drugfree.org Open in urlscan Pro
3.215.209.146 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://c-cv904.na1.hubspotlinks.com/Ctc/UA+113/c-Cv904/VVr5hy6kzbWHVbVz6Q4zz9H3W33LWhB4ZV2WfN4Hzmfm3q905V1-WJV7CgCkHW5mdqBD4XzVH7W6y...
Effective URL:
https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc...
Submission: On April 28 via api (April 28th 2023, 1:05:57 am UTC) from CH — Scanned from DE

Summary HTTP 365 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 50 IPs in 5 countries across 37 domains to perform 365 HTTP transactions. The main IP is 3.215.209.146, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is drugfree.org. The Cisco Umbrella rank of the primary domain is 950043.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 10th 2023. Valid for: a year.

This is the only time drugfree.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:cb1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	3.215.209.146 3.215.209.146	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
5	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
3	2606:4700::68... 2606:4700::6810:bb41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
65	104.26.5.251 104.26.5.251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:d4f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6812:873b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:1000:16:cfb1:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6811:6bc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8bce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:19c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.99.45 13.32.99.45	16509 (AMAZON-02) (AMAZON-02)
1	52.29.31.225 52.29.31.225	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
47	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.16.186.25 2.16.186.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d5f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.135.78.45 147.135.78.45	16276 (OVH) (OVH)
6	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
16	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
49	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
25	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	2600:9000:205... 2600:9000:2057:3a00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.208.115.43 34.208.115.43	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c0a::5c	15169 (GOOGLE) (GOOGLE)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
12	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
365	50

2 2606:4700::6812:cb1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

c-cv904.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 3.215.209.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-209-146.compute-1.amazonaws.com

drugfree.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

b2642783.smushcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:bb41 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 104.26.5.251 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

fndrsp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:d4f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:873b (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1000:16:cfb1:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.c212.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:6bc7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8bce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:19c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-45.fra60.r.cloudfront.net

c212.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.31.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-31-225.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-25.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.78.45 (United States)

ASN16276 (OVH, FR)

sentry.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:3a00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ucarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.208.115.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-115-43.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0a::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

fndrsp-checkout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
98	stripe.com js.stripe.com — Cisco Umbrella Rank: 2411 q.stripe.com — Cisco Umbrella Rank: 20152 m.stripe.com — Cisco Umbrella Rank: 2198 r.stripe.com — Cisco Umbrella Rank: 7419	1 MB
66	fundraiseup.com cdn.fundraiseup.com — Cisco Umbrella Rank: 63009 static.fundraiseup.com — Cisco Umbrella Rank: 57470 api.fundraiseup.com — Cisco Umbrella Rank: 520801 sentry.fundraiseup.com — Cisco Umbrella Rank: 608249	1 MB
41	gstatic.com fonts.gstatic.com www.gstatic.com	2 MB
36	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2930 www.google.com — Cisco Umbrella Rank: 16 pay.google.com — Cisco Umbrella Rank: 3849 play.google.com — Cisco Umbrella Rank: 74	683 KB
34	drugfree.org drugfree.org — Cisco Umbrella Rank: 950043	2 MB
8	paypal.com www.paypal.com — Cisco Umbrella Rank: 2260 t.paypal.com — Cisco Umbrella Rank: 3014	86 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	66 KB
6	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1405	5 KB
5	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 4128	4 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 519	13 KB
5	smushcdn.com b2642783.smushcdn.com	8 KB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 2669	36 KB
4	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 6729 forms-na1.hsforms.com — Cisco Umbrella Rank: 12260	12 KB
4	fndrsp.net fndrsp.net — Cisco Umbrella Rank: 60513	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3425	622 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166	473 B
3	c212.net cdn.c212.net — Cisco Umbrella Rank: 24048 c212.net — Cisco Umbrella Rank: 14881	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	266 KB
3	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 10641	492 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2070	33 KB
2	ucarecdn.com ucarecdn.com — Cisco Umbrella Rank: 21823	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	239 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	26 KB
2	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1871 secure-ds.serving-sys.com — Cisco Umbrella Rank: 3075	9 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 7456 forms.hscollectedforms.net — Cisco Umbrella Rank: 7895	26 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	137 KB
2	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2697	3 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 899 script.hotjar.com — Cisco Umbrella Rank: 1171	72 KB
2	hubspotlinks.com 1 redirects c-cv904.na1.hubspotlinks.com	2 KB
1	fndrsp-checkout.net fndrsp-checkout.net — Cisco Umbrella Rank: 630095	509 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 3809	64 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 3866	21 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 912	395 B
1	t.co t.co — Cisco Umbrella Rank: 584	377 B
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 14035	873 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 964	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1312	45 KB
365	37

	Domain	Requested by
61	static.fundraiseup.com	drugfree.org cdn.fundraiseup.com static.fundraiseup.com
47	js.stripe.com	static.fundraiseup.com js.stripe.com
34	drugfree.org	c-cv904.na1.hubspotlinks.com drugfree.org
32	r.stripe.com	js.stripe.com
25	www.gstatic.com	www.google.com www.gstatic.com pay.google.com
18	www.google.com	js.hsforms.net drugfree.org www.gstatic.com www.google.com
17	q.stripe.com	c-cv904.na1.hubspotlinks.com
16	fonts.gstatic.com	fonts.googleapis.com www.google.com drugfree.org
12	play.google.com	www.gstatic.com
6	www.paypal.com	static.fundraiseup.com www.paypal.com www.paypalobjects.com
6	pixel.mathtag.com	c212.net pixel.mathtag.com drugfree.org
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com drugfree.org
5	track.hubspot.com
5	bat.bing.com	www.googletagmanager.com bat.bing.com drugfree.org
5	b2642783.smushcdn.com	drugfree.org
4	pay.google.com	static.fundraiseup.com pay.google.com c-cv904.na1.hubspotlinks.com www.gstatic.com
4	m.stripe.network	js.stripe.com m.stripe.network
4	fndrsp.net	cdn.fundraiseup.com
3	www.google.de	drugfree.org
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	forms.hsforms.com	js.hsforms.net drugfree.org
3	api.fundraiseup.com	cdn.fundraiseup.com static.fundraiseup.com
3	www.googletagmanager.com	drugfree.org www.googletagmanager.com
3	js.hsforms.net	drugfree.org js.hsforms.net
2	t.paypal.com	drugfree.org
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	m.stripe.com	m.stripe.network
2	ucarecdn.com	drugfree.org
2	www.facebook.com	drugfree.org
2	fonts.googleapis.com	js.hsforms.net
2	region1.analytics.google.com	www.googletagmanager.com
2	c212.net	cdn.c212.net drugfree.org
2	connect.facebook.net	c-cv904.na1.hubspotlinks.com connect.facebook.net
2	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
2	c-cv904.na1.hubspotlinks.com	1 redirects
1	fndrsp-checkout.net	cdn.fundraiseup.com
1	forms.hscollectedforms.net	static.fundraiseup.com
1	sentry.fundraiseup.com	static.fundraiseup.com
1	forms-na1.hsforms.com	drugfree.org
1	secure-ds.serving-sys.com	bs.serving-sys.com
1	region1.google-analytics.com	www.googletagmanager.com
1	bs.serving-sys.com	www.googletagmanager.com
1	js.hs-banner.com	js-na1.hs-scripts.com
1	js.hs-analytics.net	js-na1.hs-scripts.com
1	js.hscollectedforms.net	js-na1.hs-scripts.com
1	analytics.twitter.com	drugfree.org
1	t.co	drugfree.org
1	script.hotjar.com	static.hotjar.com
1	cdn.c212.net	www.googletagmanager.com
1	js-na1.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	cdn.fundraiseup.com	drugfree.org
1	www.googleoptimize.com	drugfree.org
365	54

This site contains links to these domains. Also see Links.

