www.protectkratom.org Open in urlscan Pro
198.185.159.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://default.salsalabs.org/Tb403327e-e5dd-4124-a191-3b690b589c37/a5a1c821-8823-4b59-bd48-dce4f1592717
Effective URL:
https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
Submission: On June 06 via api (June 6th 2022, 3:23:06 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 18 domains to perform 57 HTTP transactions. The main IP is 198.185.159.144, located in United States and belongs to SQUARESPACE, US. The main domain is www.protectkratom.org.
TLS certificate: Issued by R3 on May 23rd 2022. Valid for: 3 months.

This is the only time www.protectkratom.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	54.156.155.237 54.156.155.237	14618 (AMAZON-AES) (AMAZON-AES)
3	198.185.159.144 198.185.159.144	53831 (SQUARESPACE) (SQUARESPACE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
10	151.101.64.237 151.101.64.237	54113 (FASTLY) (FASTLY)
3	151.101.64.238 151.101.64.238	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1 2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	34.96.67.224 34.96.67.224	15169 (GOOGLE) (GOOGLE)
2	23.96.109.67 23.96.109.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	130.211.164.108 130.211.164.108	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	44.195.210.106 44.195.210.106	14618 (AMAZON-AES) (AMAZON-AES)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	34.102.232.42 34.102.232.42	15169 (GOOGLE) (GOOGLE)
57	22

10 54.156.155.237 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-155-237.compute-1.amazonaws.com

default.salsalabs.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.185.159.144 (United States)

ASN53831 (SQUARESPACE, US)

www.protectkratom.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.64.237 (United States)

ASN54113 (FASTLY, US)

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.238 (United States)

ASN54113 (FASTLY, US)

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

11128386.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.siftscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.96.109.67 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.164.108 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 108.164.211.130.bc.googleusercontent.com

static.wepay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.210.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-210-106.compute-1.amazonaws.com

donate.salsalabs.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	squarespace.com assets.squarespace.com — Cisco Umbrella Rank: 5440 static1.squarespace.com — Cisco Umbrella Rank: 5140	837 KB
11	salsalabs.org 1 redirects default.salsalabs.org — Cisco Umbrella Rank: 62231 org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org donate.salsalabs.org — Cisco Umbrella Rank: 354263	389 KB
5	gstatic.com fonts.gstatic.com	66 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	184 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	489 B
3	protectkratom.org www.protectkratom.org	21 KB
2	doublethedonation.com doublethedonation.com — Cisco Umbrella Rank: 80619	110 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1342 insight.adsrvr.org — Cisco Umbrella Rank: 559	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	113 KB
2	doubleclick.net 1 redirects 11128386.fls.doubleclick.net	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	1 KB
1	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 5153	272 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8526	870 B
1	wepay.com static.wepay.com — Cisco Umbrella Rank: 88652	6 KB
1	siftscience.com cdn.siftscience.com — Cisco Umbrella Rank: 7110	20 KB
1	google.com adservice.google.com — Cisco Umbrella Rank: 70	914 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 624	8 KB
57	18

	Domain	Requested by
10	assets.squarespace.com	www.protectkratom.org
8	default.salsalabs.org	1 redirects www.protectkratom.org default.salsalabs.org org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	www.protectkratom.org www.googletagmanager.com
3	www.facebook.com	www.protectkratom.org
3	static1.squarespace.com	www.protectkratom.org static1.squarespace.com
3	www.protectkratom.org	assets.squarespace.com
2	doublethedonation.com	org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org
2	org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org	default.salsalabs.org www.protectkratom.org
2	connect.facebook.net	www.protectkratom.org connect.facebook.net
2	11128386.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	fonts.googleapis.com	www.protectkratom.org client
1	hexagon-analytics.com
1	insight.adsrvr.org	js.adsrvr.org
1	donate.salsalabs.org	default.salsalabs.org
1	adservice.google.de	adservice.google.com
1	static.wepay.com	org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org
1	cdn.siftscience.com	org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org
1	adservice.google.com	11128386.fls.doubleclick.net
1	js.adsrvr.org	www.googletagmanager.com
1	code.jquery.com	default.salsalabs.org
57	22

This site contains links to these domains. Also see Links.

Domain
akachat.discussion.community
www.americankratom.org
twitter.com
www.facebook.com
www.paypal.com
www.instagram.com

Subject Issuer	Validity	Valid
www.protectkratom.org R3	`2022-05-23` - `2022-08-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.squarespace.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-12` - `2023-03-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.salsalabs.org RapidSSL RSA CA 2018	`2020-06-10` - `2022-07-10`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.siftscience.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-07` - `2023-01-20`	a year	crt.sh
doublethedonation.com Sectigo ECC Domain Validation Secure Server CA	`2022-06-03` - `2023-07-04`	a year	crt.sh
static.wepay.com DigiCert SHA2 Extended Validation Server CA	`2022-03-03` - `2023-03-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.hexagon-analytics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-04`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
Frame ID: 0FF4B9910362A96EA4A6F21F9A1EBFF4
Requests: 54 HTTP requests in this frame

Frame: https://11128386.fls.doubleclick.net/activityi;dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591;~oref=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591
Frame ID: E2599A17CF9C0DEAC30BD767CBD96937
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591;~oref=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591
Frame ID: E3108A41D84D6F39A3680E92FF36E6D1
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591;~oref=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591
Frame ID: 959455C74EFA1A70C323A32F9D834407
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=iy62lxo&ref=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591&upid=87iqfc9&upv=1.1.0
Frame ID: 8F9C2F67E4A5B807D350B778E00B9AA7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to the A.K.A. — Protect Kratom

Page URL History Show full URLs

https://default.salsalabs.org/Tb403327e-e5dd-4124-a191-3b690b589c37/a5a1c821-8823-4b59-bd48-dce4f1592717 HTTP 302
https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591 Page URL

