user.freelife4u.art Open in urlscan Pro
91.107.166.24 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user.freelife4u.art/
Submission: On May 11 via api (May 11th 2023, 3:37:16 pm UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 19 domains to perform 74 HTTP transactions. The main IP is 91.107.166.24, located in Germany and belongs to HETZNER-AS, DE. The main domain is user.freelife4u.art.
TLS certificate: Issued by R3 on May 10th 2023. Valid for: 3 months.

This is the only time user.freelife4u.art was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	91.107.166.24 91.107.166.24	24940 (HETZNER-AS) (HETZNER-AS)
2	104.64.112.151 104.64.112.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.60.14.25 45.60.14.25	19551 (INCAPSULA) (INCAPSULA)
1	2606:4700::68... 2606:4700::6810:262f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1344	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
13	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:2200:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
74	23

27 91.107.166.24 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.24.166.107.91.clients.your-server.de

user.freelife4u.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.64.112.151 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-112-151.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.14.25 (United States)

ASN19551 (INCAPSULA, US)

static.sierraclub.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:262f (United States)

ASN13335 (CLOUDFLARENET, US)

js.maxmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1344 (United States)

ASN13335 (CLOUDFLARENET, US)

geoip-js.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

addup.sierraclub.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:2200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	freelife4u.art user.freelife4u.art	3 MB
15	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39 region1.google-analytics.com — Cisco Umbrella Rank: 2495	22 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	332 KB
5	sierraclub.org static.sierraclub.org — Cisco Umbrella Rank: 963974 addup.sierraclub.org	7 MB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	265 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 645 px4.ads.linkedin.com — Cisco Umbrella Rank: 6490	4 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3754	267 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 695 script.hotjar.com — Cisco Umbrella Rank: 957	73 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	189 KB
2	typography.com cloud.typography.com — Cisco Umbrella Rank: 7019
1	google.de www.google.de — Cisco Umbrella Rank: 5171	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 91	351 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1034	368 B
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 9884	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 885	5 KB
1	geoip-js.com geoip-js.com — Cisco Umbrella Rank: 14167	388 B
1	maxmind.com js.maxmind.com — Cisco Umbrella Rank: 19621	2 KB
1	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 5613	32 KB
74	19

	Domain	Requested by
27	user.freelife4u.art	user.freelife4u.art
13	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	connect.facebook.net	user.freelife4u.art connect.facebook.net
4	www.facebook.com	user.freelife4u.art
4	addup.sierraclub.org	user.freelife4u.art
2	pixel.sitescout.com	user.freelife4u.art
2	px.ads.linkedin.com	2 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	user.freelife4u.art www.googletagmanager.com
2	cloud.typography.com	user.freelife4u.art
1	www.google.de	user.freelife4u.art
1	www.google.com	user.freelife4u.art
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	user.freelife4u.art
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	script.hotjar.com	static.hotjar.com
1	up.pixel.ad	www.googletagmanager.com
1	static.hotjar.com	user.freelife4u.art
1	snap.licdn.com	www.googletagmanager.com
1	geoip-js.com	js.maxmind.com
1	js.maxmind.com	user.freelife4u.art
1	static.sierraclub.org	user.freelife4u.art
1	pro.fontawesome.com	user.freelife4u.art
74	24

This site contains links to these domains. Also see Links.

Domain
act.sierraclub.org
myaccount.sierraclub.org
www.sierraclub.org
store.sierraclub.org
addup.sierraclub.org
contentdev.sierraclub.org
vault.sierraclub.org
www.addup.org
content.sierraclub.org
theluupe.com
facebook.com
instagram.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
user.freelife4u.art R3	`2023-05-10` - `2023-08-08`	3 months	crt.sh
*.typography.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-03-04`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.sierraclub.org Go Daddy Secure Certificate Authority - G2	`2023-01-25` - `2024-02-26`	a year	crt.sh
*.maxmind.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-10-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-17` - `2023-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.pixel.ad GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-24` - `2024-02-02`	a year	crt.sh
addup.sierraclub.org GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-24` - `2024-05-25`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://user.freelife4u.art/
Frame ID: 81D6CC109E0383EDEE7BD1F80340D2BF
Requests: 87 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: CF89ED86F2A204525BEABE5F3A43CF72
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Sierra ClubShapeCombined ShapeCombined ShapeShapeCombined Shapeic_video_youtube_blackSC Logo_Horiz Web Black

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

drupal\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

74
Requests

99 %
HTTPS

61 %
IPv6

19
Domains

24
Subdomains

23
IPs

4
Countries

10779 kB
Transfer

13424 kB
Size

18
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://act.sierraclub.org/donate/rc_connect__campaign_designform?id=7010Z0000027AE2QAM&formcampaignid=70131000001LlnTAAS&ddi=N18ZSCZZ16
Title: Join

Search URL Search Domain Scan URL

URL: https://act.sierraclub.org/donate/rc_connect__campaign_designform?id=7010Z0000027AERQA2&formcampaignid=70131000001LjZ2AAK&ddi=N18ZOTF006
Title: Donate

Search URL Search Domain Scan URL

URL: https://myaccount.sierraclub.org/MyAccountLogin
Title: login

Search URL Search Domain Scan URL

URL: https://www.sierraclub.org/ways-to-give?utm_content=banner
Title: WAYS TO GIVE

Search URL Search Domain Scan URL

URL: https://store.sierraclub.org/storefront.aspx
Title: Shop

Search URL Search Domain Scan URL

URL: https://act.sierraclub.org/donate/rc_connect__campaign_designform?id=70131000001DlRtAAK&formcampaignid=70131000001LjZ2AAK&ddi=N16MOTF006
Title: Donate

Search URL Search Domain Scan URL

URL: https://act.sierraclub.org/donate/rc_connect__campaign_designform?id=7010Z0000027LIjQAM&formcampaignid=70131000001LjZ2AAK&ddi=N18MOTF008&_ga=2.118150991.777137973.1640018222-1270470503.1627584366
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.sierraclub.org/earth-month-livable-planet-for-all?home=
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.sierraclub.org/earth-day?home=
Title: Find an Event

Search URL Search Domain Scan URL

URL: http://addup.sierraclub.org/campaigns/protect-the-habitats-of-the-western-arctic?promoid=7010Z000002799xQAA

Search URL Search Domain Scan URL

URL: https://act.sierraclub.org/donate/rc_connect__campaign_designform?id=7010Z0000027CLyQAM&formcampaignid=70131000001LlnTAAS&ddi=N18ZSCZZ28
Title: Join

Search URL Search Domain Scan URL

URL: https://contentdev.sierraclub.org/take-action?scv=1539466370949

Search URL Search Domain Scan URL

URL: https://vault.sierraclub.org/annual-report-2022/?homepage=
Title: Read More

Search URL Search Domain Scan URL

URL: https://www.addup.org/
Title: See All Campaigns

Search URL Search Domain Scan URL

URL: http://addup.sierraclub.org/campaigns/tell-the-epa-to-slash-emissions-from-cars?promoid=7010Z000002799xQAA

Search URL Search Domain Scan URL

URL: http://addup.sierraclub.org/campaigns/tell-congress-act-now-to-protect-americas-wildlife?promoid=7010Z000002799xQAA

Search URL Search Domain Scan URL

URL: http://addup.sierraclub.org/campaigns/tell-congress-close-the-nature-equity-gap-and-get-more-kids-outside?promoid=7010Z000002799xQAA

Search URL Search Domain Scan URL

URL: https://content.sierraclub.org/outings/adventure-travel
Title: See All

Search URL Search Domain Scan URL

URL: https://content.sierraclub.org/outings

Search URL Search Domain Scan URL

URL: https://theluupe.com/
Title: theluupe.com

Search URL Search Domain Scan URL

URL: https://act.sierraclub.org/donate/rc_connect__campaign_designform?id=7013q000002NSD2AAO&formcampaignid=70131000001iIcQAAU&utm_medium=web&utm_source=sierraclub&utm_campaign=giving&ddi=N22LWOLB01
Title: Give Now >>

Search URL Search Domain Scan URL

URL: https://www.sierraclub.org/terms
Title: Msg & Data Rates May Apply.