Domain
scheduler.drugfree.org
searchandrescueusa.org
www.facebook.com
twitter.com
instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
hubspotlinks.com Cloudflare Inc ECC CA-3	`2023-04-17` - `2024-04-16`	a year	crt.sh
drugfree.org Amazon RSA 2048 M02	`2023-04-10` - `2024-05-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.smushcdn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-03-01` - `2024-02-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
fundraiseup.com Cloudflare Inc ECC CA-3	`2022-06-21` - `2023-06-21`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-04` - `2023-05-05`	3 months	crt.sh
*.c212.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-28` - `2023-12-29`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
bs.serving-sys.com Amazon RSA 2048 M02	`2023-03-11` - `2024-04-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-04-20` - `2023-08-05`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
secure-ds.serving-sys.com R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
sentry.fundraiseup.com R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
cps3.ucarecdn.com R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Frame ID: 1B3F5879FEA6AF16CC1D755BC49E4F8A
Requests: 164 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: 59D9C651660F6D71FF5E0A8531D05BF0
Requests: 5 HTTP requests in this frame

Frame: https://js.hsforms.net/forms/v2.js
Frame ID: BD627F64B86AB5FE99C89C9D4EBD20CA
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/
Frame ID: 621D87DB6FBCB2DAAC440E44F646FCAC
Requests: 15 HTTP requests in this frame

Frame: https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
Frame ID: 46B441A0AB3261A6A62984A9B0ED56A1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 45B8ACF8EDC777297FAD70A431E287D0
Requests: 4 HTTP requests in this frame

Frame: https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Frame ID: A554E9D256E402E5C32FD641519FCFDD
Requests: 2 HTTP requests in this frame

Frame: https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
Frame ID: 3FE5780AF85AF69F690110E99C5B5BC5
Requests: 3 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=1374644b-1bee-4500-8d9d-0748485e5462&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
Frame ID: ECD0E42CA626952462E03C5FA837BDE6
Requests: 5 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 34373F6E1AB4D194F5EA8FD1AA886726
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9kcnVnZnJlZS5vcmc6NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&badge=inline&cb=iqthuzep8ein
Frame ID: 41F6345147056974FACA0F37F6FAF470
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9kcnVnZnJlZS5vcmc6NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&badge=inline&cb=iqthuzep8ein
Frame ID: 873A3775CA4ECAAD85B0DE317BC2B587
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9kcnVnZnJlZS5vcmc6NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&badge=inline&cb=o294xlgw3ns6
Frame ID: C0A18DE176C66EE06C4EF0F7E2B2DAA4
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9kcnVnZnJlZS5vcmc6NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&badge=inline&cb=o294xlgw3ns6
Frame ID: D4F47BAA66A939E01EB1D91625AB088E
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html
Frame ID: 8229182169FA150311C031B6618C76C5
Requests: 37 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
Frame ID: 68D5A6960A84524D88B013E14BC05B35
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
Frame ID: 4CC54AD940623F671FADC59F42742618
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
Frame ID: E9105F28E256CF295B7D95180F342205
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html
Frame ID: 2BAEB1FEB4894A38BFA80A11D0D95DB1
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html
Frame ID: 405CE06D775E75AFEC60D7DBFA41C45E
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: B324267C757294C47EF866A8319674B0
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 5180F47C032EF9D43210A97D55B5D003
Requests: 11 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fdrugfree.org&mid=
Frame ID: 11DD7AA273B352090F4710E6FA4276AB
Requests: 13 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: D90CE80D814C6830116966DFBB449939
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 33D7CF6F72668672E640898CC46E76BA
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 648BC9DADE797B338AD6BC367D71D65C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Partnership to End Addiction

Page URL History Show full URLs

https://c-cv904.na1.hubspotlinks.com/Ctc/UA+113/c-Cv904/VVr5hy6kzbWHVbVz6Q4zz9H3W33LWhB4ZV2WfN4Hzmfm3q905V1-WJV7C... Page URL
https://c-cv904.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/UA+113/c-Cv904/VVr5hy6kzbWHVbVz6Q4zz9H3W33... HTTP 307
https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_h... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

365
Requests

100 %
HTTPS

59 %
IPv6

37
Domains

54
Subdomains

50
IPs

5
Countries

8864 kB
Transfer

22448 kB
Size

45
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://scheduler.drugfree.org/
Title: SCHEDULE a call

Search URL Search Domain Scan URL

URL: https://searchandrescueusa.org/
Title: For health care providers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PartnershipToEndAddiction

Search URL Search Domain Scan URL

URL: https://twitter.com/ToEndAddiction

Search URL Search Domain Scan URL

URL: https://instagram.com/PartnershipToEndAddiction

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/PartnershipToEndAddiction

Search URL Search Domain Scan URL

URL: https://www.youtube.com/PartnershipToEndAddiction

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://c-cv904.na1.hubspotlinks.com/Ctc/UA+113/c-Cv904/VVr5hy6kzbWHVbVz6Q4zz9H3W33LWhB4ZV2WfN4Hzmfm3q905V1-WJV7CgCkHW5mdqBD4XzVH7W6yw85F977_J5W6pSxxb7KSwXvW7yyt7C3MVLdMW2s5J125565JWW7mRtHw42B3LvW552-Gr5b0R04W49MG0D5RcGqVN6G9cQH_tvrDW437M4x7b1QcRV9-H443p4LsmW2RFYlx7Yc6WHVT7Bfr6rQY3BW2kHNxf6qClsrW3H8vgJ1wT8N2W7Yml9T74Wty7W88_stn4D1GSTW8Wy-tl6pjrYTW3nSmbm8dls_ZW9hMHjd6_DTFcW3NXHDX7B3TlhW8zGdcl1QY4lwW4pJyH297sB0WW3Qy5Bh21_PjL32f81 Page URL
https://c-cv904.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/UA+113/c-Cv904/VVr5hy6kzbWHVbVz6Q4zz9H3W33LWhB4ZV2WfN4Hzmfm3q905V1-WJV7CgCkHW5mdqBD4XzVH7W6yw85F977_J5W6pSxxb7KSwXvW7yyt7C3MVLdMW2s5J125565JWW7mRtHw42B3LvW552-Gr5b0R04W49MG0D5RcGqVN6G9cQH_tvrDW437M4x7b1QcRV9-H443p4LsmW2RFYlx7Yc6WHVT7Bfr6rQY3BW2kHNxf6qClsrW3H8vgJ1wT8N2W7Yml9T74Wty7W88_stn4D1GSTW8Wy-tl6pjrYTW3nSmbm8dls_ZW9hMHjd6_DTFcW3NXHDX7B3TlhW8zGdcl1QY4lwW4pJyH297sB0WW3Qy5Bh21_PjL32f81?_ud=cae41edc-f41f-43c8-8f40-218d45313c3a&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