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

57
Requests

100 %
HTTPS

43 %
IPv6

18
Domains

22
Subdomains

22
IPs

3
Countries

1803 kB
Transfer

7468 kB
Size

15
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://akachat.discussion.community/
Title: AKA Forum

Search URL Search Domain Scan URL

URL: https://www.americankratom.org/
Title: AKA.ORG

Search URL Search Domain Scan URL

URL: https://twitter.com/TheKratomAssn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Americankratomassociation

Search URL Search Domain Scan URL

URL: https://www.paypal.com/biz/fund?id=57E5469HMEJES&eType=ActivityDefinitionInstance&eId=40487951-f7e5-42da-9397-7a31b9e50d07
Title: TO DONATE BY PAYPAL CLICK ON THIS LINK

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/follow?screen_name=thekratomassn
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/american_kratom_assoc/?hl=en
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/HaddowMac
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Americankratomassociation/
Title: Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://default.salsalabs.org/Tb403327e-e5dd-4124-a191-3b690b589c37/a5a1c821-8823-4b59-bd48-dce4f1592717 HTTP 302
https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://11128386.fls.doubleclick.net/activityi;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591;~oref=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591 HTTP 302
https://11128386.fls.doubleclick.net/activityi;dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591;~oref=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request donate Show response
www.protectkratom.org/
Redirect Chain

https://default.salsalabs.org/Tb403327e-e5dd-4124-a191-3b690b589c37/a5a1c821-8823-4b59-bd48-dce4f1592717
https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

176 KB
21 KB

431ms
167ms

Document
text/html

198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

d2ad0579fd0685fe1c7acb5b81778fe029ba8c6ced6d353ab73ed35393c5afd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1699
cache-control: max-age=172800, s-maxage=172800
content-encoding: gzip
content-length: 20920
content-type: text/html;charset=utf-8
date: Mon, 06 Jun 2022 14:54:40 GMT
etag: W/"4be97c42e08ce27be449eef9bb94af7e"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: Pn693qGS/57bNrw8L

Redirect headers

content-length: 0
date: Mon, 06 Jun 2022 15:22:59 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 130ms
46ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300

Requested by

Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd7119b263e35b11ddaf301a89f79367aa06637deb6592e75a71ada8770b3296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 15:22:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Jun 2022 15:22:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Jun 2022 15:22:59 GMT

GET
H2 200 modern.js Show response
assets.squarespace.com/@sqs/polyfiller/1.2.2/ 80 KB
29 KB 123ms
36ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/@sqs/polyfiller/1.2.2/modern.js
Requested by: Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6a801f781b109838b64c593ffbabaeb97e553d349540a9636cb63e23a8479423

Request headers

Referer: https://www.protectkratom.org/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:22:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 17987988
x-cache: HIT, HIT
x-cache-hits: 1, 305626
content-encoding: gzip
content-length: 29224
x-served-by: cache-bwi5144-BWI, cache-hhn4061-HHN
last-modified: Wed, 08 Sep 2021 20:21:24 GMT
server: UploadServer
x-timer: S1654528980.907674,VS0,VE0
etag: "03e5ef7c77d113abf6178fce61ec6344"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 10:43:13 GMT

GET
H2 200 extract-css-runtime-df0bcb3fb161c9761a2a8-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 183 B
345 B 37ms
37ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-df0bcb3fb161c9761a2a8-min.en-US.js
Requested by: Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 037709da281376828e43211b173f1f202861ff95fcfd8c32948bae02c66092e4

Request headers

Referer: https://www.protectkratom.org/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 5368534
x-cache: HIT, HIT
x-cache-hits: 1, 255840
content-encoding: br
content-length: 131
x-served-by: cache-iad-kiad7000178-IAD, cache-hhn4061-HHN
last-modified: Fri, 25 Mar 2022 17:01:12 GMT
server: UploadServer
x-timer: S1654528980.068134,VS0,VE0
etag: "233fdb6f2944bccc7d89e7aa073f6d3a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Apr 2023 12:07:26 GMT

GET
H2 200 extract-css-moment-js-vendor-0c99b8bf7f3dd5358b2f5-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 562 KB
85 KB 50ms
47ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-0c99b8bf7f3dd5358b2f5-min.en-US.js
Requested by: Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a335034c7cafef2c77fcbf69ab399efbaa0fb72fa405b2d92c502c6b64d21edc

Request headers

Referer: https://www.protectkratom.org/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 5780460
x-cache: HIT, HIT
x-cache-hits: 1, 257405
content-encoding: br
content-length: 86355
x-served-by: cache-iad-kcgs7200085-IAD, cache-hhn4061-HHN
last-modified: Thu, 31 Mar 2022 17:08:00 GMT
server: UploadServer
x-timer: S1654528980.106378,VS0,VE1
etag: "66b1de3aaf9e6685ccb40f11c2b9a9a6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 17:41:59 GMT

GET
H2 200 cldr-resource-pack-51def4af8f210f9d1e4fa-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 119 KB
18 KB 51ms
48ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-51def4af8f210f9d1e4fa-min.en-US.js
Requested by: Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e140022b28f49866c83fc34eafbe550e1af89819eeb46b52d68ca1385402e3c6

Request headers

Referer: https://www.protectkratom.org/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 4843026
x-cache: HIT, HIT
x-cache-hits: 1, 289715
content-encoding: br
content-length: 18359
x-served-by: cache-iad-kcgs7200080-IAD, cache-hhn4061-HHN
last-modified: Thu, 31 Mar 2022 17:07:34 GMT
server: UploadServer
x-timer: S1654528980.107130,VS0,VE0
etag: "f684b28d00d4cf606710a7f08420df46"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 14:05:54 GMT

GET
H2 200 common-vendors-stable-1f7107f1c77c3d102a5a3-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 240 KB
69 KB 50ms
47ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-1f7107f1c77c3d102a5a3-min.en-US.js
Requested by: Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b7e9ba8c1ef452b0ac4dbeb486948b9abf8c95f5477e4b2ef09aba78731565d3