Search URL Search Domain Scan URL

URL: https://www.sierraclub.org/privacy
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://act.sierraclub.org/donate/rc_connect__campaign_designform?id=7010Z0000027AT2QAM&formcampaignid=70131000001LlnTAAS&ddi=N18ZSCZZ17
Title: Join

Search URL Search Domain Scan URL

URL: https://act.sierraclub.org/donate/rc_connect__campaign_designform?id=7010Z0000027AT7QAM&formcampaignid=70131000001LjZ2AAK&ddi=N18ZOTF007
Title: Donate

Search URL Search Domain Scan URL

URL: http://facebook.com/sierraclub
Title: Find us on Facebook

Search URL Search Domain Scan URL

URL: http://instagram.com/sierraclub
Title: Find us on Instagram

Search URL Search Domain Scan URL

URL: http://twitter.com/sierraclub
Title: Find us on Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/NationalSierraClub
Title: Find us on YouTube

Search URL Search Domain Scan URL

URL: http://www.sierraclub.org/copyright
Title: Sierra Club 2023

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1683819429903&url=https%3A%2F%2Fuser.freelife4u.art%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1611618%26time%3D1683819429903%26url%3Dhttps%253A%252F%252Fuser.freelife4u.art%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1683819429903&url=https%3A%2F%2Fuser.freelife4u.art%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1683819429903&url=https%3A%2F%2Fuser.freelife4u.art%2F&liSync=true&e_ipv6=AQKTp-7Rk7NYZgAAAYgLdYJAowYrSybLWtMPrDafJ9z54-8lK4zqwsz5LKQbOXOYoKQM0Xk14EFQ9-OctL1QB0AxuGbVWw

74 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
user.freelife4u.art/ 108 KB
29 KB 920ms
847ms Document
text/html 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.freelife4u.art/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.24.166.107.91.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

c79d92b1f7d2559f6980990145e9efd4ac64248760aa7776914bc1e9711183a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=1800, public
content-encoding: gzip
content-language: en
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: *.addthis.com *.akamai.net *.convertexperiments.com *.flickr.com https://*.hotjar.com *.google.com *.sierraclub.org *.twitter.com cdn.ampproject.org cdn.hypemarks.com cdn.jsdelivr.net cdn.optimizely.com connect.facebook.net google-analytics.com google.com googletagmanager.com instagram.com js.maxmind.com maps.googleapis.com partner.googleadservices.com pixel.sitescout.com public.tableau.com reddit.com scribd.com snap.licdn.com unpkg.com v1.addthisedge.com widgets.pinterest.com z.moatads.com; object-src 'self'; style-src 'self' 'unsafe-inline' https: *.sierraclub.org cdn.honey.io cdn.jsdelivr.net cdn.knightlab.com cdnjs.cloudflare.com cloud.typography.com https://*.hotjar.com fonts.googleapis.com google.com pro.fontawesome.com; img-src * 'unsafe-inline' blob: data: https:; media-src 'self' data:; frame-src 'self' https: *.addthis.com *.doubleclick.net *.fls.doubleclick.net *.ggusd.us *.google.com https://*.hotjar.com *.optimizely.com *.s3.amazonaws.com *.sierraclub.org *.stpsb.org *.twitter.com block.opendns.com blocked.goguardian.com calendar.google.com cdn.bannersnack.com ckreport.lisd.net clubvolunteer.org facebook.com funnyordie.com gateway.zscalertwo.net global.acs.prismaaccess.com googletagmanager.com instagram.com m.facebook.com maphub.net meetup.com mozbar.moz.com player.vimeo.com public.tableau.com quorum.us rcm-na.amazon-adsystem.com s7.addthis.com spur.maps.arcgis.com static.contextall.com trustpoint-lax.northcentraltrust.com vpn.myips.org web.facebook.com youtube-nocookie.com youtube.com; frame-ancestors 'self' https: sierraclub.org; child-src 'self'; font-src 'self' data: https: *.sierraclub.org at.alicdn.com cdn.honey.io cdn.jsdelivr.net https://*.hotjar.com fonts.gstatic.com pro.fontawesome.com slant.co; connect-src 'self' https: *.addthis.com *.doubleclick.net *.google-analytics.com *.google.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.optimizely.com *.sierraclub.org cdn.linkedin.oribi.io csp.withgoogle.com facebook.com geoip-js.com google-analytics.com googletagmanager.com logx.optimizely.com m.addthis.com maps.googleapis.com s7.addthis.com secure.geonames.org stats.g.doubleclick.net; report-uri /report-csp-violation; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 11 May 2023 15:37:07 GMT
etag: "1683815470"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 11 May 2023 14:31:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.24.0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Cookie
via: 1.1 varnish-v4
x-cdn: Imperva
x-content-type-options: nosniff nosniff
x-drupal-cache: HIT
x-drupal-dynamic-cache: UNCACHEABLE
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-iinfo: 4-35282750-35282751 NNYN CT(148 298 0) RT(1683819426166 16) q(0 0 5 -1) r(7 8) U12
x-ua-compatible: IE=edge
x-varnish: 14758189

GET
H2 200 google_tag.script.js Show response
user.freelife4u.art/sites/www.sierraclub.org/files/google_tag/gt_container/ 347 B
749 B 66ms
64ms Script
application/javascript 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/google_tag/gt_container/google_tag.script.js?ruhype
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 2102e264d505e68e6c91f793a7bd135d82d89fcfba1b1392cd4397727b3db9c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:07 GMT
content-encoding: gzip
last-modified: Thu, 11 May 2023 13:56:02 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "15b-5fb6b594f6080"
content-type: application/javascript
x-iinfo: 4-35282835-0 0CNN RT(1683819427149 23) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 280

GET
H/1.1 403
Forbidden fonts.css
cloud.typography.com/7941436/6171612/css/ 0
0 422ms
217ms Stylesheet
text/html 104.64.112.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/7941436/6171612/css/fonts.css
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.112.151 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-112-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 css_9low4MDjPJy6euOANAJvH6mZCfNjVQX_QPLKZfuHa9c.css
user.freelife4u.art/sites/www.sierraclub.org/files/css/ 16 KB
4 KB 64ms
63ms Stylesheet
text/css 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/css/css_9low4MDjPJy6euOANAJvH6mZCfNjVQX_QPLKZfuHa9c.css
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: f65a30e0c0e33c9cba7ae38034026f1fa99909f3635505ff40f2ca65fb876bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:07 GMT
content-encoding: gzip
last-modified: Mon, 24 Apr 2023 20:31:02 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "3e7f-5fa1ae2a34d80"
content-type: text/css
x-iinfo: 9-27578285-0 0CNN RT(1683819427149 21) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 3588

GET
H2 200 css_RSBcN53VobeiyTBjyU2vTWJ1EJtZxCBrI52EJ-AUcyY.css
user.freelife4u.art/sites/www.sierraclub.org/files/css/ 879 KB
323 KB 71ms
70ms Stylesheet
text/css 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/css/css_RSBcN53VobeiyTBjyU2vTWJ1EJtZxCBrI52EJ-AUcyY.css
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 45205c379dd5a1b7a2c93063c94daf4d6275109b59c4206b239d8427e0147326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:07 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 22:21:37 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "dbd26-5f916ea2d7e40"
content-type: text/css
x-iinfo: 9-27578286-0 0CNN RT(1683819427149 26) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 329983

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.15.2/css/ 170 KB
32 KB 629ms
571ms Stylesheet
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.15.2/css/all.css
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf2756a13f8fee24efb8378994a43a44150c14fa06dc7ac372e24226b03c220

Request headers

Referer: https://user.freelife4u.art/
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 28 Jun 2021 17:19:52 GMT
server: cloudflare
x-amz-request-id: SC8WRWCQHFWAXEGY
etag: W/"5d0272dee21aa68865e04f1137c93c8b"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7c5b805e59fe37fd-FRA
x-amz-id-2: gjjyMbLTBJuFndRgCr8mQn09vI8IcBCSptcJNjCKPUZ25rGzgRtTcDUHnEb6ka263eJuVAhkYQQ=

GET
H2 200 logo.svg
user.freelife4u.art/sites/www.sierraclub.org/themes/custom/bootpt/ 60 KB
12 KB 59ms
59ms Image
image/svg+xml 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/themes/custom/bootpt/logo.svg
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: f00ef01c2cd99faae652c134f268dd75a04ca46873de766b2e3b89afe4d18f39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 20:47:50 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "eef6-5fa7fb3ed0980"
content-type: image/svg+xml
x-iinfo: 10-43173101-0 0CNN RT(1683819427738 17) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 12069

GET
H2 200 sc-org-hero-image.jpeg
user.freelife4u.art/sites/www.sierraclub.org/files/sc_hero_block_uploads/ 510 KB
511 KB 61ms
61ms Image
image/jpeg 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/sc_hero_block_uploads/sc-org-hero-image.jpeg
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: a3d3bb1d3a2c4b7a815a0ad7553ca578c08bd321c475b0e570e544a285aa53ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
last-modified: Wed, 07 Sep 2022 06:36:19 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "7f6ea-5e81087cc7ec0"
content-type: image/jpeg
x-iinfo: 14-101843263-0 0CNN RT(1683819427803 18) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 521962

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83a296a7b64812fb2b4d69596dd2706baf74459500df296dec7de7bc79e07dad

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a369a0a95e2cb5399ab42e0a3aea14630395a777f2377a48c877a9618e024d3

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3071a2f5a99331d5bfd67ff2523f11d302dd96c86f309401907f1b3e4acda31d

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2443d2fa40d390dfbd572c2ab49096a799893f816108274b34197d65f3e122c3

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7e8b8c0e56bf8cf16a2da06aa069f8da56b9f2ca09332b11ecd42a25372934d

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab5436a3e63056a87f687dc7b8495cabd0e9b931e0996c396ab91fa6d646eead

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b7091866fe819da9d213d6153d11825cec6beb278e85e06d27e9e541943de8b

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a32836e7283aebc2c44b0af41402e6e4c13f242149312d004923e7d6d887669b

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 home-kayaks-beyondcoal.jpg
user.freelife4u.art/sites/default/files/ 459 KB
460 KB 87ms
85ms Image
image/jpeg 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.freelife4u.art/sites/default/files/home-kayaks-beyondcoal.jpg
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 2b7b47df992eb17b7d096e57ace1fba02606001d9ff3b980aa2a6dace7176fc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
last-modified: Tue, 06 Sep 2022 15:43:14 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "72b12-5e8040de24880"
content-type: image/jpeg
x-iinfo: 13-83513838-0 0CNN RT(1683819427916 37) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 469778