365 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVr5hy6kzbWHVbVz6Q4zz9H3W33LWhB4ZV2WfN4Hzmfm3q905V1-WJV7CgCkHW5mdqBD4XzVH7W6yw85F977_J5W6pSxxb7KSwXvW7yyt7C3MVLdMW2s5J125565JWW7mRtHw42B3LvW552-Gr5b0R04W49MG0D5RcGqVN6G9cQH_tvrDW437M4x7b1QcRV9-H443...
c-cv904.na1.hubspotlinks.com/Ctc/UA+113/c-Cv904/ 7 KB
2 KB 148ms
110ms Document
text/html 2606:4700::6812:cb1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c-cv904.na1.hubspotlinks.com/Ctc/UA+113/c-Cv904/VVr5hy6kzbWHVbVz6Q4zz9H3W33LWhB4ZV2WfN4Hzmfm3q905V1-WJV7CgCkHW5mdqBD4XzVH7W6yw85F977_J5W6pSxxb7KSwXvW7yyt7C3MVLdMW2s5J125565JWW7mRtHw42B3LvW552-Gr5b0R04W49MG0D5RcGqVN6G9cQH_tvrDW437M4x7b1QcRV9-H443p4LsmW2RFYlx7Yc6WHVT7Bfr6rQY3BW2kHNxf6qClsrW3H8vgJ1wT8N2W7Yml9T74Wty7W88_stn4D1GSTW8Wy-tl6pjrYTW3nSmbm8dls_ZW9hMHjd6_DTFcW3NXHDX7B3TlhW8zGdcl1QY4lwW4pJyH297sB0WW3Qy5Bh21_PjL32f81
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:cb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 7beb6613ac94bbc7-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Fri, 28 Apr 2023 01:05:45 GMT
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-hubspot-correlation-id: 1f89f4ca-4d4b-4428-8f56-002c96eb1a06
x-robots-tag: none

GET
H2

200

Primary Request / Show response
drugfree.org/
Redirect Chain

https://c-cv904.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/UA+113/c-Cv904/VVr5hy6kzbWHVbVz6Q4zz9H3W33LWhB4ZV2WfN4Hzmfm3q905V1-WJV7CgCkHW5mdqBD4XzVH7W6yw85F977_J5W6pSxxb7KSwXvW7yyt7C3MVL...
https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdo...

105 KB
20 KB

2552ms
2297ms

Document
text/html

3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Requested by: Host: c-cv904.na1.hubspotlinks.com
URL: https://c-cv904.na1.hubspotlinks.com/Ctc/UA+113/c-Cv904/VVr5hy6kzbWHVbVz6Q4zz9H3W33LWhB4ZV2WfN4Hzmfm3q905V1-WJV7CgCkHW5mdqBD4XzVH7W6yw85F977_J5W6pSxxb7KSwXvW7yyt7C3MVLdMW2s5J125565JWW7mRtHw42B3LvW552-Gr5b0R04W49MG0D5RcGqVN6G9cQH_tvrDW437M4x7b1QcRV9-H443p4LsmW2RFYlx7Yc6WHVT7Bfr6rQY3BW2kHNxf6qClsrW3H8vgJ1wT8N2W7Yml9T74Wty7W88_stn4D1GSTW8Wy-tl6pjrYTW3nSmbm8dls_ZW9hMHjd6_DTFcW3NXHDX7B3TlhW8zGdcl1QY4lwW4pJyH297sB0WW3Qy5Bh21_PjL32f81
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: e45ec0ec8248dbe0ce177e7dfb9f0117da6ed1a2c7c1b4c39674ce9f15730020

Request headers

Referer: https://c-cv904.na1.hubspotlinks.com/Ctc/UA+113/c-Cv904/VVr5hy6kzbWHVbVz6Q4zz9H3W33LWhB4ZV2WfN4Hzmfm3q905V1-WJV7CgCkHW5mdqBD4XzVH7W6yw85F977_J5W6pSxxb7KSwXvW7yyt7C3MVLdMW2s5J125565JWW7mRtHw42B3LvW552-Gr5b0R04W49MG0D5RcGqVN6G9cQH_tvrDW437M4x7b1QcRV9-H443p4LsmW2RFYlx7Yc6WHVT7Bfr6rQY3BW2kHNxf6qClsrW3H8vgJ1wT8N2W7Yml9T74Wty7W88_stn4D1GSTW8Wy-tl6pjrYTW3nSmbm8dls_ZW9hMHjd6_DTFcW3NXHDX7B3TlhW8zGdcl1QY4lwW4pJyH297sB0WW3Qy5Bh21_PjL32f81
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 28 Apr 2023 01:05:48 GMT
link: <https://drugfree.org/wp-json/>; rel="https://api.w.org/" <https://drugfree.org/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <https://drugfree.org/>; rel=shortlink
server: nginx/1.22.1
vary: Accept-Encoding Accept-Encoding, Cookie

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 7beb66147d11bbc7-FRA
date: Fri, 28 Apr 2023 01:05:45 GMT
link: <https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email>; rel="canonical"
location: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-hubspot-correlation-id: 9464a45a-b56e-411f-8531-4b2a66bf6dd9
x-robots-tag: none

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 114 KB
45 KB 47ms
21ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-MZKBSDK

Requested by

Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

285ac2c8a9756cb4d09262ef56e6f8ebfebb0a4711ae28fc354ee4fc7187c2e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45473
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 01:05:48 GMT