Request headers

Referer: https://www.protectkratom.org/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 420310
x-cache: HIT, HIT
x-cache-hits: 1, 38338
content-encoding: br
content-length: 70702
x-served-by: cache-iad-kiad7000178-IAD, cache-hhn4061-HHN
last-modified: Wed, 01 Jun 2022 18:05:38 GMT
server: UploadServer
x-timer: S1654528980.107115,VS0,VE0
etag: "8781bf80331c8b93b84ce8c7442b8fc8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 18:37:50 GMT

GET
H2 200 common-vendors-595d92933ed24de9daf01-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 576 KB
141 KB 42ms
38ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-595d92933ed24de9daf01-min.en-US.js
Requested by: Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 45804fedee921a34eacfcc2cda92e8eb181d321e73b132191f4b4a7c05b25020

Request headers

Referer: https://www.protectkratom.org/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 248613
x-cache: HIT, HIT
x-cache-hits: 1, 8513
content-encoding: br
content-length: 143846
x-served-by: cache-iad-kjyo7100090-IAD, cache-hhn4061-HHN
last-modified: Fri, 03 Jun 2022 17:10:06 GMT
server: UploadServer
x-timer: S1654528980.107094,VS0,VE0
etag: "24ce658b403d899f6190e24cac2ed124"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 18:19:27 GMT

GET
H2 200 common-332b6bce18f941ea48ed6-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 794 KB
190 KB 50ms
46ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-332b6bce18f941ea48ed6-min.en-US.js
Requested by: Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 25dbb07e2cc514c3361268fc92d8992cf7d86308d9494b35e953edeaf820cc6c

Request headers

Referer: https://www.protectkratom.org/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 239533
x-cache: HIT, HIT
x-cache-hits: 1, 13630
content-encoding: br
content-length: 193762
x-served-by: cache-iad-kiad7000052-IAD, cache-hhn4061-HHN
last-modified: Fri, 03 Jun 2022 20:24:18 GMT
server: UploadServer
x-timer: S1654528980.107096,VS0,VE0
etag: "83b0ed442321f26978cc85e0a0e140bf"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 20:50:47 GMT

GET
H2 200 user-account-core-3deade071aa17d763adeb-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 657 KB
161 KB 93ms
89ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/user-account-core-3deade071aa17d763adeb-min.en-US.js
Requested by: Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 82ad0a2b5033dc29c4726a5af324460c7bbe191836f273f4ce0ca28f8bdc3bd9

Request headers

Referer: https://www.protectkratom.org/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 248606
x-cache: HIT, HIT
x-cache-hits: 1, 9
content-encoding: br
content-length: 164047
x-served-by: cache-iad-kiad7000049-IAD, cache-hhn4061-HHN
last-modified: Fri, 03 Jun 2022 17:09:52 GMT
server: UploadServer
x-timer: S1654528980.107368,VS0,VE0
etag: "7593566b722999b5a7e634a983623b71"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 18:19:33 GMT

GET
H2 200 user-account-core-8e2734fecbc15373691fe-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ 2 KB
1 KB 122ms
37ms Stylesheet
text/css 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/styles-compressed/user-account-core-8e2734fecbc15373691fe-min.en-US.css
Requested by: Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c8b77cbbe5c9164a6c36721a858ed981eb2095cfd867dec8eca405896f36220d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:22:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 2937938
x-cache: HIT, HIT
x-cache-hits: 1, 8202
content-encoding: br
content-length: 694
x-served-by: cache-iad-kjyo7100091-IAD, cache-hhn4064-HHN
last-modified: Thu, 31 Mar 2022 17:47:25 GMT
server: UploadServer
x-timer: S1654528980.907762,VS0,VE0
etag: "66b43022d17f923b69b9c6172eebd6fd"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 15:17:21 GMT

GET
H2 200 performance-cb1629545a06e6971eddd-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 25 KB
8 KB 93ms
90ms Script
text/javascript 151.101.64.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-cb1629545a06e6971eddd-min.en-US.js
Requested by: Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8592800117574f72d968f68353fe40baab35a123ee9b07da3793611a764305c3

Request headers

Referer: https://www.protectkratom.org/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
via: 1.1 varnish, 1.1 varnish
age: 845993
x-cache: HIT, HIT
x-cache-hits: 1, 72875
content-encoding: br
content-length: 8094
x-served-by: cache-iad-kcgs7200151-IAD, cache-hhn4061-HHN
last-modified: Fri, 27 May 2022 18:42:31 GMT
server: UploadServer
x-timer: S1654528980.107329,VS0,VE0
etag: "05f79f1893f8d38d8cfe33dac706317a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 May 2023 20:23:06 GMT

GET
H2 200 site.css
static1.squarespace.com/static/versioned-site-css/5f4e6882897e8d77d9a922cc/25/5c5a519771c10ba3470d8101/5f4e6883897e8d77d9a922f7/1230/ 900 KB
92 KB 122ms
38ms Stylesheet
text/css 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/versioned-site-css/5f4e6882897e8d77d9a922cc/25/5c5a519771c10ba3470d8101/5f4e6883897e8d77d9a922f7/1230/site.css

Requested by

Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

60b06164ad96aba2736f4326a3af7983b721478cd4d12a3aa73203365b65d76f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147167
x-cache: HIT, HIT
x-contextid: Q8wBsb4A/LPYp8TJb
x-cache-hits: 1, 1
content-length: 94157
x-served-by: cache-dfw18621-DFW, cache-hhn4065-HHN
pragma: cache
server: Squarespace
x-timer: S1654528980.977070,VS0,VE1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=172800, s-maxage=172800, public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 135ms
46ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=$GA_TRACKING_ID$

Requested by

Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c5b115d7d66436741c76afbfbabafc092197685b3a87f2b2109b7b1ce90622bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33494
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Jun 2022 15:23:00 GMT