GET
H2 200 outings-featured.js Show response
user.freelife4u.art/sites/default/themes/custom/bootpt/js/ 2 KB
1 KB 88ms
86ms Script
application/javascript 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user.freelife4u.art/sites/default/themes/custom/bootpt/js/outings-featured.js
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 773e51ff9d5ae96117767020a1628a35b5522962d935e1faeb57afa217ec2729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 20:47:50 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "6a5-5fa7fb3ed0980"
content-type: application/javascript
x-iinfo: 2-14341236-0 0CNN RT(1683819427916 37) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 629

GET
H2 200 sc-logo-white.svg
user.freelife4u.art/sites/default/themes/custom/bootpt/images/logos/ 59 KB
12 KB 88ms
86ms Image
image/svg+xml 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.freelife4u.art/sites/default/themes/custom/bootpt/images/logos/sc-logo-white.svg
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 6bb26823691a1e2ba4d8cb41787ee88c75959dca1efc5dc8c899897cec84fe61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
content-encoding: gzip
last-modified: Fri, 05 May 2023 14:36:20 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "eb6c-5faf33662e100"
content-type: image/svg+xml
x-iinfo: 2-14341238-0 0CNN RT(1683819427916 40) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 11849

GET
H2 200 js_Z797_cfMlu5Tst0s_8XS0Bu2_f52MIg7Uho7eA2XmDU.js Show response
user.freelife4u.art/sites/www.sierraclub.org/files/js/ 340 KB
93 KB 86ms
84ms Script
application/javascript 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/js/js_Z797_cfMlu5Tst0s_8XS0Bu2_f52MIg7Uho7eA2XmDU.js
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 67bf7bfdc7cc96ee53b2dd2cffc5d2d01bb6fdfe7630883b521a3b780d979835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 19:54:10 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "54e19-5f8b045a61c80"
content-type: application/javascript
x-iinfo: 2-14341237-0 0CNN RT(1683819427916 38) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 94154

GET
H/1.1 403
Forbidden fonts.css
cloud.typography.com/7941436/6171612/css/ 0
0 107ms
45ms Stylesheet
text/html 104.64.112.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/7941436/6171612/css/fonts.css
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.112.151 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-112-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H/1.1 200
OK form-submission_drupal.js Show response
static.sierraclub.org/resources/knowwho/js/ 11 KB
4 KB 703ms
614ms Script
application/javascript 45.60.14.25
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sierraclub.org/resources/knowwho/js/form-submission_drupal.js
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.14.25 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Apache /
Resource Hash: d432f91683e2da7aaf2f7135c350791f1de8407ab70c4b1f3cbbd670b97a1f6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Thu, 11 May 2023 15:37:08 GMT
Via: 1.1 varnish-v4
Content-Encoding: gzip
Last-Modified: Tue, 09 May 2023 23:41:19 GMT
Server: Apache
X-CDN: Imperva
Age: 0
ETag: "2b95-5fb4b4ac385c0"
Transfer-Encoding: chunked
X-Varnish: 14758198
Content-Type: application/javascript
X-Iinfo: 14-148247039-148247048 NNYN CT(151 291 0) RT(1683819428297 34) q(0 0 4 0) r(6 6) U9
Accept-Ranges: bytes, bytes

GET
H2 200 js_XBT4TroW-ZbxGpSXt1QmpUY2iIbzf0ov8lcDR9fZ528.js Show response
user.freelife4u.art/sites/www.sierraclub.org/files/js/ 7 KB
3 KB 83ms
82ms Script
application/javascript 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/js/js_XBT4TroW-ZbxGpSXt1QmpUY2iIbzf0ov8lcDR9fZ528.js
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 5c14f84eba16f996f11a9497b75426a546368886f37f4a2ff2570347d7d9e76f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
content-encoding: gzip
last-modified: Thu, 20 Apr 2023 16:59:35 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "1d8c-5f9c777118bc0"
content-type: application/javascript
x-iinfo: 3-25952770-0 0CNN RT(1683819427916 36) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 2705

GET
H2 200 geoip2.js Show response
js.maxmind.com/js/apis/geoip2/v2.0/ 3 KB
2 KB 95ms
33ms Script
application/javascript 2606:4700::6810:262f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.maxmind.com/js/apis/geoip2/v2.0/geoip2.js
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:262f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 637c71a706d26a0d6f41e1a15b6d034443ab446e714541b9ab28ed967f676ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 May 2023 19:39:33 GMT
server: cloudflare
age: 778
etag: W/"645bf2f5-def"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7c5b80630e3f35e4-FRA
expires: Thu, 11 May 2023 19:37:08 GMT

GET
H2 200 js_9Ycc28h8W05Cr_CvuX5plRCXO6sCYhel09QRavOFKS4.js Show response
user.freelife4u.art/sites/www.sierraclub.org/files/js/ 33 KB
9 KB 84ms
84ms Script
application/javascript 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/js/js_9Ycc28h8W05Cr_CvuX5plRCXO6sCYhel09QRavOFKS4.js
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: f5871cdbc87c5b4e42aff0afb97e699510973bab026217a5d3d4116af385292e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 16:54:32 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "84e9-5f912586fc200"
content-type: application/javascript
x-iinfo: 0-4896516-0 0CNN RT(1683819427916 36) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 9177

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 85ms
23ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

10c6cd31161c3182d483a1ded362983f562ff49ee979ea0632b668dac1a577d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://user.freelife4u.art/
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 May 2023 15:37:08 GMT
content-md5: zsAE3Z6CR8anylAAUbyslw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: U4ZzQNADRswP1zt3KNtzsFnzB2PCjOcsvXtdBoBIKj35LQkUbcjLfq3JLJWYVduXYImTookyqWOJdUdzGXTOcw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 8209527d4941eace2cf27cbb0563a76f
cross-origin-opener-policy: same-origin-allow-popups
etag: "c8c2ecd36e819daa90c332cc235202c5"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=()
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 11 May 2023 15:45:44 GMT

GET
H2 200 Arctic%20National%20Wildlife%20Refuge%20%28ANWR%29-Alexis%20Bonogofsky%2C%20U.S.%20Fish%20and%20Wildlife%20Service-public%20domain%20%283%29.jpg.webp
user.freelife4u.art/sites/www.sierraclub.org/files/styles/pt_story_card/public/2023-03/ 15 KB
15 KB 79ms
74ms Image
image/webp 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/styles/pt_story_card/public/2023-03/Arctic%20National%20Wildlife%20Refuge%20%28ANWR%29-Alexis%20Bonogofsky%2C%20U.S.%20Fish%20and%20Wildlife%20Service-public%20domain%20%283%29.jpg.webp?itok=E6vrxFl5
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: f3ab79e9ef2f08c1662b66cb93e6076f71e08841ee67a4c1fd5b39340b5eb0b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
last-modified: Fri, 17 Mar 2023 17:22:18 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "3bf6-5f71bd1b48680"
content-type: image/webp
x-iinfo: 1-7851167-0 0CNN RT(1683819427920 32) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 15350

GET
H2 200 line5-07-Bay-Mills-President-Whitney-Gravelle-1600px.jpg.webp
user.freelife4u.art/sites/www.sierraclub.org/files/styles/pt_story_card/public/2023-03/ 10 KB
10 KB 97ms
93ms Image
image/webp 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/styles/pt_story_card/public/2023-03/line5-07-Bay-Mills-President-Whitney-Gravelle-1600px.jpg.webp?itok=Jtp5LTLC
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 303961791ef5eaeff73ddcb09cded2df9b1b991cdb516554fe8e5a0092d7dbfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
last-modified: Fri, 17 Mar 2023 17:25:04 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "270e-5f71bdb997c00"
content-type: image/webp
x-iinfo: 1-7851168-0 0CNN RT(1683819427920 39) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 9998

GET
H2 200 SIERRA-GREEN%20EARTH%20MONTH-TN.jpg.webp
user.freelife4u.art/sites/www.sierraclub.org/files/styles/pt_story_card/public/2023-04/ 17 KB
17 KB 80ms
76ms Image
image/webp 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/styles/pt_story_card/public/2023-04/SIERRA-GREEN%20EARTH%20MONTH-TN.jpg.webp?itok=3Kiaud4V
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 18d010c1f5a21aae76697ba28a56e2ec5d8bea153d754077dced541ba13ca70d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
last-modified: Tue, 04 Apr 2023 13:19:43 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "4332-5f882874d99c0"
content-type: image/webp
x-iinfo: 4-35282919-0 0CNN RT(1683819427920 35) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 17202

GET
H2 200 homepage-earth-month-earth%20sign%20gardening-Genya%20O%27Neall%2C%20The%20Luupe-2021-attribution%20required.jpg
user.freelife4u.art/sites/www.sierraclub.org/files/2023-04/ 227 KB
228 KB 95ms
91ms Image
image/jpeg 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/2023-04/homepage-earth-month-earth%20sign%20gardening-Genya%20O%27Neall%2C%20The%20Luupe-2021-attribution%20required.jpg
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 724e161ba4188b5e05706cdc9b6a70c84940cbf7a7ea3f3727b97a6a8c886867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
last-modified: Wed, 05 Apr 2023 20:52:54 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "38c8b-5f89cf9dab580"
content-type: image/jpeg
x-iinfo: 13-83513840-0 0CNN RT(1683819427920 38) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 232587

GET
H2 200 sierra-club-member.jpg
user.freelife4u.art/sites/www.sierraclub.org/files/callout-block/ 318 KB
318 KB 104ms
101ms Image
image/jpeg 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/callout-block/sierra-club-member.jpg
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 942ef3dbd45b5a35c9b090b30963fe1a6e23e78f99a4ebc401714709a31fd15a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
last-modified: Tue, 06 Sep 2022 15:43:09 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "4f67f-5e8040d95fd40"
content-type: image/jpeg
x-iinfo: 11-57041237-0 0CNN RT(1683819427957 21) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 325247