GET
H2 200 classic-themes.min.css
drugfree.org/wp-includes/css/ 217 B
475 B 102ms
100ms Stylesheet
text/css 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Wed, 26 Apr 2023 19:07:02 GMT
server: nginx/1.22.1
etag: "64497656-d9"
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 217
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 style.css
drugfree.org/wp-content/themes/coa-2020/dist/ 408 KB
61 KB 106ms
105ms Stylesheet
text/css 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-content/themes/coa-2020/dist/style.css?ver=7e83072dc58ab34d82a74c789578c2f0
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 6cc9e5133bac44c3eb427153f6cf0756dd7228c25057b30a42703f446db16b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 19:09:29 GMT
server: nginx/1.22.1
etag: W/"644976e9-65f2d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 helpline-text.png
b2642783.smushcdn.com/2642783/wp-content/uploads/2020/04/ 1 KB
2 KB 56ms
9ms Image
image/png 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b2642783.smushcdn.com/2642783/wp-content/uploads/2020/04/helpline-text.png?lossy=1&strip=1&webp=1
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: bc498ca98532ff49c5649d14aa87580d520966ffd4a4b30874179886c3d3f45d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
cdn-edgestorageid: 1079
cdn-cachedat: 01/05/2023 11:25:03
cdn-pullzone: 1107841
content-length: 1348
x-amz-expiration: expiry-date="Mon, 07 Nov 2022 01:04:11 GMT", rule-id="expire"
last-modified: Sat, 08 Oct 2022 01:04:11 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "2f39a95ae5ddfa45b555814b227d89fc"
content-type: image/png
smushed: origFmt=png, origSize=1348, smushRatio=0, skipped=1, originCache=HIT
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: b21dbca2b408a0fb7ea56b739f792526
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bar.png
b2642783.smushcdn.com/2642783/wp-content/themes/coa-2020/src/img/ 88 B
645 B 54ms
7ms Image
image/webp 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b2642783.smushcdn.com/2642783/wp-content/themes/coa-2020/src/img/bar.png?lossy=1&strip=1&webp=1
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: ce0684751f104925f1c1ed329c2ed45f9d1cbccd7de11e72609c78a711263882

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
cdn-edgestorageid: 1076
cdn-cachedat: 01/04/2023 09:14:32
cdn-pullzone: 1107841
content-length: 88
x-amz-expiration: expiry-date="Tue, 08 Nov 2022 15:02:56 GMT", rule-id="expire"
last-modified: Sun, 09 Oct 2022 15:02:56 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "ff1a9f7acf53099abcbec128beccf7b8"
content-type: image/webp
smushed: origFmt=png, origSize=169, smushRatio=47.93, skipped=0, originCache=HIT
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: 7cba5f9b0ed31f67c32753f92e4d4e17
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 524 KB
164 KB 223ms
186ms Script
application/javascript 2606:4700::6810:bb41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bb41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cbba247ca6de6962085423c671b17bd76d58692e32e8e40ad808a12e27bbeab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3102/bundles/project-v2.js&cfRay=7beb66263afb368c-IAD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"250bc2c0c0e298494335c72c83b09e23"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3102/bundles/project-v2.js
date: Fri, 28 Apr 2023 01:05:48 GMT
x-amz-version-id: 5gHIUZSUvmnzlEXn3ZiYc88hx3wrAZ6P
via: 1.1 2f66aa06710fece8ed203ab0ea81eb56.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD89-C3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: fd5186df-e9f4-406c-9359-08d25a231150
last-modified: Tue, 25 Apr 2023 11:31:17 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwbUkloZ3fHpThORb7DEAIhPatjRff2L%2BvuslWN6iUpbeiRkLOJCkb7ftOHpYb5cx6WhZmsT1P2jZMPESXURT39Zfcw0KUbhe6RSFxu53Bnah3AjSQJv0ntpbYz6q7WAJRpi9Xabc2RbLB%2FH"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-9sjmd
cf-ray: 7beb66263afb368c-FRA
x-amz-cf-id: Wvt7LhPuwpKpPBhlm3VLjlbSLrA4W-m_1xLtTqhaU5fC5xQZ5vCfzQ==

GET
H2 200 helpline-call.png
b2642783.smushcdn.com/2642783/wp-content/uploads/2020/04/ 2 KB
2 KB 55ms
8ms Image
image/png 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b2642783.smushcdn.com/2642783/wp-content/uploads/2020/04/helpline-call.png?lossy=1&strip=1&webp=1
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 2cb3465b76760e995f060c47bf962d15049bcc8edf53f974a4cf181da6f931b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
cdn-edgestorageid: 1077
cdn-cachedat: 01/04/2023 09:50:10
cdn-pullzone: 1107841
content-length: 1660
x-amz-expiration: expiry-date="Tue, 08 Nov 2022 15:05:42 GMT", rule-id="expire"
last-modified: Sun, 09 Oct 2022 15:05:42 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "24b37404c24a1d563bb2e5fecddb8f92"
content-type: image/png
smushed: origFmt=png, origSize=1660, smushRatio=0, skipped=1, originCache=HIT
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: a47eeef6628e2058521a47d066d13455
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 helpline-email.png
b2642783.smushcdn.com/2642783/wp-content/uploads/2020/04/ 1 KB
2 KB 56ms
9ms Image
image/webp 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b2642783.smushcdn.com/2642783/wp-content/uploads/2020/04/helpline-email.png?lossy=1&strip=1&webp=1
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 9775cd9bf83e2343a727e193d80aa6c00c4910cbde9f6a8281f9f9e3abee035f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
cdn-edgestorageid: 860
cdn-cachedat: 12/22/2022 06:51:32
cdn-pullzone: 1107841
content-length: 1232
x-amz-expiration: expiry-date="Mon, 07 Nov 2022 04:07:32 GMT", rule-id="expire"
last-modified: Sat, 08 Oct 2022 04:07:32 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "fba8e339b2f1c672558e462187ed8a94"
content-type: image/webp
smushed: origFmt=png, origSize=1751, smushRatio=29.64, skipped=0, originCache=HIT
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: d6d080000f6c870185102dcd652939b9
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 403 KB
101 KB 88ms
65ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NV75N6N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0bea28a24ed50bc2d837a61cccd8669caabf7fcea94103a5e4beffe067fda1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102943
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 01:05:48 GMT