GET
H2 200 / Show response
default.salsalabs.org/api/widget/template/57bb76bc-a766-4d41-9a66-68dc5ec4dd7d/ 88 KB
18 KB 159ms
158ms Script
application/javascript 54.156.155.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://default.salsalabs.org/api/widget/template/57bb76bc-a766-4d41-9a66-68dc5ec4dd7d/?tId=8ec743ba-e5ba-4c37-abf7-a7982a454112
Requested by: Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.155.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-155-237.compute-1.amazonaws.com
Software: /
Resource Hash: 8ce1b1d836bb164e4ee2d262cedefbb5d638d2d2d2b6012d9e711037c001ad1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
ignite_uiid: 76a183ba-ed5e-4d24-85db-dcfe1be515a9
vary: Accept-Encoding, User-Agent
content-type: application/javascript;charset=utf-8

GET
H2 200 site-bundle.36711e4c35baeb455bb4964fb00ecf09.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 169 KB
43 KB 42ms
40ms Script
application/javascript 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.36711e4c35baeb455bb4964fb00ecf09.js

Requested by

Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

fe3ea084b24c647f4b0d42efff90caddcf3beb203197d0fc7f19fac3a7561de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 258837
x-cache: HIT, HIT
x-contextid: RcWMSKND/eXa9P4Tz
x-cache-hits: 1, 12026
content-length: 44216
x-served-by: cache-dfw18639-DFW, cache-hhn4065-HHN
pragma: cache
server: Squarespace
x-timer: S1654528980.107952,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
44 KB 181ms
93ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NQXZWBS

Requested by

Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94cc6716dae8935a6d27007920c4d814d4cc3392b941470a7c7487a91d67b94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45250
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Jun 2022 15:23:00 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 128ms
43ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:25:01 GMT
x-content-type-options: nosniff
age: 417479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:25:01 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 122ms
38ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:25:01 GMT
x-content-type-options: nosniff
age: 417479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:25:01 GMT

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.11.2/themes/smoothness/ 34 KB
8 KB 226ms
79ms Stylesheet
text/css 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css
Requested by: Host: default.salsalabs.org
URL: https://default.salsalabs.org/api/widget/template/57bb76bc-a766-4d41-9a66-68dc5ec4dd7d/?tId=8ec743ba-e5ba-4c37-abf7-a7982a454112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-898c"
vary: Accept-Encoding
x-hw: 1654528980.dop145.fr8.t,1654528980.cds238.fr8.hn,1654528980.cds217.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8056

GET
H2 200 script.min.js Show response
default.salsalabs.org/public/scripts/ 574 KB
161 KB 180ms
180ms Script
application/javascript 54.156.155.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://default.salsalabs.org/public/scripts/script.min.js

Requested by

Host: default.salsalabs.org
URL: https://default.salsalabs.org/api/widget/template/57bb76bc-a766-4d41-9a66-68dc5ec4dd7d/?tId=8ec743ba-e5ba-4c37-abf7-a7982a454112

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.155.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-155-237.compute-1.amazonaws.com

Software

Resource Hash

713325fc37db97d0be0c672eacaa1ccbbe0e1543287b542ec3b2242f0a369f96

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 May 2022 00:25:16 GMT
etag: W/"/PI26pgLaWI/PI3agmY0oY--gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=3600,public
content-security-policy: block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-xss-protection: 1

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 417488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 19:24:52 GMT

GET
H2 200 settings Show response
www.protectkratom.org/api/1/performance/ 53 B
153 B 127ms
126ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.protectkratom.org/api/1/performance/settings
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-cb1629545a06e6971eddd-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 907294267b90fb91b8817f6ccb454b081af96ace38bf45d6f7a4fe06f31414e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
x-contextid: Pn693qGS/6jIqiZqM
server: Squarespace
content-length: 53
vary: Accept-Encoding, User-Agent
content-type: application/json

GET
H2 200 floating-cart.2354851dda571a00a159.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 496 B
436 B 38ms
36ms Script
application/javascript 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.2354851dda571a00a159.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.36711e4c35baeb455bb4964fb00ecf09.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

3acc601d540e8163bb9a14daa7f60fb5912f7cfb51c7cca4cd24a2b08af10241

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338004
x-cache: HIT, HIT
x-contextid: wmJV8SKU/DaLt3aUu
x-cache-hits: 1, 11397
content-length: 311
x-served-by: cache-dfw18653-DFW, cache-hhn4065-HHN
pragma: cache
server: Squarespace
x-timer: S1654528980.421262,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

POST
H2 200 RecordHit Show response
www.protectkratom.org/api/census/ 17 B
111 B 182ms
182ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.protectkratom.org/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-595d92933ed24de9daf01-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591
X-CSRF-Token: Bc5wg3IYkDhnZDc0MjA0MzAyZWQxODM1N2I5MzhiZmUxZTYzN2Q2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
x-content-type-options: nosniff
server: Squarespace
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=0
content-type: application/json;charset=utf-8
x-contextid: Pn693qGS/x2ifU0mw
content-length: 17

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 130ms
52ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-179239991-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=$GA_TRACKING_ID$

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a04cc73a81fe19503adea832c3a124b31b0ac4fe7c6f84e6b2a3f65331471b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39634
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Jun 2022 15:23:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
68 KB 112ms
70ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WVZYF4L6VV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQXZWBS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbe75e802336416df18e93e7ae5afdf0643a9bb8a2e3305d0d45fd4991c1b3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69761
x-xss-protection: 0
expires: Mon, 06 Jun 2022 15:23:00 GMT

GET
H3

200

activityi;dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DE... Show response
11128386.fls.doubleclick.net/ Frame E259
Redirect Chain

https://11128386.fls.doubleclick.net/activityi;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%...
https://11128386.fls.doubleclick.net/activityi;dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.p...