GET
H2 200 Homepage-annual-report.jpg
user.freelife4u.art/sites/www.sierraclub.org/files/2022-12/ 745 KB
746 KB 112ms
109ms Image
image/jpeg 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/2022-12/Homepage-annual-report.jpg
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 87b631d45248b3cbb58834a270a82d7c797ddb260e74b7b2d843d2a9b1a7f270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
last-modified: Tue, 20 Dec 2022 22:37:34 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "ba3f0-5f04a14fe2780"
content-type: image/jpeg
x-iinfo: 1-7851169-0 0CNN RT(1683819427957 26) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 762864

GET
H2 200 SIERRA-QUEER%20DUCKS%204-TN.jpg.webp
user.freelife4u.art/sites/www.sierraclub.org/files/styles/pt_story_card/public/2023-02/ 21 KB
22 KB 684ms
682ms Image
image/webp 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.freelife4u.art/sites/www.sierraclub.org/files/styles/pt_story_card/public/2023-02/SIERRA-QUEER%20DUCKS%204-TN.jpg.webp?itok=UBIs5nLa

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.24.166.107.91.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

80addb2bda1df02766f6c702c628cdbf12704cecb3267093c5252c7199b14ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
last-modified: Fri, 17 Mar 2023 19:15:59 GMT
server: nginx/1.24.0
x-cdn: Imperva
age: 0
etag: "54ca-5f71d6844b9c0"
content-type: image/webp
x-varnish: 14118338
x-iinfo: 10-43173135-43173137 NNNN CT(141 142 0) RT(1683819427957 21) q(0 0 3 -1) r(5 6) U18
cache-control: max-age=0
accept-ranges: bytes, bytes
content-length: 21706

GET
H2 200 homepage-numbers-grand-tetons-iStock-516221119.jpg
user.freelife4u.art/sites/www.sierraclub.org/files/impact/ 459 KB
460 KB 111ms
110ms Image
image/jpeg 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/impact/homepage-numbers-grand-tetons-iStock-516221119.jpg
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 5118e7deca96407d0f4ddc29aa0f0c270fefb71d62ab2cb29f38b4d1f3d683ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:08 GMT
last-modified: Tue, 06 Sep 2022 15:51:35 GMT
server: nginx/1.24.0
x-cdn: Imperva
etag: "72ac2-5e8042bbeefc0"
content-type: image/jpeg
x-iinfo: 7-44842960-0 0CNN RT(1683819427957 28) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 469698

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecff13d384d78fb4516cdf20bd7a27fd7de782f3ef33bb2efbec27e04e5aae4a

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69cc84c5d2e97ca7bcaecb8c951576296cda235b8d05666943c23df43909f8a0

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 16 KB
16 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1a861351af5131fcd66fd9ffcb24f153dc12bd463eecdc9965f501c3cda937d

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed67fb27cde9671cb5972100ddce791b88a251b7edee85db66c3b72f19a5f429

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bc635db98cd9bd785d7383200e8c7c2714ce835253dc863e957c6010338a7b7

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfca9b45a47277c729c1be3f86c3c9e862c878682554cd9130243eb4af3c2f88

Request headers

Referer
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 24ms
23ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=605971bea244b84f38fd6e72b6f7e061

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a64667ec4defb8065ce8ffe799b32bf6d98ba5d141fa7024c8de4c9ba624154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://user.freelife4u.art/
Origin: https://user.freelife4u.art
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 May 2023 15:37:08 GMT
content-md5: KzmbDPn2hBJOkKe/vLf8Gw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88644
x-fb-rlafr: 0
x-fb-debug: edtZbuVaTz9AoAjoO6owLROuAnL5ZuWWPr0FFqUav3DT0nz1Pe8snCkbG6A8dQk3boiSii2x5u/1yxnMU+NMTA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 0e3c14df5d6e40636af5ddb170c88256
cross-origin-opener-policy: same-origin-allow-popups
etag: "d6a547514de39efe8c0b02c56b393e61"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=()
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 10 May 2024 12:30:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 374 KB
108 KB 118ms
64ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6QS96

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/google_tag/gt_container/google_tag.script.js?ruhype

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60a626b6a0756c8ebf156f9be59de927ed5c29ea222a6e2a6b61f912e3da14fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110625
x-xss-protection: 0
last-modified: Thu, 11 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 May 2023 15:37:09 GMT

GET
H2 200 load Show response
user.freelife4u.art/sc_events_campaigns/761172/448470/ 2 KB
3 KB 736ms
735ms XHR
application/json 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.freelife4u.art/sc_events_campaigns/761172/448470/load

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/js/js_Z797_cfMlu5Tst0s_8XS0Bu2_f52MIg7Uho7eA2XmDU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.24.166.107.91.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

a4c4dc8650c7c55df3e80d45306d37825194c85eca0ba1af39140e0cdd26f57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://user.freelife4u.art/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
via: 1.1 varnish-v4
x-cdn: Imperva
age: 0
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: *.addthis.com *.akamai.net *.convertexperiments.com *.flickr.com https://*.hotjar.com *.google.com *.sierraclub.org *.twitter.com cdn.ampproject.org cdn.hypemarks.com cdn.jsdelivr.net cdn.optimizely.com connect.facebook.net google-analytics.com google.com googletagmanager.com instagram.com js.maxmind.com maps.googleapis.com partner.googleadservices.com pixel.sitescout.com public.tableau.com reddit.com scribd.com snap.licdn.com unpkg.com v1.addthisedge.com widgets.pinterest.com z.moatads.com; object-src 'self'; style-src 'self' 'unsafe-inline' https: *.sierraclub.org cdn.honey.io cdn.jsdelivr.net cdn.knightlab.com cdnjs.cloudflare.com cloud.typography.com https://*.hotjar.com fonts.googleapis.com google.com pro.fontawesome.com; img-src * 'unsafe-inline' blob: data: https:; media-src 'self' data:; frame-src 'self' https: *.addthis.com *.doubleclick.net *.fls.doubleclick.net *.ggusd.us *.google.com https://*.hotjar.com *.optimizely.com *.s3.amazonaws.com *.sierraclub.org *.stpsb.org *.twitter.com block.opendns.com blocked.goguardian.com calendar.google.com cdn.bannersnack.com ckreport.lisd.net clubvolunteer.org facebook.com funnyordie.com gateway.zscalertwo.net global.acs.prismaaccess.com googletagmanager.com instagram.com m.facebook.com maphub.net meetup.com mozbar.moz.com player.vimeo.com public.tableau.com quorum.us rcm-na.amazon-adsystem.com s7.addthis.com spur.maps.arcgis.com static.contextall.com trustpoint-lax.northcentraltrust.com vpn.myips.org web.facebook.com youtube-nocookie.com youtube.com; frame-ancestors 'self' https: sierraclub.org; child-src 'self'; font-src 'self' data: https: *.sierraclub.org at.alicdn.com cdn.honey.io cdn.jsdelivr.net https://*.hotjar.com fonts.gstatic.com pro.fontawesome.com slant.co; connect-src 'self' https: *.addthis.com *.doubleclick.net *.google-analytics.com *.google.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.optimizely.com *.sierraclub.org cdn.linkedin.oribi.io csp.withgoogle.com facebook.com geoip-js.com google-analytics.com googletagmanager.com logx.optimizely.com m.addthis.com maps.googleapis.com s7.addthis.com secure.geonames.org stats.g.doubleclick.net; report-uri /report-csp-violation; upgrade-insecure-requests
x-iinfo: 6-28582388-28582389 NNYN CT(141 142 0) RT(1683819428628 24) q(0 0 3 -1) r(7 7) U2
content-encoding: gzip
x-ua-compatible: IE=edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.24.0
x-frame-options: SAMEORIGIN
content-language: en
content-type: application/json
x-generator: Drupal 9 (https://www.drupal.org)
x-varnish: 8495877
cache-control: must-revalidate, no-cache, private
accept-ranges: bytes
expires: -1

GET
H2 200 load Show response
user.freelife4u.art/sc_events_campaigns/449640/448470/ 5 KB
3 KB 1731ms
1731ms XHR
application/json 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.freelife4u.art/sc_events_campaigns/449640/448470/load

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/js/js_Z797_cfMlu5Tst0s_8XS0Bu2_f52MIg7Uho7eA2XmDU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.24.166.107.91.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