GET
H2 200 jquery.min.js Show response
drugfree.org/wp-includes/js/jquery/ 88 KB
31 KB 104ms
104ms Script
application/javascript 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 19:07:02 GMT
server: nginx/1.22.1
etag: W/"64497656-15e54"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 jquery-migrate.min.js Show response
drugfree.org/wp-includes/js/jquery/ 11 KB
4 KB 105ms
103ms Script
application/javascript 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 19:07:02 GMT
server: nginx/1.22.1
etag: W/"64497656-2bd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 search-filter-build.min.js Show response
drugfree.org/wp-content/plugins/search-filter-pro/public/assets/js/ 64 KB
19 KB 194ms
191ms Script
application/javascript 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-content/plugins/search-filter-pro/public/assets/js/search-filter-build.min.js?ver=2.5.8
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: e7fe6cddb7354738ba40784bab66dc4b6cce364ad55d117f08aaf19eb6ba88ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 19:07:02 GMT
server: nginx/1.22.1
etag: W/"64497656-100fc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 chosen.jquery.min.js Show response
drugfree.org/wp-content/plugins/search-filter-pro/public/assets/js/ 28 KB
7 KB 193ms
190ms Script
application/javascript 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-content/plugins/search-filter-pro/public/assets/js/chosen.jquery.min.js?ver=2.5.8
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 19:07:02 GMT
server: nginx/1.22.1
etag: W/"64497656-71c1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 core.min.js Show response
drugfree.org/wp-includes/js/jquery/ui/ 21 KB
7 KB 106ms
104ms Script
application/javascript 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 19:07:02 GMT
server: nginx/1.22.1
etag: W/"64497656-53c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 datepicker.min.js Show response
drugfree.org/wp-includes/js/jquery/ui/ 36 KB
11 KB 193ms
191ms Script
application/javascript 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.2
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 8821cd10861112ac07254592b0b332abd02cfb6ac32c0ac71378be0fb58c309f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 19:07:02 GMT
server: nginx/1.22.1
etag: W/"64497656-8f7b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 globalScripts.js Show response
drugfree.org/wp-content/themes/coa-2020/dist/ 201 KB
67 KB 194ms
192ms Script
application/javascript 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-content/themes/coa-2020/dist/globalScripts.js?ver=a6b31c2b426c85014f57c16f309ddef9
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: f1f9d401f4356ba40c1546aadcd4d53fff41454b04213e07c91ccc8ba58b5894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 19:09:29 GMT
server: nginx/1.22.1
etag: W/"644976e9-3255c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 sha1.js Show response
drugfree.org/wp-content/themes/coa-2020/src/js/ 9 KB
3 KB 105ms
103ms Script
application/javascript 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-content/themes/coa-2020/src/js/sha1.js?ver=9aa3751fbbd4c7283601c7c184ceeec2
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ce6add62abf850acf32592374597d35af6ff08c9b66993888978c453584b6768

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 19:07:02 GMT
server: nginx/1.22.1
etag: W/"64497656-2347"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 data-layer-push.js Show response
drugfree.org/wp-content/themes/coa-2020/src/js/ 1 KB
985 B 193ms
192ms Script
application/javascript 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-content/themes/coa-2020/src/js/data-layer-push.js?ver=6.1.1
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 329d8142dfb49efadeaf4a13ab5256660f55450522a8c2e2c50bca3ab90f0b72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 19:07:02 GMT
server: nginx/1.22.1
etag: W/"64497656-5da"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 datalayer-forms-handler.js Show response
drugfree.org/wp-content/themes/coa-2020/src/js/ 6 KB
2 KB 194ms
192ms Script
application/javascript 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-content/themes/coa-2020/src/js/datalayer-forms-handler.js?ver=6.1.1
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 34244de931380f37cd8cd0aa1f74c0bd96fbaa5c3a95a1493e19a67134a95d70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 19:07:02 GMT
server: nginx/1.22.1
etag: W/"64497656-177b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 DebugReport.js Show response
drugfree.org/wp-content/plugins/popup-builder/public/js/ 2 KB
914 B 293ms
291ms Script
application/javascript 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-content/plugins/popup-builder/public/js/DebugReport.js?ver=4.1.14
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: fe4bc8dd3ed69bf2875bacf0fe2776c9f109ca2f90bfbf7fb6a915cad69c8983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
last-modified: Wed, 26 Apr 2023 19:07:02 GMT
server: nginx/1.22.1
etag: W/"64497656-72b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 AQNJPZQD Show response
cdn.fundraiseup.com/widget/ 103 KB
36 KB 64ms
38ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fundraiseup.com/widget/AQNJPZQD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3fc62506de42adfb582af370a04969bead1f675a15960c4fa397fe82d143895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3654333390"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSKHj9IjVY71zw8h%2FQjKo%2FIjqgoqQTXIGXcVgDjJqGG0zBy%2BXpnuY4atPz2Wp5cTpo%2B4KMjC3qGPwYYWafUVZMKxbu3oASzycgadDduV93jQT3GBWvPhtAayBjT4y56XSXtk%2Fio%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7beb6626edc02bdd-FRA
link: <https://static.fundraiseup.com/31dec025e8c7.elementsApi.js>; rel=preload; as=script, <https://static.fundraiseup.com/embed-data/elements-global/AQNJPZQD.js>; rel=preload; as=script, <https://static.fundraiseup.com/3.bc8a57badf9b.async-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/2.5a4322057645.elements-langs-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/0.41d93233bb72.elements-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-vendors.679082d8c9279dd42265.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-styles.83c58439d831a2464164.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js>; rel=preload; as=script, <https://static.fundraiseup.com/sentry.d9965a2061342cf21286.js>; rel=preload; as=script
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 donate-hero-space-thumbnail.jpg
drugfree.org/wp-content/uploads/2023/04/ 48 KB
48 KB 198ms
198ms Image
image/jpeg 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/uploads/2023/04/donate-hero-space-thumbnail.jpg
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 16a9478cf49fdd6423eea5feb0e47ef3354d9b58d02e843fccbd19423aec4dcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Mon, 24 Apr 2023 14:58:48 GMT
server: nginx/1.22.1
etag: "64469928-bf94"
content-type: image/jpeg
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 49044
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 family.png
drugfree.org/wp-content/uploads/2020/04/ 2 KB
2 KB 290ms
289ms Image
image/png 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/uploads/2020/04/family.png
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: caafc701d7a4942e770de82e5dae8582b7afc6da85c50b1e99457dcedd1e0b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Mon, 21 Feb 2022 17:31:10 GMT
server: nginx/1.22.1
etag: "6213cc5e-6e0"
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 1760
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 heart-icon.png
drugfree.org/wp-content/uploads/2021/04/ 2 KB
2 KB 288ms
288ms Image
image/png 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/uploads/2021/04/heart-icon.png
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ccb348c56075499c7515c254852df8fe7ea90e2ffbbf98022455841dfafcd97c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Mon, 21 Feb 2022 17:54:55 GMT
server: nginx/1.22.1
etag: "6213d1ef-631"
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 1585
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 science.png
drugfree.org/wp-content/uploads/2020/04/ 4 KB
4 KB 290ms
290ms Image
image/png 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/uploads/2020/04/science.png
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: e3c52027d4255f455a6ac40b8c8f3d04b497d73bb2e4a8f29be65125b656304f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Mon, 21 Feb 2022 17:31:27 GMT
server: nginx/1.22.1
etag: "6213cc6f-10b8"
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 4280
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 242bec60736aae5c3f73.png
drugfree.org/wp-content/themes/coa-2020/dist/ 10 KB
10 KB 288ms
288ms Image
image/png 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/themes/coa-2020/dist/242bec60736aae5c3f73.png
Requested by: Host: drugfree.org
URL: https://drugfree.org/wp-content/themes/coa-2020/dist/style.css?ver=7e83072dc58ab34d82a74c789578c2f0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 90e0c45f44b756a60e3dd2a8697c0e2327f8a700e71f028868c75318531581a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/wp-content/themes/coa-2020/dist/style.css?ver=7e83072dc58ab34d82a74c789578c2f0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Wed, 26 Apr 2023 19:09:29 GMT
server: nginx/1.22.1
etag: "644976e9-2826"
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 10278
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 connect.png
drugfree.org/wp-content/uploads/2020/04/ 989 B
1 KB 287ms
287ms Image
image/png 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/uploads/2020/04/connect.png
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: c1c93844ca684648e325b0bb2b1c6245944b6c5ae5653001ae50646d2d16524a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Mon, 21 Feb 2022 17:31:34 GMT
server: nginx/1.22.1
etag: "6213cc76-3dd"
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 989
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 PS_Homepage_Together.jpg
drugfree.org/wp-content/uploads/2020/05/ 57 KB
57 KB 284ms
284ms Image
image/jpeg 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/uploads/2020/05/PS_Homepage_Together.jpg
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: a6426278784de0295a6c11aa13683595c5fbd79e81f0f8b2a4a83e0cf318fae7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Mon, 21 Feb 2022 17:35:21 GMT
server: nginx/1.22.1
etag: "6213cd59-e357"
content-type: image/jpeg
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 58199
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 Partnership_0127.jpg
drugfree.org/wp-content/uploads/2020/05/ 90 KB
90 KB 296ms
296ms Image
image/jpeg 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/uploads/2020/05/Partnership_0127.jpg
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 6364d2b23cfc778001bbe0aec86e1049defbe32e57965a42e118bf784ec13a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Mon, 21 Feb 2022 17:36:00 GMT
server: nginx/1.22.1
etag: "6213cd80-16680"
content-type: image/jpeg
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 91776
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 resources.png
drugfree.org/wp-content/uploads/2020/04/ 1 KB
2 KB 296ms
295ms Image
image/png 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/uploads/2020/04/resources.png
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: b615e1196fdccd018cce89eb1abd79e84736ae824e93d6e4c134dbdd9b0e7525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Mon, 21 Feb 2022 17:31:26 GMT
server: nginx/1.22.1
etag: "6213cc6e-56e"
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 1390
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 newsletter-icon-purple.png
drugfree.org/wp-content/themes/coa-2020/src/img/ 1 KB
1 KB 295ms
295ms Image
image/png 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/themes/coa-2020/src/img/newsletter-icon-purple.png
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 6a96b6a4e5f3c88e8ffe9b0fbddb81591ac4ff9782d0aee685fdc1dec0f0b7af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Wed, 26 Apr 2023 19:07:02 GMT
server: nginx/1.22.1
etag: "64497656-493"
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 1171
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 d5dd990fba2245b67610.otf
drugfree.org/wp-content/themes/coa-2020/dist/ 28 KB
28 KB 295ms
294ms Font
application/octet-stream 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-content/themes/coa-2020/dist/d5dd990fba2245b67610.otf
Requested by: Host: drugfree.org
URL: https://drugfree.org/wp-content/themes/coa-2020/dist/style.css?ver=7e83072dc58ab34d82a74c789578c2f0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: a862551720913c682e4ce454867adc01633dbf31ad132ce1cd4d4ef68292c835

