.pardot.com/js/ Frame DED8 		341 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.pardot.com/js/piUtils.js?ver=2020-10-19
Requested by
Host: e2.hazeldenbettyford.org
URL: https://e2.hazeldenbettyford.org/l/220262/2021-02-09/24z8dx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-2-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
744d368a676dabf6be331840fdf74176a9ad7a784bf3920e3f640c9ed89fc43c

Request headers

Referer
https://e2.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 19:34:25 GMT
Content-Encoding
gzip
X-Pardot-Route
32427ff3465437d362f61c790f7d2406
X-Pardot-LB
7044ba9c794aba658bc1be2f8b8ad85c
Last-Modified
Thu, 29 Oct 2020 18:23:13 GMT
Server
PardotServer
ETag
"55586-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Transfer-Encoding
chunked
Accept-Ranges
bytes
Expires
Wed, 08 Mar 2023 19:34:25 GMT
api.js
www.google.com/recaptcha/ Frame DED8 		850 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: e2.hazeldenbettyford.org
URL: https://e2.hazeldenbettyford.org/l/220262/2021-02-09/24z8dx
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7be93782718b63bdf0478467dbae39879064f603eb44d42a90a6c6fee1ee81a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://e2.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 19:34:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
1; mode=block
expires
Mon, 08 Mar 2021 19:34:25 GMT
required.gif
go.pardot.com/images/ Frame DED8 		186 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.pardot.com/images/required.gif
Requested by
Host: go.pardot.com
URL: https://go.pardot.com/css/form.css?ver=2020-10-19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-2-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
79badf235e92fe69d052a2df85ddd8d5ea24e2378ea8c46d920f51f286a229d8

Request headers

Referer
https://go.pardot.com/css/form.css?ver=2020-10-19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 19:34:25 GMT
X-Pardot-Route
32427ff3465437d362f61c790f7d2406
X-Pardot-LB
7044ba9c794aba658bc1be2f8b8ad85c
Last-Modified
Wed, 12 Sep 2018 16:22:38 GMT
Server
PardotServer
ETag
"ba"
Content-Type
image/gif
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
186
Expires
Wed, 08 Mar 2023 19:34:25 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame DED8 		331 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://e2.hazeldenbettyford.org
Referer
https://e2.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 19:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132194
x-xss-protection
0
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Mar 2022 19:30:05 GMT
pardot.min.js
www.leadpages.com/assets/js/ Frame DED8
Redirect Chain
  • https://www.leadpages.net/assets/js/pardot.min.js
  • http://www.leadpages.com/assets/js/pardot.min.js
0
0
anchor
www.google.com/recaptcha/api2/ Frame DACE 		20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9lMi5oYXplbGRlbmJldHR5Zm9yZC5vcmc6NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=normal&cb=1u0lwm82s0ht
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4220dbc583cd4f13de48a27cd1a62189274e9a95e873fe9efdeea095b1000919
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JcDF8yQmpmf3QofZrMrXUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9lMi5oYXplbGRlbmJldHR5Zm9yZC5vcmc6NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=normal&cb=1u0lwm82s0ht
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://e2.hazeldenbettyford.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://e2.hazeldenbettyford.org/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 08 Mar 2021 19:34:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-JcDF8yQmpmf3QofZrMrXUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10758
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame DACE 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9lMi5oYXplbGRlbmJldHR5Zm9yZC5vcmc6NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=normal&cb=1u0lwm82s0ht
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 22:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
age
249425
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Sat, 05 Mar 2022 22:17:21 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame DACE 		331 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9lMi5oYXplbGRlbmJldHR5Zm9yZC5vcmc6NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=normal&cb=1u0lwm82s0ht
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 19:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
261
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132194
x-xss-protection
0
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Mar 2022 19:30:05 GMT
truncated
/ Frame DACE 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame DACE 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame DACE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 15:40:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
446048
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Wed, 10 Mar 2021 15:40:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DACE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9lMi5oYXplbGRlbmJldHR5Zm9yZC5vcmc6NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=normal&cb=1u0lwm82s0ht
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
345181
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
cstB55mjfY2YbXF4zMiTi8_RJiNq49RCIO7mHTWYDHA.js
www.google.com/js/bg/ Frame DACE 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/cstB55mjfY2YbXF4zMiTi8_RJiNq49RCIO7mHTWYDHA.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72cb41e799a37d8d986d7178ccc8938bcfd126236ae3d44220eee61d35980c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9lMi5oYXplbGRlbmJldHR5Zm9yZC5vcmc6NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=normal&cb=1u0lwm82s0ht
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 15:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
445249
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6292
x-xss-protection
0
expires
Thu, 03 Mar 2022 15:53:37 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame DACE 		102 B
180 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9lMi5oYXplbGRlbmJldHR5Zm9yZC5vcmc6NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=normal&cb=1u0lwm82s0ht
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9lMi5oYXplbGRlbmJldHR5Zm9yZC5vcmc6NDQz&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=normal&cb=1u0lwm82s0ht
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 19:34:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 08 Mar 2021 19:34:27 GMT
bframe
www.google.com/recaptcha/api2/ Frame C7B9 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&cb=1w5eckv84kk8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c227f56381205b3a07423dd03bca5f591990da87d34a4263ef45a7228c9dfcdb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oSyBhMkcrbCLvgAUtjWjyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&cb=1w5eckv84kk8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://e2.hazeldenbettyford.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://e2.hazeldenbettyford.org/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 08 Mar 2021 19:34:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-oSyBhMkcrbCLvgAUtjWjyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame C7B9 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&cb=1w5eckv84kk8
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 22:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
age
249426
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Sat, 05 Mar 2022 22:17:21 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame C7B9 		331 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&cb=1w5eckv84kk8
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 19:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132194
x-xss-protection
0
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Mar 2022 19:30:05 GMT
pd.js
pi.pardot.com/ Frame DED8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: e2.hazeldenbettyford.org
URL: https://e2.hazeldenbettyford.org/l/220262/2021-02-09/24z8dx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8