63afca877fa5e5795c5af8d9c663bdcd825674026aa8379e77e6712d116aeed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://user.freelife4u.art/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
via: 1.1 varnish-v4
x-cdn: Imperva
age: 0
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: *.addthis.com *.akamai.net *.convertexperiments.com *.flickr.com https://*.hotjar.com *.google.com *.sierraclub.org *.twitter.com cdn.ampproject.org cdn.hypemarks.com cdn.jsdelivr.net cdn.optimizely.com connect.facebook.net google-analytics.com google.com googletagmanager.com instagram.com js.maxmind.com maps.googleapis.com partner.googleadservices.com pixel.sitescout.com public.tableau.com reddit.com scribd.com snap.licdn.com unpkg.com v1.addthisedge.com widgets.pinterest.com z.moatads.com; object-src 'self'; style-src 'self' 'unsafe-inline' https: *.sierraclub.org cdn.honey.io cdn.jsdelivr.net cdn.knightlab.com cdnjs.cloudflare.com cloud.typography.com https://*.hotjar.com fonts.googleapis.com google.com pro.fontawesome.com; img-src * 'unsafe-inline' blob: data: https:; media-src 'self' data:; frame-src 'self' https: *.addthis.com *.doubleclick.net *.fls.doubleclick.net *.ggusd.us *.google.com https://*.hotjar.com *.optimizely.com *.s3.amazonaws.com *.sierraclub.org *.stpsb.org *.twitter.com block.opendns.com blocked.goguardian.com calendar.google.com cdn.bannersnack.com ckreport.lisd.net clubvolunteer.org facebook.com funnyordie.com gateway.zscalertwo.net global.acs.prismaaccess.com googletagmanager.com instagram.com m.facebook.com maphub.net meetup.com mozbar.moz.com player.vimeo.com public.tableau.com quorum.us rcm-na.amazon-adsystem.com s7.addthis.com spur.maps.arcgis.com static.contextall.com trustpoint-lax.northcentraltrust.com vpn.myips.org web.facebook.com youtube-nocookie.com youtube.com; frame-ancestors 'self' https: sierraclub.org; child-src 'self'; font-src 'self' data: https: *.sierraclub.org at.alicdn.com cdn.honey.io cdn.jsdelivr.net https://*.hotjar.com fonts.gstatic.com pro.fontawesome.com slant.co; connect-src 'self' https: *.addthis.com *.doubleclick.net *.google-analytics.com *.google.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.optimizely.com *.sierraclub.org cdn.linkedin.oribi.io csp.withgoogle.com facebook.com geoip-js.com google-analytics.com googletagmanager.com logx.optimizely.com m.addthis.com maps.googleapis.com s7.addthis.com secure.geonames.org stats.g.doubleclick.net; report-uri /report-csp-violation; upgrade-insecure-requests
x-iinfo: 3-25952816-25952817 NNYN CT(142 142 0) RT(1683819428628 24) q(0 0 3 -1) r(17 17) U2
content-encoding: gzip
x-ua-compatible: IE=edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.24.0
x-frame-options: SAMEORIGIN
content-language: en
content-type: application/json
x-generator: Drupal 9 (https://www.drupal.org)
x-varnish: 13938301
cache-control: must-revalidate, no-cache, private
accept-ranges: bytes
expires: -1

GET
H2 200 load Show response
user.freelife4u.art/sc_events_campaigns/449642/448470/ 3 KB
3 KB 737ms
737ms XHR
application/json 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.freelife4u.art/sc_events_campaigns/449642/448470/load

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/js/js_Z797_cfMlu5Tst0s_8XS0Bu2_f52MIg7Uho7eA2XmDU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.24.166.107.91.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

b22bd907a0c9e106e0c398ded5703593034f14bbffdcf7760c1eb7020b9e599f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://user.freelife4u.art/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
via: 1.1 varnish-v4
x-cdn: Imperva
age: 0
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: *.addthis.com *.akamai.net *.convertexperiments.com *.flickr.com https://*.hotjar.com *.google.com *.sierraclub.org *.twitter.com cdn.ampproject.org cdn.hypemarks.com cdn.jsdelivr.net cdn.optimizely.com connect.facebook.net google-analytics.com google.com googletagmanager.com instagram.com js.maxmind.com maps.googleapis.com partner.googleadservices.com pixel.sitescout.com public.tableau.com reddit.com scribd.com snap.licdn.com unpkg.com v1.addthisedge.com widgets.pinterest.com z.moatads.com; object-src 'self'; style-src 'self' 'unsafe-inline' https: *.sierraclub.org cdn.honey.io cdn.jsdelivr.net cdn.knightlab.com cdnjs.cloudflare.com cloud.typography.com https://*.hotjar.com fonts.googleapis.com google.com pro.fontawesome.com; img-src * 'unsafe-inline' blob: data: https:; media-src 'self' data:; frame-src 'self' https: *.addthis.com *.doubleclick.net *.fls.doubleclick.net *.ggusd.us *.google.com https://*.hotjar.com *.optimizely.com *.s3.amazonaws.com *.sierraclub.org *.stpsb.org *.twitter.com block.opendns.com blocked.goguardian.com calendar.google.com cdn.bannersnack.com ckreport.lisd.net clubvolunteer.org facebook.com funnyordie.com gateway.zscalertwo.net global.acs.prismaaccess.com googletagmanager.com instagram.com m.facebook.com maphub.net meetup.com mozbar.moz.com player.vimeo.com public.tableau.com quorum.us rcm-na.amazon-adsystem.com s7.addthis.com spur.maps.arcgis.com static.contextall.com trustpoint-lax.northcentraltrust.com vpn.myips.org web.facebook.com youtube-nocookie.com youtube.com; frame-ancestors 'self' https: sierraclub.org; child-src 'self'; font-src 'self' data: https: *.sierraclub.org at.alicdn.com cdn.honey.io cdn.jsdelivr.net https://*.hotjar.com fonts.gstatic.com pro.fontawesome.com slant.co; connect-src 'self' https: *.addthis.com *.doubleclick.net *.google-analytics.com *.google.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.optimizely.com *.sierraclub.org cdn.linkedin.oribi.io csp.withgoogle.com facebook.com geoip-js.com google-analytics.com googletagmanager.com logx.optimizely.com m.addthis.com maps.googleapis.com s7.addthis.com secure.geonames.org stats.g.doubleclick.net; report-uri /report-csp-violation; upgrade-insecure-requests
x-iinfo: 8-18754352-18754354 NNYN CT(141 142 0) RT(1683819428628 26) q(0 0 3 -1) r(7 7) U2
content-encoding: gzip
x-ua-compatible: IE=edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.24.0
x-frame-options: SAMEORIGIN
content-language: en
content-type: application/json
x-generator: Drupal 9 (https://www.drupal.org)
x-varnish: 4664459
cache-control: must-revalidate, no-cache, private
accept-ranges: bytes
expires: -1

GET
H2 200 load Show response
user.freelife4u.art/sc_events_campaigns/449643/448470/ 2 KB
3 KB 732ms
732ms XHR
application/json 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.freelife4u.art/sc_events_campaigns/449643/448470/load

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/js/js_Z797_cfMlu5Tst0s_8XS0Bu2_f52MIg7Uho7eA2XmDU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.24.166.107.91.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

d26446e6339a02c290422a455cf72007bc1886a4ba723a97737a34d61cc7bc8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://user.freelife4u.art/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
via: 1.1 varnish-v4
x-cdn: Imperva
age: 0
content-security-policy-report-only: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: *.addthis.com *.akamai.net *.convertexperiments.com *.flickr.com https://*.hotjar.com *.google.com *.sierraclub.org *.twitter.com cdn.ampproject.org cdn.hypemarks.com cdn.jsdelivr.net cdn.optimizely.com connect.facebook.net google-analytics.com google.com googletagmanager.com instagram.com js.maxmind.com maps.googleapis.com partner.googleadservices.com pixel.sitescout.com public.tableau.com reddit.com scribd.com snap.licdn.com unpkg.com v1.addthisedge.com widgets.pinterest.com z.moatads.com; object-src 'self'; style-src 'self' 'unsafe-inline' https: *.sierraclub.org cdn.honey.io cdn.jsdelivr.net cdn.knightlab.com cdnjs.cloudflare.com cloud.typography.com https://*.hotjar.com fonts.googleapis.com google.com pro.fontawesome.com; img-src * 'unsafe-inline' blob: data: https:; media-src 'self' data:; frame-src 'self' https: *.addthis.com *.doubleclick.net *.fls.doubleclick.net *.ggusd.us *.google.com https://*.hotjar.com *.optimizely.com *.s3.amazonaws.com *.sierraclub.org *.stpsb.org *.twitter.com block.opendns.com blocked.goguardian.com calendar.google.com cdn.bannersnack.com ckreport.lisd.net clubvolunteer.org facebook.com funnyordie.com gateway.zscalertwo.net global.acs.prismaaccess.com googletagmanager.com instagram.com m.facebook.com maphub.net meetup.com mozbar.moz.com player.vimeo.com public.tableau.com quorum.us rcm-na.amazon-adsystem.com s7.addthis.com spur.maps.arcgis.com static.contextall.com trustpoint-lax.northcentraltrust.com vpn.myips.org web.facebook.com youtube-nocookie.com youtube.com; frame-ancestors 'self' https: sierraclub.org; child-src 'self'; font-src 'self' data: https: *.sierraclub.org at.alicdn.com cdn.honey.io cdn.jsdelivr.net https://*.hotjar.com fonts.gstatic.com pro.fontawesome.com slant.co; connect-src 'self' https: *.addthis.com *.doubleclick.net *.google-analytics.com *.google.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.optimizely.com *.sierraclub.org cdn.linkedin.oribi.io csp.withgoogle.com facebook.com geoip-js.com google-analytics.com googletagmanager.com logx.optimizely.com m.addthis.com maps.googleapis.com s7.addthis.com secure.geonames.org stats.g.doubleclick.net; report-uri /report-csp-violation; upgrade-insecure-requests
x-iinfo: 2-14341251-14341252 NNYN CT(143 142 0) RT(1683819428628 30) q(0 0 3 -1) r(7 7) U2
content-encoding: gzip
x-ua-compatible: IE=edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.24.0
x-frame-options: SAMEORIGIN
content-language: en
content-type: application/json
x-generator: Drupal 9 (https://www.drupal.org)
x-varnish: 14758205
cache-control: must-revalidate, no-cache, private
accept-ranges: bytes
expires: -1