Request headers

Referer: https://drugfree.org/wp-content/themes/coa-2020/dist/style.css?ver=7e83072dc58ab34d82a74c789578c2f0
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Wed, 26 Apr 2023 19:09:29 GMT
server: nginx/1.22.1
etag: "644976e9-6e7c"
content-type: application/octet-stream
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 28284
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 b6d6d9e2ded3d53278f8.otf
drugfree.org/wp-content/themes/coa-2020/dist/ 106 KB
106 KB 295ms
295ms Font
application/octet-stream 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-content/themes/coa-2020/dist/b6d6d9e2ded3d53278f8.otf
Requested by: Host: drugfree.org
URL: https://drugfree.org/wp-content/themes/coa-2020/dist/style.css?ver=7e83072dc58ab34d82a74c789578c2f0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: d01886ef8b3761d14964198cf2084e703431266bebd3bb9758af88476ff63733

Request headers

Referer: https://drugfree.org/wp-content/themes/coa-2020/dist/style.css?ver=7e83072dc58ab34d82a74c789578c2f0
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Wed, 26 Apr 2023 19:09:29 GMT
server: nginx/1.22.1
etag: "644976e9-1a780"
content-type: application/octet-stream
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 108416
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 20fd1704ea223900efa9.woff2
drugfree.org/wp-content/themes/coa-2020/dist/ 75 KB
76 KB 291ms
291ms Font
font/woff2 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-content/themes/coa-2020/dist/20fd1704ea223900efa9.woff2?v=4.7.0
Requested by: Host: drugfree.org
URL: https://drugfree.org/wp-content/themes/coa-2020/dist/style.css?ver=7e83072dc58ab34d82a74c789578c2f0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://drugfree.org/wp-content/themes/coa-2020/dist/style.css?ver=7e83072dc58ab34d82a74c789578c2f0
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Wed, 26 Apr 2023 19:09:29 GMT
server: nginx/1.22.1
etag: "644976e9-12d68"
content-type: font/woff2
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 77160
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 a72aacfb12ae01a5032b.otf
drugfree.org/wp-content/themes/coa-2020/dist/ 107 KB
108 KB 288ms
288ms Font
application/octet-stream 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://drugfree.org/wp-content/themes/coa-2020/dist/a72aacfb12ae01a5032b.otf
Requested by: Host: drugfree.org
URL: https://drugfree.org/wp-content/themes/coa-2020/dist/style.css?ver=7e83072dc58ab34d82a74c789578c2f0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2c26124a05418b54329b1411d8f60ad73ef7f517f220045a4468c050cfe2d49c