687 B
470 B

135ms
60ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11128386.fls.doubleclick.net/activityi;dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591;~oref=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQXZWBS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

f19887e42f6019351b9a6da8b270583e233937565726258aaa40d543a227ee54

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 445
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jun 2022 15:23:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jun 2022 15:23:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11128386.fls.doubleclick.net/activityi;dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591;~oref=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 117ms
40ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: laxjqZOZ2hJq8LZwvF3OUTmneB8vNCSngsGNTh773HggO64EorXSKJh42PkZgxLkBnDsTCcDdwRLpCTkvjo64g==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 06 Jun 2022 15:23:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 134ms
44ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQXZWBS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-65-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 01:26:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 50209
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: WY9N7GML3QryuRzknTvsjRP96ZvKT4DqB3a32cQl7zQpg2sulWVHIQ==

GET
H3 200 205641814835369 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 511ms
471ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/205641814835369?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ebd9c3068f5a082b9c5beaa067e3d7f3ca8e5cdce58c8bed18407e922d66700e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: V0Gzw0c3oB48J59waYtk/DkKIOjwbmevjYfZQdPkq5F5XAsIk2RjB6mnL478GeYYxaCe8ate270LNERjKbttXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 06 Jun 2022 15:23:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1654528981145
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 754 B
333 B 122ms
46ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans:400,400italic,700,700italic&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8a7c6483f73f962abb0f768408bc73c219a0164ee43f60ac57595d314c1bebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 15:23:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 06 Jun 2022 15:23:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Jun 2022 15:23:00 GMT

GET
H2 200 40487951-f7e5-42da-9397-7a31b9e50d07 Show response
org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org/api/widget/fundraising/ 213 KB
40 KB 215ms
166ms Script
application/javascript 54.156.155.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org/api/widget/fundraising/40487951-f7e5-42da-9397-7a31b9e50d07?tId=id_40487951f7e542da93977a31b9e50d07&eId=57bb76bc-a766-4d41-9a66-68dc5ec4dd7d&eType=Template&lsi=sli-forms-styles_v02&bo=true&_=1654528980659
Requested by: Host: default.salsalabs.org
URL: https://default.salsalabs.org/public/scripts/script.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.155.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-155-237.compute-1.amazonaws.com
Software: /
Resource Hash: 8e8db8f73475086def9493ef2ab612597ab40a245c2259affb44817edd07ce03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
vary: Accept-Encoding, User-Agent
content-type: application/javascript;charset=utf-8

GET
H2 200 image-placeholder.png
org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org/public/images/ 68 B
565 B 197ms
148ms Image
image/png 54.156.155.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org/public/images/image-placeholder.png

Requested by

Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.155.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-155-237.compute-1.amazonaws.com

Software

Resource Hash

0464f45b495a5aac8d0e6edd4cc000fef4d3f90187ba1a7b7faf39cf4087085f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Jan 2022 10:31:08 GMT
etag: W/"/kX+nXLnqwQ/kX/491XnqA"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=3600,public
content-security-policy: block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges: bytes
content-length: 68
x-xss-protection: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179239991-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6494
date: Mon, 06 Jun 2022 13:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 06 Jun 2022 15:34:46 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
175 B 117ms
57ms Ping
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WVZYF4L6VV&gtm=2oe610&_p=932055736&_z=ccd.tdB&cid=162202600.1654528981&gdid=dZjQwMz&ul=en-us&sr=1600x1200&_s=1&sid=1654528980&sct=1&seg=0&dl=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591&dt=Donate%20to%20the%20A.K.A.%20%E2%80%94%20Protect%20Kratom&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WVZYF4L6VV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 15:23:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.protectkratom.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastC... Show response
adservice.google.com/ddm/fls/i/ Frame E310 686 B
914 B 175ms
75ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591;~oref=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591

Requested by

Host: 11128386.fls.doubleclick.net
URL: https://11128386.fls.doubleclick.net/activityi;dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591;~oref=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c85337d81bde38e03d38d00b5fc2c77b2a6dccbf07ff629585e6345c42bc662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11128386.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 445
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jun 2022 15:23:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 132ms
56ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=932055736&t=pageview&_s=1&dl=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591&ul=en-us&de=UTF-8&dt=Donate%20to%20the%20A.K.A.%20%E2%80%94%20Protect%20Kratom&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1853192403&gjid=497650311&cid=162202600.1654528981&tid=UA-179239991-1&_gid=821883396.1654528981&_r=1&gtm=2ou610&did=dZjQwMz&gdid=dZjQwMz&z=856089349

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.protectkratom.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 15:23:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.protectkratom.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s.js Show response
cdn.siftscience.com/ 61 KB
20 KB 143ms
38ms Script
application/javascript 34.96.67.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.siftscience.com/s.js
Requested by: Host: org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org
URL: https://org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org/api/widget/fundraising/40487951-f7e5-42da-9397-7a31b9e50d07?tId=id_40487951f7e542da93977a31b9e50d07&eId=57bb76bc-a766-4d41-9a66-68dc5ec4dd7d&eType=Template&lsi=sli-forms-styles_v02&bo=true&_=1654528980659
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.67.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.67.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 06:11:38 GMT
content-encoding: gzip
age: 33083
x-guploader-uploadid: ADPycdvcgkoo0FlErfBzqomuMBCIt40IHpjxqcgftKJ2tbogmhNopFQE87rjm4__LUZ7WcG63x87ZqjCBCi6gTLIFRABEKe8YQG7
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20452
last-modified: Thu, 09 Apr 2020 21:59:13 GMT
server: UploadServer
etag: "07cb8203158abb26b3c18318350e7b36"
vary: Accept-Encoding
x-goog-hash: crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
x-goog-generation: 1586469553682331
cache-control: public, max-age=86400
x-goog-stored-content-length: 20452
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 07 Jun 2022 06:11:38 GMT