GET
H2 401 me Show response
geoip-js.com/geoip/v2.0/city/ 186 B
388 B 121ms
46ms XHR
application/vnd.maxmind.com-error+json 2606:4700::6812:1344
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip-js.com/geoip/v2.0/city/me?referrer=https%3A%2F%2Fuser.freelife4u.art

Requested by

Host: js.maxmind.com
URL: https://js.maxmind.com/js/apis/geoip2/v2.0/geoip2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1344 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

420cb1127cfdefa2bb7e1b9cf7edb91cd515c5136904ff1d4e13495b7437cf2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/vnd.maxmind.com-error+json; charset=UTF-8; version=2.0
access-control-allow-origin: *
cf-ray: 7c5b8067dd452c52-FRA
content-length: 186

POST
H2 200 statistics.php Show response
user.freelife4u.art/core/modules/statistics/ 0
463 B 538ms
534ms XHR
text/html 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.freelife4u.art/core/modules/statistics/statistics.php

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/js/js_Z797_cfMlu5Tst0s_8XS0Bu2_f52MIg7Uho7eA2XmDU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.24.166.107.91.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://user.freelife4u.art/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 11 May 2023 15:37:09 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
server: nginx/1.24.0
x-cdn: Imperva
age: 0
x-varnish: 14849653
content-type: text/html; charset=UTF-8
x-iinfo: 8-18754356-18754358 NNNN CT(142 142 0) RT(1683819428673 17) q(0 0 3 -1) r(5 5) U6
accept-ranges: bytes
content-length: 0

GET
H2 502 outingsproxy Show response
user.freelife4u.art/api-proxy/ 559 B
631 B 522ms
521ms XHR
text/html 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user.freelife4u.art/api-proxy/outingsproxy?_api_proxy_uri=featured.json
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/js/js_Z797_cfMlu5Tst0s_8XS0Bu2_f52MIg7Uho7eA2XmDU.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 7a24b36a457f3a757a3ae6de36c80fe23c86eab7c7429d48c459b5e6eff19004

Request headers

Accept: */*
Referer: https://user.freelife4u.art/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:09 GMT
server: nginx/1.24.0
content-length: 559
content-type: text/html

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 700ms
36ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6QS96

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=14655
accept-ranges: bytes
content-length: 4777

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
27 KB 51ms
25ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 May 2023 15:37:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: VJy1SRTKTc3sNmEFdjyrv6t7mK0N0D5mgLB/uncFUAYBF+LowB8PYwhPa6nPv7w20WlE0iphna7FfyZVZ8YIBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-152373.js Show response
static.hotjar.com/c/ 12 KB
5 KB 680ms
35ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-152373.js?sv=5

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

6537581d22bc8b20c25c5e72db2365ac785578c8b5d6be11b4fecf41057c31d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 11 May 2023 15:37:09 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 15
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/b275bc031d3038b32f16c0bee474f18d
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: z_pfxrSml3SuLIOtyvklI1zcN0l_CHzT7Oa5sh83-W7xXAMqGcUuww==

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 677ms
22ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6QS96
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:09 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 85346
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: d104f13f2a26e2afdf2cd9cfe9e9d155

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
80 KB 43ms
41ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-41DQ5KQCWV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6QS96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d24a34642cb8760fd87bcc1d82297c9e7c31306b9f648be15a4face70fa70171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81883
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 May 2023 15:37:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 666ms
21ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6QS96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 May 2023 15:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1929
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 11 May 2023 17:05:00 GMT

GET
H2 200 images
addup.sierraclub.org/ 2 MB
2 MB 226ms
76ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://addup.sierraclub.org/images?file=0b088a655b775f58b14b8b597c7880c072b7b56c.jpg

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

757093a3c742dede5c43c3d30adf8204f25c71e55ad6bd76d564c691119f141f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 11 May 2023 15:37:09 GMT
via: 1.1 varnish
x-geoip-city: bensheim
strict-transport-security: max-age=300
age: 191625
x-cache: HIT
content-length: 1729225
x-served-by: cache-fra-etou8220066-FRA
last-modified: Tue, 28 Feb 2023 14:06:37 GMT
server: nginx/1.16.1
x-timer: S1683819430.865406,VS0,VE7
etag: "1f3bb8303c938a25f48a3dcad1264042"
x-geoip-region: HE
vary: X-Forwarded-Host,Accept-Encoding
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=2592000
x-geoip-postalcode: 64625
accept-ranges: bytes
expires: Thu, 08 Jun 2023 10:23:24 GMT

GET
H2 200 images
addup.sierraclub.org/ 2 MB
2 MB 178ms
28ms Image
image/jpeg 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://addup.sierraclub.org/images?file=27e149f7ee27ebbce77af86d240258c26ea01de2.jpg

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

4f0ab16ec49a44daa7ecd4e6c9260beed96bbad40720036e1509a0f8bf7deb67

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 11 May 2023 15:37:09 GMT
via: 1.1 varnish
x-geoip-city: bensheim
strict-transport-security: max-age=300
age: 119868
x-cache: HIT
content-length: 1845657
x-served-by: cache-fra-etou8220066-FRA
last-modified: Fri, 05 May 2023 20:28:11 GMT
server: nginx/1.16.1
x-timer: S1683819430.865563,VS0,VE7
etag: "e0c5f7ba936478fc062a681866b94abc"
x-geoip-region: HE
vary: X-Forwarded-Host,Accept-Encoding
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=2592000
x-geoip-postalcode: 64625
accept-ranges: bytes
expires: Fri, 09 Jun 2023 06:19:22 GMT

GET
H2 502 outingsproxy Show response
user.freelife4u.art/api-proxy/ 559 B
631 B 521ms
521ms XHR
text/html 91.107.166.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user.freelife4u.art/api-proxy/outingsproxy?_api_proxy_uri=featured.json
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/sites/www.sierraclub.org/files/js/js_Z797_cfMlu5Tst0s_8XS0Bu2_f52MIg7Uho7eA2XmDU.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.107.166.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.166.107.91.clients.your-server.de
Software: nginx/1.24.0 /
Resource Hash: 7a24b36a457f3a757a3ae6de36c80fe23c86eab7c7429d48c459b5e6eff19004

Request headers

Accept: */*
Referer: https://user.freelife4u.art/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:10 GMT
server: nginx/1.24.0
content-length: 559
content-type: text/html

GET
H3 200 1456954507875619 Show response
connect.facebook.net/signals/config/ 379 KB
108 KB 26ms
24ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1456954507875619?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d5a008fb7fabb36579cb8584ecc14a017e324500d4f5eeaa55f1dd86faffafb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 May 2023 15:37:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110497
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: GKqlkqSTnsX3iSExiAQodWxX02bJnOSIzE+Wm5kewMZ4WT7trL6Ppw4gofongaRB7s5weADXsiIc17h9fBaPHA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 97ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-41DQ5KQCWV&gtm=45je3580h1&_p=1868372147&cid=1867863758.1683819430&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683819429&sct=1&seg=0&dl=https%3A%2F%2Fuser.freelife4u.art%2F&dt=Home%20%7C%20Sierra%20Club&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-41DQ5KQCWV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.6fed24b60091da3b9aa3.js Show response
script.hotjar.com/ 264 KB
68 KB 83ms
30ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6fed24b60091da3b9aa3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-152373.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

7abd2d7bbafa11f84e45b3fff7bd865618bd3617e6aaa9eed562fa233b12d165

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 11:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 16262
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69318
last-modified: Thu, 11 May 2023 11:06:06 GMT
etag: "b79d54f0943fddf3924fb2bed52eceb4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: gthd1Y-a9c088W6r041yUxVNqb0NpgohZQBTnTSl1wS21QUcgS_r0g==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1611618/domain/user.freelife4u.art/ 36 B
368 B 286ms
190ms XHR
application/json 2600:9000:20eb:2200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1611618/domain/user.freelife4u.art/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:10 GMT
content-encoding: gzip
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: F7UW4GvaPDzrwNsj3zE2OEHpOyPoolZHDVJPaOdodDwuyViaMchs8A==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1683819429903&url=https%3A%2F%2Fuser.freelife4u.art%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1611618%26time%3D1683819429903%26url%3Dhttps%253A%252F%252Fuser.freelife4u.art%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1683819429903&url=https%3A%2F%2Fuser.freelife4u.art%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1683819429903&url=https%3A%2F%2Fuser.freelife4u.art%2F&liSync=true&e_ipv6=AQKTp-7Rk7NYZgAAAYgLdYJAowYrSybLWtMPrDafJ9z54-8lK4zqwsz5LK...