Request headers

Referer: https://drugfree.org/wp-content/themes/coa-2020/dist/style.css?ver=7e83072dc58ab34d82a74c789578c2f0
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Wed, 26 Apr 2023 19:09:29 GMT
server: nginx/1.22.1
etag: "644976e9-1ad44"
content-type: application/octet-stream
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 109892
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 quote.png
b2642783.smushcdn.com/2642783/wp-content/themes/coa-2020/src/img/ 832 B
1 KB 30ms
10ms Image
image/webp 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b2642783.smushcdn.com/2642783/wp-content/themes/coa-2020/src/img/quote.png?lossy=1&strip=1&webp=1
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 65081a2369df20fedaaa0f4c787ed4805c08cdae572bb813f08982f0381a4cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
cdn-edgestorageid: 1054
cdn-cachedat: 04/21/2023 02:14:50
cdn-pullzone: 1107841
content-length: 832
x-amz-expiration: expiry-date="Fri, 28 Apr 2023 11:45:24 GMT", rule-id="expire"
last-modified: Wed, 29 Mar 2023 11:45:24 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "88c17600e833c35c84001fd9ae0f8e02"
content-type: image/webp
smushed: origFmt=png, origSize=2341, smushRatio=64.46, skipped=0, originCache=HIT
cdn-cache: HIT
cdn-uid: 778bbc1f-fc99-4e43-843d-a54ddaa69624
cache-control: public, max-age=31919000
cdn-requestid: fa0332600b87f37973a8d9a25c337755
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 31dec025e8c7.elementsApi.js Show response
static.fundraiseup.com/ 121 KB
38 KB 42ms
27ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/31dec025e8c7.elementsApi.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a69ca4239972b69ca26e34fb1e380f2cf83afc3c78d0d88c1851808ba19afe28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: V28PG6EBA97MP5QB
age: 51419
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: to2AWnJoswWguD9Nyox5oKDHCgdy/2gGPbNBZsZLi58COSji3i8f2AdW3rBebgbhSRAlW2IPRP4=
last-modified: Thu, 27 Apr 2023 10:37:22 GMT
server: cloudflare
etag: W/"f2aa13b6ee30dddb29143b526b6e5a81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QS1ZVTG4mnFwnO1EKQQCCRlkoLJBSxsUSTczMgX7foXbD1RoIXcpEyYzqH51%2Bbp%2B64hsT3ZnWz1IPR1Py%2Fwhv57PerhcYPeA50A8jAGQw%2B1nsMolQIsccWInrLzMgfA%2FrsDk16oGrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66273e062bdd-FRA

GET
H2 200 AQNJPZQD.js Show response
static.fundraiseup.com/embed-data/elements-global/ 9 KB
2 KB 228ms
213ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/embed-data/elements-global/AQNJPZQD.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d35b3de00f30593016a51298f44dff3bc15799076461b3a58789892afb760d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XF54T2QDY6XJZQ25
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n0d4laoeXzRLtspPLZst41B4qi/898LYMc8R/+IbTU5ETTUCqq0MCcddvtBUIQ620OJAw6O7/EE=
last-modified: Fri, 28 Apr 2023 01:05:02 GMT
server: cloudflare
etag: W/"130a5575fed33ebe805bb12bec7baab8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYmtVMO49Oav5EHocVPwuuY%2BbL71Lp29pZLvO1qj0Z3K2eP7I7TV7N48lNqi%2BXMRvRzosCCq6JzT9ubhU2NI4uGFJAkAj%2F9adjj6TGXEEaTSyy0WJ5qXIwKt0Kx8Qms2uMShxw5IWDk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 7beb66273dff2bdd-FRA

GET
H2 200 3.bc8a57badf9b.async-vendors.js Show response
static.fundraiseup.com/ 102 KB
37 KB 42ms
28ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3.bc8a57badf9b.async-vendors.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df8944bf0e8d9596e393a10db0408637c20c4a38f59e3d08c10c643a26795576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PB2ECCYCRNM6XD14
age: 1953162
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cRx9HdSEJ+q326NMbu2smec3Z9wc0AyvdYJOtlCTJqBxspMCFoIj3Jh6ErmjmvM51bRmtAdbI7o=
last-modified: Wed, 05 Apr 2023 10:19:16 GMT
server: cloudflare
etag: W/"9bf2c8717e7d5caae05df8bcf575ff0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7jBKWxPMz7ah0sremSil%2Fwj804KoyK09XKIb%2BYTvfPNNYgW%2FoDSu21Jg0GhpByC1TfhRrXqLj2CHnF2uRpV%2BWviRjuA7TP%2FrzgyUWRMd8C0T8LjMpElcGsBIYXP9%2Fi2XVf3%2Bi%2BC7x4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66273e022bdd-FRA

GET
H2 200 2.5a4322057645.elements-langs-vendors.js Show response
static.fundraiseup.com/ 278 KB
51 KB 35ms
21ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2.5a4322057645.elements-langs-vendors.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15d221d00382d43099417debb791114499730b7e5e7aa1e092ad867bc0c8789a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: V28HWMZW68DP34AV
age: 51419
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: kDda60T7D0fk0l7HxlM5qgpxs18JFbk/UafBJWNGf3gGhqiRv9tgOWqQsCptgyosxQFbmeMumtg=
last-modified: Thu, 27 Apr 2023 10:37:18 GMT
server: cloudflare
etag: W/"1fe887c5a1add37251f623378155e44a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHSufDCAEwQKyKDEWIGxAYDwxx31jBUtn2lbB3iiq710MExrAGP1Zs5nM1H4GArgMwLNbgQyEZARAagnzRgM2w6Sy2SlOsJjAV%2BhmEkgA1Fvm2Y%2F6RfhC6r9wSd3eWr%2FZSyDGsCn614%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66273e012bdd-FRA

GET
H2 200 0.41d93233bb72.elements-vendors.js Show response
static.fundraiseup.com/ 65 KB
17 KB 31ms
16ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/0.41d93233bb72.elements-vendors.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9cfce60e59ade10d786b20eab223c3cb3e061694d77c26993bee22a9fa3862e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: V28V528ZC3D33DV9
age: 51419
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: F5ppKArznX6dM+Kl1s4rENSF8bfDHjSD65FKGjKQqQB1iHpForYimjkPu7YHpCq26Czy4RGS3OY=
last-modified: Thu, 27 Apr 2023 10:37:14 GMT
server: cloudflare
etag: W/"64ed6fd16833e9854432c41ae11ab063"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nhMJuUZkB9UBwymDOzIjOSJdcUeIn35%2FUxoPaVbISogc6ShuPQgzoylsa%2BdohMgGRMpX3vQ%2BaHT9uZRvjoTpjg3%2Bz1xkHa%2BkhYfKc33hhkrD61kODVuNNvPxWsU5vKlLkDVmhoHRSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66273e002bdd-FRA

GET
H2 200 checkout.3e0398635ab22d60ed29.js Show response
static.fundraiseup.com/ 689 KB
154 KB 53ms
38ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b85df52b32a62f9a7de50b736eac6e6ae8b2cde2fa177b185593511668934051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: V28YHY1F1GXC8A6G
age: 51419
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: WTMK3CwqsD+7VE2bfix6nSa4NGOwoS+/lH1mR/xdQQgEQfBavG7vOAl2OD+HGs9rJNwtGNd3dvY=
last-modified: Thu, 27 Apr 2023 10:37:29 GMT
server: cloudflare
etag: W/"1c723969c9c791e4a0f6f9cb3392b69b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbPYR6xw2FoXX9qA%2FTBkzYd8BwKbXJXu%2FCIGftrwTmjyFH672CExzI%2BIu3%2F1p1ngkgZqxDBuDWLPVse4H4GQpWtAeLX0OF2SDUcENDCzITXSQiwoFFdM0LvC5MsyPVby5bMMd0RU60Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66273e032bdd-FRA