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 422 KB
90 KB 556ms
248ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org
URL: https://org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org/api/widget/fundraising/40487951-f7e5-42da-9397-7a31b9e50d07?tId=id_40487951f7e542da93977a31b9e50d07&eId=57bb76bc-a766-4d41-9a66-68dc5ec4dd7d&eType=Template&lsi=sli-forms-styles_v02&bo=true&_=1654528980659
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 462eee59773394f59af4c660b873d7d53706a001d760be65db3e718d264256a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:01 GMT
content-encoding: br
last-modified: Fri, 03 Jun 2022 04:54:08 GMT
server: nginx
etag: "629993f0-16584"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=600;
content-length: 91524

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 153 KB
20 KB 676ms
367ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org
URL: https://org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org/api/widget/fundraising/40487951-f7e5-42da-9397-7a31b9e50d07?tId=id_40487951f7e542da93977a31b9e50d07&eId=57bb76bc-a766-4d41-9a66-68dc5ec4dd7d&eType=Template&lsi=sli-forms-styles_v02&bo=true&_=1654528980659
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 34d4b0d52609d6fe3b7a0b1ade615a14d99b59b85c35a078c7839e33695a893b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:01 GMT
content-encoding: br
last-modified: Fri, 03 Jun 2022 04:54:08 GMT
server: nginx
etag: "629993f0-5027"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=600;
content-length: 20519

GET
H/1.1 200
OK tokenization.v2.js Show response
static.wepay.com/js/ 19 KB
6 KB 786ms
139ms Script
application/javascript 130.211.164.108
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wepay.com/js/tokenization.v2.js
Requested by: Host: org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org
URL: https://org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org/api/widget/fundraising/40487951-f7e5-42da-9397-7a31b9e50d07?tId=id_40487951f7e542da93977a31b9e50d07&eId=57bb76bc-a766-4d41-9a66-68dc5ec4dd7d&eType=Template&lsi=sli-forms-styles_v02&bo=true&_=1654528980659
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.164.108 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 108.164.211.130.bc.googleusercontent.com
Software: nginx /
Resource Hash: a5dabe8694defff7761877d38bfd931a20ff6f62ca06de76c56d94f10eb048a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 15:23:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Jun 2022 21:55:32 GMT
Server: nginx
ETag: W/"6297e054-4aac"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=21600, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 06 Jun 2022 21:23:01 GMT

GET
H2 200 dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastC... Show response
adservice.google.de/ddm/fls/i/ Frame 9594 194 B
870 B 280ms
73ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591;~oref=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CP7opeGQmfgCFZDG7Qod3VoDkw;src=11128386;type=krato0;cat=krato0;ord=9154938900461;gtm=2wg610;auiddc=1441534357.1654528980;u1=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591;~oref=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Jun 2022 15:23:01 GMT
expires: Mon, 06 Jun 2022 15:23:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 115ms
37ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=205641814835369&ev=PageView&dl=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591&rl=&if=false&ts=1654528981396&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654528981395.9596613&it=1654528980651&coo=false&rqm=GET

Requested by

Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 06 Jun 2022 15:23:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 115ms
38ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=205641814835369&ev=ViewContent&dl=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591&rl=&if=false&ts=1654528981398&cd[content_name]=%2Fdonate&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1654528981395.9596613&it=1654528980651&coo=false&rqm=GET

Requested by

Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 06 Jun 2022 15:23:01 GMT

GET
H2 200 formValidation.min.css
default.salsalabs.org/public/styles/ 98 KB
23 KB 185ms
185ms Stylesheet
text/css 54.156.155.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://default.salsalabs.org/public/styles/formValidation.min.css

Requested by

Host: org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org
URL: https://org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org/api/widget/fundraising/40487951-f7e5-42da-9397-7a31b9e50d07?tId=id_40487951f7e542da93977a31b9e50d07&eId=57bb76bc-a766-4d41-9a66-68dc5ec4dd7d&eType=Template&lsi=sli-forms-styles_v02&bo=true&_=1654528980659

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.155.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-155-237.compute-1.amazonaws.com

Software

Resource Hash

a716260406b3d4ed0963a73809e71efad7727098cfaade85cc96b66d7a178820

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 May 2022 00:25:24 GMT
etag: W/"EKoHdIZ3biQEKoG9Bftimo--gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=3600,public
content-security-policy: block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-xss-protection: 1

GET
H3 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 21 KB
21 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,400italic,700,700italic&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 22:30:25 GMT
x-content-type-options: nosniff
age: 492756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 22:30:25 GMT

GET
H3 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/ 22 KB
22 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,400italic,700,700italic&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 22:30:37 GMT
x-content-type-options: nosniff
age: 492744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22376
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 22:30:37 GMT

GET
H2 200 e0dc5fad-40bc-4845-9500-c0c1a48992de Show response
donate.salsalabs.org/api/transactions/gateway/ 405 B
545 B 1463ms
1156ms XHR
application/json 44.195.210.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.salsalabs.org/api/transactions/gateway/e0dc5fad-40bc-4845-9500-c0c1a48992de
Requested by: Host: default.salsalabs.org
URL: https://default.salsalabs.org/public/scripts/script.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.210.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-210-106.compute-1.amazonaws.com
Software: /
Resource Hash: f6371b6aca6984384cdb779c920e6531c70c8be3b7f072ff9113e8ba8a9994d9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.protectkratom.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:03 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.protectkratom.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 310

GET
H2 200 sli-forms-styles_v02.css
default.salsalabs.org/public/styles/ 137 KB
20 KB 297ms
297ms Stylesheet
text/css 54.156.155.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.155.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-155-237.compute-1.amazonaws.com

Software

Resource Hash

13a5387524f29aaa1d87f78739ed5f495f44877ce34592cd3e6c05cab60accec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Feb 2022 07:51:08 GMT
etag: W/"SUiv/HbIgtkSUiug3dJ2JY--gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=3600,public
content-security-policy: block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-xss-protection: 1