Request headers

Referer
https://e2.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 19:34:27 GMT
Content-Encoding
gzip
X-Pardot-Route
ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
Last-Modified
Fri, 13 Mar 2020 17:23:33 GMT
Server
PardotServer
ETag
"1442-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
1842
Expires
Wed, 08 Mar 2023 19:34:27 GMT
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=110,272,391,787,1,801,900,908,3991,3991
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://hope.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 19:34:27 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
185.212.171.67
Content-Type
image/gif
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
02tanlbuhs1m7kfnp8jg
analytics
pi.pardot.com/ Frame DED8 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&pi_form=true&visitor_id=267396614&visitor_id_sign=9e7b40833419613cc0fc7098343a98d167b0581865b89cf5f732ebce822e8d2d8a802b20cd23edaca6563ad551bec4c718ce5bf6&pi_opt_in=&campaign_id=4663&account_id=221262&title=&url=https%3A%2F%2Fe2.hazeldenbettyford.org%2Fl%2F220262%2F2021-02-09%2F24z8dx&referrer=https%3A%2F%2Fhope.hazeldenbettyford.org%2F
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
ddcab327b285ced92baf05a709d661e5710617537c4ba4cc143057a1e8d4303a

Request headers

Referer
https://e2.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 19:34:27 GMT
Content-Encoding
gzip
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
X-Pardot-Rsp
16/2/82
Vary
Accept-Encoding,User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
1749
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
e2.hazeldenbettyford.org/ Frame DED8 		52 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e2.hazeldenbettyford.org/analytics?conly=true&pi_form=true&visitor_id=267396614&visitor_id_sign=9e7b40833419613cc0fc7098343a98d167b0581865b89cf5f732ebce822e8d2d8a802b20cd23edaca6563ad551bec4c718ce5bf6&pi_opt_in=&campaign_id=4663&account_id=221262&title=&url=https%3A%2F%2Fe2.hazeldenbettyford.org%2Fl%2F220262%2F2021-02-09%2F24z8dx&referrer=https%3A%2F%2Fhope.hazeldenbettyford.org%2F
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&pi_form=true&visitor_id=267396614&visitor_id_sign=9e7b40833419613cc0fc7098343a98d167b0581865b89cf5f732ebce822e8d2d8a802b20cd23edaca6563ad551bec4c718ce5bf6&pi_opt_in=&campaign_id=4663&account_id=221262&title=&url=https%3A%2F%2Fe2.hazeldenbettyford.org%2Fl%2F220262%2F2021-02-09%2F24z8dx&referrer=https%3A%2F%2Fhope.hazeldenbettyford.org%2F
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-2-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
eca19fb64be166fabab688d0cdb2ae946d3370f8124ff0f3f18119cc2d4eb825