0
266 B

245ms
172ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1683819429903&url=https%3A%2F%2Fuser.freelife4u.art%2F&liSync=true&e_ipv6=AQKTp-7Rk7NYZgAAAYgLdYJAowYrSybLWtMPrDafJ9z54-8lK4zqwsz5LKQbOXOYoKQM0Xk14EFQ9-OctL1QB0AxuGbVWw
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 15:37:10 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 96CF009E6DC747D9BC49FCDE4096401E Ref B: DUS30EDGE0806 Ref C: 2023-05-11T15:37:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7bMMIWKirb9oQfn7ehQ==

Redirect headers

date: Thu, 11 May 2023 15:37:10 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5C394AA394434F1BBF8693A404D7AAF0 Ref B: DUS30EDGE0406 Ref C: 2023-05-11T15:37:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1683819429903&url=https%3A%2F%2Fuser.freelife4u.art%2F&liSync=true&e_ipv6=AQKTp-7Rk7NYZgAAAYgLdYJAowYrSybLWtMPrDafJ9z54-8lK4zqwsz5LKQbOXOYoKQM0Xk14EFQ9-OctL1QB0AxuGbVWw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7bMMEj9aieR85eq18Zg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 31ms
27ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1868372147&t=pageview&_s=1&dl=https%3A%2F%2Fuser.freelife4u.art%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Sierra%20Club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1917284866&gjid=897685347&cid=1867863758.1683819430&tid=UA-652326-1&_gid=2128635064.1683819430&_r=1&gtm=45He3580n71P6QS96&cg1=Homepage&cd1=Homepage&cd16=tbd&z=794196027

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
111 B 31ms
31ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 180535206388660 Show response
connect.facebook.net/signals/config/ 376 KB
107 KB 29ms
25ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/180535206388660?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4c99c2b6bb25498af86f10252f69155a3b2e4e56211da6c3a5be8a20fd66ce5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 May 2023 15:37:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 109898
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: g67GNrVcO2KVQIuhoTLJ0C0vYuomvRfrrYYz9P6/ffYkXotH7puFR9KKMVbLOmKU5r5RnIXvR+gapvxVgRaWOQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 323ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1456954507875619&ev=PageView&dl=https%3A%2F%2Fuser.freelife4u.art%2F&rl=&if=false&ts=1683819429945&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22826171765241564%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221137394356906092%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1683819429938.321221867&cs_est=true&it=1683819429852&coo=false&rqm=GET

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 May 2023 15:37:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 220ms
31ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-652326-1&cid=1867863758.1683819430&jid=1917284866&gjid=897685347&_gid=2128635064.1683819430&_u=YCDACEAABAAAACAAI~&z=1935045736

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 11 May 2023 15:37:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 251ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=180535206388660&ev=PageView&dl=https%3A%2F%2Fuser.freelife4u.art%2F&rl=&if=false&ts=1683819430019&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1683819429938.321221867&cs_est=true&it=1683819429852&coo=false&rqm=GET

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 May 2023 15:37:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 114ms
61ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-652326-1&cid=1867863758.1683819430&jid=1917284866&_u=YCDACEAABAAAACAAI~&z=1295973399

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 113ms
60ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-652326-1&cid=1867863758.1683819430&jid=1917284866&_u=YCDACEAABAAAACAAI~&z=1295973399

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
28ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 28ms
28ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
31ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 28ms
28ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
28ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
30ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame CF89 0
0 96ms
29ms Document
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash

Request headers

Referer: https://user.freelife4u.art/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Thu, 11 May 2023 15:37:09 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: A

GET
H2 200 0d405d18ef388eb6
pixel.sitescout.com/up/ 43 B
267 B 96ms
28ms Image
image/gif 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/0d405d18ef388eb6?cntr_url=https%3A%2F%2Fuser.freelife4u.art%2F
Requested by: Host: user.freelife4u.art
URL: https://user.freelife4u.art/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:10 GMT
server: AC1.1
content-type: image/gif
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 22ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1456954507875619&ev=Microdata&dl=https%3A%2F%2Fuser.freelife4u.art%2F&rl=&if=false&ts=1683819430467&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20%7C%20Sierra%20Club%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.sierraclub.org%2Fhome%22%2C%22og%3Atitle%22%3A%22Home%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.sierraclub.org%2Fsites%2Fwww.sierraclub.org%2Ffiles%2Fstyles%2Fsierra_full_page_width%2Fpublic%2Fhomepage-hero-family-iStock-1076832914.jpg.webp%3Fitok%3DKKKTZC2n%22%2C%22og%3Aimage%3Aurl%22%3A%22https%3A%2F%2Fwww.sierraclub.org%2Fsites%2Fwww.sierraclub.org%2Ffiles%2Fstyles%2Fsierra_full_page_width%2Fpublic%2Fhomepage-hero-family-iStock-1076832914.jpg.webp%3Fitok%3DKKKTZC2n%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1683819429938.321221867&it=1683819429852&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 May 2023 15:37:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 22ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=180535206388660&ev=Microdata&dl=https%3A%2F%2Fuser.freelife4u.art%2F&rl=&if=false&ts=1683819430520&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20%7C%20Sierra%20Club%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.sierraclub.org%2Fhome%22%2C%22og%3Atitle%22%3A%22Home%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.sierraclub.org%2Fsites%2Fwww.sierraclub.org%2Ffiles%2Fstyles%2Fsierra_full_page_width%2Fpublic%2Fhomepage-hero-family-iStock-1076832914.jpg.webp%3Fitok%3DKKKTZC2n%22%2C%22og%3Aimage%3Aurl%22%3A%22https%3A%2F%2Fwww.sierraclub.org%2Fsites%2Fwww.sierraclub.org%2Ffiles%2Fstyles%2Fsierra_full_page_width%2Fpublic%2Fhomepage-hero-family-iStock-1076832914.jpg.webp%3Fitok%3DKKKTZC2n%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1683819429938.321221867&it=1683819429852&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 May 2023 15:37:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 images
addup.sierraclub.org/ 1014 KB
1015 KB 30ms
29ms Image
image/png 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://addup.sierraclub.org/images?file=606bca6be68c2abfffb4580b4c638a5ab53b973d.png

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

c0f59c05a0bdd88cb394f6f4bc41077f6b6813ed88fcfaf9973c18360ddc9380

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 11 May 2023 15:37:10 GMT
via: 1.1 varnish
x-geoip-city: bensheim
strict-transport-security: max-age=300
age: 207355
x-cache: HIT
content-length: 1038572
x-served-by: cache-fra-etou8220066-FRA
last-modified: Wed, 13 Jul 2022 20:51:51 GMT
server: nginx/1.16.1
x-timer: S1683819431.719115,VS0,VE5
etag: "3462e60588daad76a255dcde16b0bb76"
x-geoip-region: HE
vary: X-Forwarded-Host,Accept-Encoding
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=2592000
x-geoip-postalcode: 64625
accept-ranges: bytes
expires: Thu, 08 Jun 2023 06:01:16 GMT

GET
H2 200 images
addup.sierraclub.org/ 2 MB
2 MB 55ms
54ms Image
image/png 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://addup.sierraclub.org/images?file=5a4b48fdd446e724cc4aba3dc67e78a6c6a79ed8.png

Requested by

Host: user.freelife4u.art
URL: https://user.freelife4u.art/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

a59819ad488f28dd5b613e34289d8c79eca977afacc6fc36a4244d83e01e2164

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 11 May 2023 15:37:10 GMT
via: 1.1 varnish
x-geoip-city: bensheim
strict-transport-security: max-age=300
age: 953279
x-cache: HIT
content-length: 2217301
x-served-by: cache-fra-etou8220066-FRA
last-modified: Mon, 09 May 2022 16:35:11 GMT
server: nginx/1.16.1
x-timer: S1683819431.718777,VS0,VE9
etag: "9587cf18396aa8d94b22de872ab8b2b5"
x-geoip-region: HE
vary: X-Forwarded-Host,Accept-Encoding
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=2592000
x-geoip-postalcode: 64625
accept-ranges: bytes
expires: Tue, 30 May 2023 14:49:11 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
30ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
29ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 33ms
33ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
29ms Ping
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.freelife4u.art/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-41DQ5KQCWV&gtm=45je3580h1&_p=1868372147&cid=1867863758.1683819430&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1683819429&sct=1&seg=0&dl=https%3A%2F%2Fuser.freelife4u.art%2F&dt=Home%20%7C%20Sierra%20Club&en=login&ep.method=https%3A%2F%2Fuser.freelife4u.art%2F&ep.login_site=myaccount&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-41DQ5KQCWV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://user.freelife4u.art/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 May 2023 15:37:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.freelife4u.art
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.freelife4u.art/	1970-01-20 13:53:15	Name: _gcl_au Value: 1.1.1141668940.1683819429
.freelife4u.art/	1970-01-20 21:19:39	Name: _ga_41DQ5KQCWV Value: GS1.1.1683819429.1.0.1683819429.0.0.0
.freelife4u.art/	1970-01-20 21:19:39	Name: _ga Value: GA1.2.1867863758.1683819430
.freelife4u.art/	1970-01-20 11:45:05	Name: _gid Value: GA1.2.2128635064.1683819430
.freelife4u.art/	1970-01-20 11:43:39	Name: _gat_UA-652326-1 Value: 1
.freelife4u.art/	1970-01-20 13:53:15	Name: _fbp Value: fb.1.1683819429938.321221867
.linkedin.com/	1970-01-20 12:26:51	Name: UserMatchHistory Value: AQKr8bju8mrrTgAAAYgLdYCgGc01pvSD1dAI16vzmJqP2AIC327vdA85YSLp3oQdRwYDHxYEPTR9gg
.linkedin.com/	1970-01-20 12:26:51	Name: AnalyticsSyncHistory Value: AQITm7mM4znXmgAAAYgLdYCgYcXHCzB7AC7No0-rsReCCRecTZ9teGuNIW3nKWc44mhjKFxKaFsPQP7Z8Yzn7g
.linkedin.com/	1970-01-20 20:29:15	Name: bcookie Value: "v=2&1a34c165-7997-409f-8685-f00f8a327053"
.linkedin.com/	1970-01-20 11:45:05	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2767:u=1:x=1:i=1683819430:t=1683905830:v=2:sig=AQE8NmApzBVcdZFG0xxrC1GLun7OVN7m"
user.freelife4u.art/	1970-01-20 11:45:05	Name: ln_or Value: eyIxNjExNjE4IjoiZCJ9
.www.linkedin.com/	1970-01-20 20:29:15	Name: bscookie Value: "v=1&20230511153710224958d9-3a5d-4b00-8db0-d16806d46277AQFKnDQfDR_U6HbqRoxAS9pIbIPqiQUC"
.linkedin.com/	1970-01-20 16:02:51	Name: li_gc Value: MTswOzE2ODM4MTk0MzA7MjswMjHfY1AWg/Bwa3cpKtM8oz/ftPmwM0QbfF6BgONnyoI3lA==
.freelife4u.art/	1970-01-20 20:29:15	Name: _hjSessionUser_152373 Value: eyJpZCI6IjI0Y2UxZGZmLWYyNTEtNTdjYy04N2U4LTlhZWUwNGVjYmJkNyIsImNyZWF0ZWQiOjE2ODM4MTk0MzA0MTgsImV4aXN0aW5nIjpmYWxzZX0=
.freelife4u.art/	1970-01-20 11:43:41	Name: _hjFirstSeen Value: 1
.freelife4u.art/	1970-01-20 11:43:39	Name: _hjIncludedInSessionSample_152373 Value: 0
.freelife4u.art/	1970-01-20 11:43:41	Name: _hjSession_152373 Value: eyJpZCI6ImQ2MmRjMTdmLWU1MDktNDllNS1iODExLTczY2IxNDYyMGU3NCIsImNyZWF0ZWQiOjE2ODM4MTk0MzA0MzAsImluU2FtcGxlIjpmYWxzZX0=
.freelife4u.art/	1970-01-20 11:43:41	Name: _hjAbsoluteSessionInProgress Value: 0