GET
H2 200 data
default.salsalabs.org/api/organization/5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc/logo/ 82 KB
83 KB 125ms
125ms Image
image/png 54.156.155.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://default.salsalabs.org/api/organization/5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc/logo/data
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.155.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-155-237.compute-1.amazonaws.com
Software: /
Resource Hash: 8e24f6ce0392cfa322647e2985bf389f401006bf24b7830691d80f5c82f7efc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:01 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Mon, 06 Jun 2022 14:52:43 GMT
content-type: image/png

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 8F9C 0
182 B 178ms
57ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=iy62lxo&ref=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591&upid=87iqfc9&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.protectkratom.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Mon, 06 Jun 2022 15:23:01 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 826356.gif
hexagon-analytics.com/images/ 43 B
272 B 231ms
127ms Image
image/gif 34.102.232.42
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/826356.gif?bk=64d426901e&tm=796&r=852972078&v=105&cs=UTF-8&h=www.protectkratom.org&l=en-US&S=c7c9f6e0cc1a6eea84dd1aaaabcbad1d&uu=b5b68a8fde5007313d2c07ad137ea10&t=Donate%20to%20the%20A.K.A.%20%E2%80%94%20Protect%20Kratom&u=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Linux%20x86_64&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=true&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 15:23:02 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 80ms
41ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=205641814835369&ev=Microdata&dl=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591&rl=&if=false&ts=1654528981900&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20to%20the%20A.K.A.%20%E2%80%94%20Protect%20Kratom%22%2C%22meta%3Adescription%22%3A%22Help%20Protect%20Kratom%20with%20Your%20Donation%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Protect%20Kratom%22%2C%22og%3Atitle%22%3A%22Donate%20to%20the%20A.K.A.%20%E2%80%94%20Protect%20Kratom%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.protectkratom.org%2Fdonate%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Help%20Protect%20Kratom%20with%20Your%20Donation%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22url%22%3A%22https%3A%2F%2Fwww.protectkratom.org%22%2C%22name%22%3A%22Protect%20Kratom%22%2C%22description%22%3A%22%22%2C%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%7D%2C%7B%22address%22%3A%22%22%2C%22openingHours%22%3A%22%2C%20%2C%20%2C%20%2C%20%2C%20%2C%20%22%2C%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22LocalBusiness%22%7D%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=2&o=30&fbp=fb.1.1654528981395.9596613&it=1654528980651&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 06 Jun 2022 15:23:01 GMT

GET
H2 200 formValidation.min.css
default.salsalabs.org/public/styles/ 98 KB
23 KB 196ms
196ms Stylesheet
text/css 54.156.155.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://default.salsalabs.org/public/styles/formValidation.min.css

Requested by

Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.155.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-155-237.compute-1.amazonaws.com

Software

Resource Hash

a716260406b3d4ed0963a73809e71efad7727098cfaade85cc96b66d7a178820

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 May 2022 00:25:24 GMT
etag: W/"EKoHdIZ3biQEKoG9Bftimo--gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=3600,public
content-security-policy: block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-xss-protection: 1

GET
H2 200 sli-forms-styles_v02.css
default.salsalabs.org/public/styles/ 137 KB
20 KB 173ms
173ms Stylesheet
text/css 54.156.155.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://default.salsalabs.org/public/styles/sli-forms-styles_v02.css

Requested by

Host: www.protectkratom.org
URL: https://www.protectkratom.org/donate?eType=EmailBlastContent&eId=7fc81606-f156-4b63-b954-027da171f591

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.155.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-155-237.compute-1.amazonaws.com

Software

Resource Hash

13a5387524f29aaa1d87f78739ed5f495f44877ce34592cd3e6c05cab60accec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Feb 2022 07:51:08 GMT
etag: W/"SUiv/HbIgtkSUiug3dJ2JY--gzip"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=3600,public
content-security-policy: block-all-mixed-content; default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data:; font-src https: data:; connect-src https:
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-xss-protection: 1

GET
DATA 200
OK truncated
/ 21 KB
21 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7db786a248c56bcef8116b7d784ab9886bf1175433d93690f27f0118bbff7899

Request headers

Referer
Origin: https://www.protectkratom.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 57ms
57ms Ping
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WVZYF4L6VV&gtm=2oe610&_p=932055736&_z=ccd.tdB&cid=162202600.1654528981&gdid=dZjQwMz&ul=en-us&sr=1600x1200&_s=2&sid=1654528980&sct=1&seg=0&dl=https%3A%2F%2Fwww.protectkratom.org%2Fdonate%3FeType%3DEmailBlastContent%26eId%3D7fc81606-f156-4b63-b954-027da171f591&dt=Donate%20to%20the%20A.K.A.%20%E2%80%94%20Protect%20Kratom&en=scroll&_et=8&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WVZYF4L6VV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.protectkratom.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Jun 2022 15:23:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.protectkratom.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.salsalabs.org/	1970-01-20 03:35:29	Name: ignite_tr_new Value: true
.salsalabs.org/	1970-01-20 12:21:04	Name: ignite_tr Value: 75e327d9-b586-43db-97e0-70ae536b74b2
.salsalabs.org/	1970-01-20 03:35:28	Name: ignite_tr_url Value: a5a1c821-8823-4b59-bd48-dce4f1592717
.salsalabs.org/	1970-01-20 03:35:29	Name: ignite_uiid Value: 76a183ba-ed5e-4d24-85db-dcfe1be515a9
www.protectkratom.org/	1969-12-31 23:59:59	Name: crumb Value: Bc5wg3IYkDhnZDc0MjA0MzAyZWQxODM1N2I5MzhiZmUxZTYzN2Q2
www.protectkratom.org/	1970-01-20 21:06:40	Name: ss_cvr Value: 29325dac-6814-47a6-bd34-38393c80e46b\|1654528980441\|1654528980441\|1654528980441\|1
www.protectkratom.org/	1970-01-20 03:35:30	Name: ss_cvt Value: 1654528980441
.protectkratom.org/	1970-01-20 05:45:04	Name: _gcl_au Value: 1.1.1441534357.1654528980
.protectkratom.org/	1970-01-20 21:06:40	Name: _ga_WVZYF4L6VV Value: GS1.1.1654528980.1.0.1654528980.0
.doubleclick.net/	1970-01-20 03:35:29	Name: test_cookie Value: CheckForPermission
.protectkratom.org/	1970-01-20 21:06:40	Name: _ga Value: GA1.2.162202600.1654528981
.protectkratom.org/	1970-01-20 03:36:55	Name: _gid Value: GA1.2.821883396.1654528981
.protectkratom.org/	1970-01-20 03:35:29	Name: _gat_gtag_UA_179239991_1 Value: 1
.protectkratom.org/	1970-01-20 05:45:04	Name: _fbp Value: fb.1.1654528981395.9596613
.protectkratom.org/	1970-01-21 14:39:19	Name: __ssid Value: b5b68a8fde5007313d2c07ad137ea10