Request headers

Referer
https://e2.hazeldenbettyford.org/l/220262/2021-02-09/24z8dx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Mar 2021 19:34:28 GMT
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
7044ba9c794aba658bc1be2f8b8ad85c
X-Pardot-Rsp
16/39/28
Vary
User-Agent
P3p
CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
52
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
embed_shepherd-v1.js
fast.wistia.com/static/ Frame DED8 		0
0
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=QxtxGwdKjvRP8vj57kXa7L&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=67.91999936103821,170.29500007629395,1,621.6849982738495
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://hope.hazeldenbettyford.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 19:34:29 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
185.212.171.67
Content-Type
image/gif
access-control-allow-origin
https://hope.hazeldenbettyford.org
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
access-control-max-age
600
Connection
keep-alive
x-request-id
02tanlqgieqn5vh1j6cg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.leadpages.com
URL
http://www.leadpages.com/assets/js/pardot.min.js
Domain
fast.wistia.com
URL
http://fast.wistia.com/static/embed_shepherd-v1.js

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| LeadPagesCenterObject function| center function| gtag object| dataLayer object| sup object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
e2.hazeldenbettyford.org/ Name: visitor_id220262-hash
Value: 9e7b40833419613cc0fc7098343a98d167b0581865b89cf5f732ebce822e8d2d8a802b20cd23edaca6563ad551bec4c718ce5bf6
e2.hazeldenbettyford.org/ Name: visitor_id220262
Value: 267396614
.hazeldenbettyford.org/ Name: _gat_gtag_UA_46984223_1
Value: 1
.hazeldenbettyford.org/ Name: _gid
Value: GA1.2.1838540165.1615232065
.hazeldenbettyford.org/ Name: _ga
Value: GA1.2.678792522.1615232065

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
ct.coppermail-usa.com
e2.hazeldenbettyford.org
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
go.pardot.com
hope.hazeldenbettyford.org
js.center.io
lh3.googleusercontent.com
pi.pardot.com
static.leadpages.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.leadpages.com
fast.wistia.com
www.leadpages.com
2a00:1450:4001:800::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:813::2013
2a00:1450:4001:827::2003
2a00:1450:4001:829::2013
2a00:1450:4001:82a::2004
2a00:1450:400c:c1b::9a
35.174.150.168
35.192.151.63
35.202.21.90
52.21.178.134
68.233.130.163
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
338de273f529e717971d06587c95a880c0c4240b0cd24e79e14ac07a9522cd1d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41282f161564d870983363584629baecfaaf564bd23f112031763182a5533529
4220dbc583cd4f13de48a27cd1a62189274e9a95e873fe9efdeea095b1000919
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
72cb41e799a37d8d986d7178ccc8938bcfd126236ae3d44220eee61d35980c70
744d368a676dabf6be331840fdf74176a9ad7a784bf3920e3f640c9ed89fc43c
79badf235e92fe69d052a2df85ddd8d5ea24e2378ea8c46d920f51f286a229d8
7a2dd21532e68bb69249e38f9f22315cd53843f618a78b6169c3ae64ac02294f
7be93782718b63bdf0478467dbae39879064f603eb44d42a90a6c6fee1ee81a3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9210c3d6d50fa352f1566e0a2b68b13cb51fac6472d7ce9cf3f85a3c8356f1c3
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8
ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720
c227f56381205b3a07423dd03bca5f591990da87d34a4263ef45a7228c9dfcdb
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c6501f7e756573e8bd7bc36e667c594d8af3444059004af071e87ca2dd9283c1
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
ddcab327b285ced92baf05a709d661e5710617537c4ba4cc143057a1e8d4303a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e5794ec4cf14c9d241c4ae60c9ce80f8f395970703c1d0f952271c4789e5ec16
e6179d265059507881c3a71c7932b714d8081e582c1ddd40dce77279c2b29f2c
eca19fb64be166fabab688d0cdb2ae946d3370f8124ff0f3f18119cc2d4eb825
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629