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://user.freelife4u.art/ Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
network	error	URL: https://cloud.typography.com/7941436/6171612/css/fonts.css Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://cloud.typography.com/7941436/6171612/css/fonts.css Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://geoip-js.com/geoip/v2.0/city/me?referrer=https%3A%2F%2Fuser.freelife4u.art Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://user.freelife4u.art/api-proxy/outingsproxy?_api_proxy_uri=featured.json Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://user.freelife4u.art/api-proxy/outingsproxy?_api_proxy_uri=featured.json Message: Failed to load resource: the server responded with a status of 502 ()
security	error	URL: https://script.hotjar.com/modules.6fed24b60091da3b9aa3.js Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://script.hotjar.com/modules.6fed24b60091da3b9aa3.js Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://up.pixel.ad/assets/up.js?um=1 Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addup.sierraclub.org
cdn.linkedin.oribi.io
cloud.typography.com
connect.facebook.net
geoip-js.com
js.maxmind.com
pixel.sitescout.com
pro.fontawesome.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
static.sierraclub.org
stats.g.doubleclick.net
up.pixel.ad
user.freelife4u.art
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.64.112.151
13.107.42.14
151.101.2.217
178.79.242.16
18.66.97.53
2001:4860:4802:32::36
2600:9000:20eb:2200:2:53b2:240:93a1
2606:4700::6810:262f
2606:4700::6812:1344
2606:4700::6812:1634
2620:1ec:21::14
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9b
2a02:26f0:3500:16::215:149b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
45.60.14.25
52.222.236.43
91.107.166.24
98.98.134.242
10c6cd31161c3182d483a1ded362983f562ff49ee979ea0632b668dac1a577d7
18d010c1f5a21aae76697ba28a56e2ec5d8bea153d754077dced541ba13ca70d
2102e264d505e68e6c91f793a7bd135d82d89fcfba1b1392cd4397727b3db9c6
2443d2fa40d390dfbd572c2ab49096a799893f816108274b34197d65f3e122c3
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
2a64667ec4defb8065ce8ffe799b32bf6d98ba5d141fa7024c8de4c9ba624154
2b7b47df992eb17b7d096e57ace1fba02606001d9ff3b980aa2a6dace7176fc8
303961791ef5eaeff73ddcb09cded2df9b1b991cdb516554fe8e5a0092d7dbfb
3071a2f5a99331d5bfd67ff2523f11d302dd96c86f309401907f1b3e4acda31d
3d5a008fb7fabb36579cb8584ecc14a017e324500d4f5eeaa55f1dd86faffafb
420cb1127cfdefa2bb7e1b9cf7edb91cd515c5136904ff1d4e13495b7437cf2f
45205c379dd5a1b7a2c93063c94daf4d6275109b59c4206b239d8427e0147326
4b7091866fe819da9d213d6153d11825cec6beb278e85e06d27e9e541943de8b
4bc635db98cd9bd785d7383200e8c7c2714ce835253dc863e957c6010338a7b7
4f0ab16ec49a44daa7ecd4e6c9260beed96bbad40720036e1509a0f8bf7deb67
5118e7deca96407d0f4ddc29aa0f0c270fefb71d62ab2cb29f38b4d1f3d683ff
5c14f84eba16f996f11a9497b75426a546368886f37f4a2ff2570347d7d9e76f
60a626b6a0756c8ebf156f9be59de927ed5c29ea222a6e2a6b61f912e3da14fa
637c71a706d26a0d6f41e1a15b6d034443ab446e714541b9ab28ed967f676ea7
63afca877fa5e5795c5af8d9c663bdcd825674026aa8379e77e6712d116aeed0
6537581d22bc8b20c25c5e72db2365ac785578c8b5d6be11b4fecf41057c31d2
67bf7bfdc7cc96ee53b2dd2cffc5d2d01bb6fdfe7630883b521a3b780d979835
69cc84c5d2e97ca7bcaecb8c951576296cda235b8d05666943c23df43909f8a0
6bb26823691a1e2ba4d8cb41787ee88c75959dca1efc5dc8c899897cec84fe61
724e161ba4188b5e05706cdc9b6a70c84940cbf7a7ea3f3727b97a6a8c886867
757093a3c742dede5c43c3d30adf8204f25c71e55ad6bd76d564c691119f141f
773e51ff9d5ae96117767020a1628a35b5522962d935e1faeb57afa217ec2729
7a24b36a457f3a757a3ae6de36c80fe23c86eab7c7429d48c459b5e6eff19004
7abd2d7bbafa11f84e45b3fff7bd865618bd3617e6aaa9eed562fa233b12d165
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
80addb2bda1df02766f6c702c628cdbf12704cecb3267093c5252c7199b14ca9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a296a7b64812fb2b4d69596dd2706baf74459500df296dec7de7bc79e07dad
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87b631d45248b3cbb58834a270a82d7c797ddb260e74b7b2d843d2a9b1a7f270
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
942ef3dbd45b5a35c9b090b30963fe1a6e23e78f99a4ebc401714709a31fd15a
9a369a0a95e2cb5399ab42e0a3aea14630395a777f2377a48c877a9618e024d3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a32836e7283aebc2c44b0af41402e6e4c13f242149312d004923e7d6d887669b
a3d3bb1d3a2c4b7a815a0ad7553ca578c08bd321c475b0e570e544a285aa53ed
a4c4dc8650c7c55df3e80d45306d37825194c85eca0ba1af39140e0cdd26f57f
a59819ad488f28dd5b613e34289d8c79eca977afacc6fc36a4244d83e01e2164
ab5436a3e63056a87f687dc7b8495cabd0e9b931e0996c396ab91fa6d646eead
b22bd907a0c9e106e0c398ded5703593034f14bbffdcf7760c1eb7020b9e599f
c0f59c05a0bdd88cb394f6f4bc41077f6b6813ed88fcfaf9973c18360ddc9380
c79d92b1f7d2559f6980990145e9efd4ac64248760aa7776914bc1e9711183a6
c7e8b8c0e56bf8cf16a2da06aa069f8da56b9f2ca09332b11ecd42a25372934d
caf2756a13f8fee24efb8378994a43a44150c14fa06dc7ac372e24226b03c220
cfca9b45a47277c729c1be3f86c3c9e862c878682554cd9130243eb4af3c2f88
d1a861351af5131fcd66fd9ffcb24f153dc12bd463eecdc9965f501c3cda937d
d24a34642cb8760fd87bcc1d82297c9e7c31306b9f648be15a4face70fa70171
d26446e6339a02c290422a455cf72007bc1886a4ba723a97737a34d61cc7bc8f
d432f91683e2da7aaf2f7135c350791f1de8407ab70c4b1f3cbbd670b97a1f6b
d4c99c2b6bb25498af86f10252f69155a3b2e4e56211da6c3a5be8a20fd66ce5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ecff13d384d78fb4516cdf20bd7a27fd7de782f3ef33bb2efbec27e04e5aae4a
ed67fb27cde9671cb5972100ddce791b88a251b7edee85db66c3b72f19a5f429
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00ef01c2cd99faae652c134f268dd75a04ca46873de766b2e3b89afe4d18f39
f3ab79e9ef2f08c1662b66cb93e6076f71e08841ee67a4c1fd5b39340b5eb0b6
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5871cdbc87c5b4e42aff0afb97e699510973bab026217a5d3d4116af385292e
f65a30e0c0e33c9cba7ae38034026f1fa99909f3635505ff40f2ca65fb876bd7

user.freelife4u.art Open in urlscan Pro 91.107.166.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

99 %HTTPS

61 %IPv6

19 Domains

24 Subdomains

23 IPs

4 Countries

10779 kBTransfer

13424 kBSize

18 Cookies

30 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

user.freelife4u.art Open in urlscan Pro
91.107.166.24 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

99 %
HTTPS

61 %
IPv6

19
Domains

24
Subdomains

23
IPs

4
Countries

10779 kB
Transfer

13424 kB
Size

18
Cookies

74 HTTP transactions
14 data transactions