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11128386.fls.doubleclick.net
adservice.google.com
adservice.google.de
assets.squarespace.com
cdn.siftscience.com
code.jquery.com
connect.facebook.net
default.salsalabs.org
donate.salsalabs.org
doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
hexagon-analytics.com
insight.adsrvr.org
js.adsrvr.org
org-5fe11c39-c1d0-43d4-88ad-9d3e8058f1dc.salsalabs.org
static.wepay.com
static1.squarespace.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.protectkratom.org
130.211.164.108
142.250.185.70
151.101.64.237
151.101.64.238
198.185.159.144
2001:4de0:ac18::1:a:1b
23.96.109.67
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.102.232.42
34.96.67.224
44.195.210.106
52.223.40.198
54.156.155.237
65.9.65.116
037709da281376828e43211b173f1f202861ff95fcfd8c32948bae02c66092e4
0464f45b495a5aac8d0e6edd4cc000fef4d3f90187ba1a7b7faf39cf4087085f
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13a5387524f29aaa1d87f78739ed5f495f44877ce34592cd3e6c05cab60accec
1a04cc73a81fe19503adea832c3a124b31b0ac4fe7c6f84e6b2a3f65331471b4
25dbb07e2cc514c3361268fc92d8992cf7d86308d9494b35e953edeaf820cc6c
34d4b0d52609d6fe3b7a0b1ade615a14d99b59b85c35a078c7839e33695a893b
3acc601d540e8163bb9a14daa7f60fb5912f7cfb51c7cca4cd24a2b08af10241
45804fedee921a34eacfcc2cda92e8eb181d321e73b132191f4b4a7c05b25020
462eee59773394f59af4c660b873d7d53706a001d760be65db3e718d264256a9
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
5c85337d81bde38e03d38d00b5fc2c77b2a6dccbf07ff629585e6345c42bc662
60b06164ad96aba2736f4326a3af7983b721478cd4d12a3aa73203365b65d76f
6a801f781b109838b64c593ffbabaeb97e553d349540a9636cb63e23a8479423
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
713325fc37db97d0be0c672eacaa1ccbbe0e1543287b542ec3b2242f0a369f96
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7db786a248c56bcef8116b7d784ab9886bf1175433d93690f27f0118bbff7899
82ad0a2b5033dc29c4726a5af324460c7bbe191836f273f4ce0ca28f8bdc3bd9
8592800117574f72d968f68353fe40baab35a123ee9b07da3793611a764305c3
8ce1b1d836bb164e4ee2d262cedefbb5d638d2d2d2b6012d9e711037c001ad1f
8e24f6ce0392cfa322647e2985bf389f401006bf24b7830691d80f5c82f7efc6
8e8db8f73475086def9493ef2ab612597ab40a245c2259affb44817edd07ce03
907294267b90fb91b8817f6ccb454b081af96ace38bf45d6f7a4fe06f31414e2
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94cc6716dae8935a6d27007920c4d814d4cc3392b941470a7c7487a91d67b94e
95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a335034c7cafef2c77fcbf69ab399efbaa0fb72fa405b2d92c502c6b64d21edc
a5dabe8694defff7761877d38bfd931a20ff6f62ca06de76c56d94f10eb048a5
a716260406b3d4ed0963a73809e71efad7727098cfaade85cc96b66d7a178820
a8a7c6483f73f962abb0f768408bc73c219a0164ee43f60ac57595d314c1bebe
b7e9ba8c1ef452b0ac4dbeb486948b9abf8c95f5477e4b2ef09aba78731565d3
c5b115d7d66436741c76afbfbabafc092197685b3a87f2b2109b7b1ce90622bd
c8b77cbbe5c9164a6c36721a858ed981eb2095cfd867dec8eca405896f36220d
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d2ad0579fd0685fe1c7acb5b81778fe029ba8c6ced6d353ab73ed35393c5afd2
dd7119b263e35b11ddaf301a89f79367aa06637deb6592e75a71ada8770b3296
e140022b28f49866c83fc34eafbe550e1af89819eeb46b52d68ca1385402e3c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
ebd9c3068f5a082b9c5beaa067e3d7f3ca8e5cdce58c8bed18407e922d66700e
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
f19887e42f6019351b9a6da8b270583e233937565726258aaa40d543a227ee54
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f6371b6aca6984384cdb779c920e6531c70c8be3b7f072ff9113e8ba8a9994d9
fbe75e802336416df18e93e7ae5afdf0643a9bb8a2e3305d0d45fd4991c1b3e4
fe3ea084b24c647f4b0d42efff90caddcf3beb203197d0fc7f19fac3a7561de1

www.protectkratom.org Open in urlscan Pro 198.185.159.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

43 %IPv6

18 Domains

22 Subdomains

22 IPs

3 Countries

1803 kBTransfer

7468 kBSize

15 Cookies

9 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.protectkratom.org Open in urlscan Pro
198.185.159.144 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

43 %
IPv6

18
Domains

22
Subdomains

22
IPs

3
Countries

1803 kB
Transfer

7468 kB
Size

15
Cookies

57 HTTP transactions
1 data transactions