GET
H2 200 checkout-vendors.679082d8c9279dd42265.js Show response
static.fundraiseup.com/ 473 KB
148 KB 46ms
32ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-vendors.679082d8c9279dd42265.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dabfc85fd5ab7fd6ee733af7b4cadac9d7fd4e8dce1398678b8b87393036456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YQKP9YPXSRHBC7C4
age: 827975
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: TpSnS29BrGKcTMMJMtKni44DE3J701nR+3sEeM9rJKTRsZI8bYWRDeU4X4jmqrd45g/uw4h8Ayw=
last-modified: Tue, 18 Apr 2023 10:54:24 GMT
server: cloudflare
etag: W/"7b7f4016b8a03cd8a569882608cd2502"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBkAWyeRorHJ9fCMyqEp3j4qogAuuw2PfxRMWOIsKsRLOtPcy%2FEClGSeTbqgxjto53iE%2BUq120csdbTScSs2RHVIj71zs3QwxmXwK1urkPeeOAVQxzDfRCyLRwru8OwUkg01L9X0tr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66273dfd2bdd-FRA

GET
H2 200 checkout-styles.83c58439d831a2464164.js Show response
static.fundraiseup.com/ 278 KB
27 KB 33ms
19ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-styles.83c58439d831a2464164.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17bbae2e0f0c3492e456951f6f76bb2de1f797426c44b18ff9ec6cba5fe5659d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: V28V57WCH4PKG3NY
age: 51419
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: TEHo2NNpz4MV4DhkdKdETNiK6+oddemx4Uo9hbVuu4ndI0CEAwJGybdNdBKYUXtQEMzRBj7Slt8=
last-modified: Thu, 27 Apr 2023 10:37:29 GMT
server: cloudflare
etag: W/"df90437f69beb0da64c8b70a1e1ae113"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev1%2F7lYMUYB6zMn%2FtWik%2FkDEJQz0SvjyQgUdqJtsHiR2iMhlJDsZIpXG59QMhTjl3GWt9jiyWsRwSWnirOwzp%2FiSsMegzpB96mTM945atQGgbDLJHyWx%2BG1MbTHM5t2P%2BTVfWu6WaT0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66273e052bdd-FRA

GET
H2 200 checkout-sentry-vendor.bbaab79af6ac4ae5c523.js Show response
static.fundraiseup.com/ 13 KB
5 KB 28ms
14ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YQKJYJBFP618BC2Q
age: 827975
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: HfmqCWWZoB+psUiWIB5b3ixicyQPo62rCWxwBpbYBxBU8Mf48aK9j7qB8OHv2YcI+8+Ibeh/6HU=
last-modified: Tue, 18 Apr 2023 10:54:24 GMT
server: cloudflare
etag: W/"e8cb215ba1bf6e188dcd93c7faa7d814"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzvgG6M5SX32051gjX4XWaBR9AMsAZ2zfAVrWQ998ToZmb5v%2FGNAwp9qDzUu0ELp4tAxNutTdC7zhPxHyy1AwN8RI1CeucaWt5YuMFBfNUO8dE6uoV3ITBiXCSiyQq7dU0Om2aFHX3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66273dfe2bdd-FRA

GET
H2 200 sentry.d9965a2061342cf21286.js Show response
static.fundraiseup.com/ 2 KB
2 KB 34ms
20ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/sentry.d9965a2061342cf21286.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbaaba78357d4ed64648de8c0b4d969a5422ec1a384a382fdf82e034aa07da53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N3GGKP0ZJNF3VAPK
age: 1350094
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: zcwMruu+ePyY+xChNF3FIYSxASkZLW+/KSqv04kNUTIMw6Ij040XiELAoH6ZbEMpHtjoQv/MLwc=
last-modified: Wed, 12 Apr 2023 09:51:22 GMT
server: cloudflare
etag: W/"56356539fc01ff49fc3e748662138064"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQlbG%2BiuJuluiI0FN5n8OlYrOhplhnhXYvgvFq1rsUfBq43%2BNIQ4lcoP%2BqpuxRWA%2Bx2ZJQnwdDVPjmfqeQzVQzUgy%2BLqZwsTXtuySbS4z5HHOpMszeGYkY%2FuCn7OJf%2BnR7ur2SrcDqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66273e072bdd-FRA

POST
H2 200 tb
fndrsp.net/ 2 B
503 B 169ms
130ms Ping
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AQNJPZQD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bKTLVwokc6y6GA2z2uaPwFYTB8iSG1tHGNosdm8g6lEO9%2BFO4BLVim8eop7cgiUuuyHW4j3bk%2FnKLmU7xqzh%2BRhQEl5dfLxYZuNmxBteFFdN7glbSB%2Fg2T1WeRc"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://drugfree.org
access-control-allow-credentials: true
cf-ray: 7beb66278aff2c19-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 checkout Show response
api.fundraiseup.com/ 7 KB
4 KB 382ms
361ms XHR
application/json 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/checkout?key=AQNJPZQD&livemode=true

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AQNJPZQD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd1b64dae73f34b5b32b1d8fde5a486ffb6ea60a91915ebd9f8f632d3552769

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:49 GMT
content-security-policy: frame-ancestors 'self' fundraiseup.com
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-response-time: 72ms
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://drugfree.org
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VplI1cpnxwcHFOowqm600Y8nfDmj646LCTBMUEZ3GUPG34BweyGX82sSOCPvTAndZnHRDO32La%2Bxi2PPaIThWYV0NL0JTnAlkmqQClVAG47cA%2BFUCCcqnWldy2SsFu9C7YMVTXw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7beb66277e222bdd-FRA
expires: 0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4812cf4a078168d4a1338dc71eeb59def7a0699ac3535d3f6016e79832a054a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/8282853/c61f025e-dd92-4669-9c20-aa56749416e9/ 19 KB
5 KB 159ms
141ms XHR
application/json 2606:4700::6811:d4f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/8282853/c61f025e-dd92-4669-9c20-aa56749416e9/json?hs_static_app=forms-embed&hs_static_app_version=1.3102&X-HubSpot-Static-App-Info=forms-embed-1.3102

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea147bfbd9eea6ba64e8e981ba4fed0e5e69ddc5a02c0dafe47dd1508e47f1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Fri, 28 Apr 2023 01:05:48 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 72c855e8-68aa-4398-8ab2-e7d73fc61b30
x-evy-trace-route-service-name: envoyset-translator
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 21
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 28b0466c-b565-4683-b9a9-1011cd804951
Server: cloudflare
X-Trace: 2B619D9E2A65096EEB0A16E518E7EB99DFFAFA6298000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://drugfree.org
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 7beb6628095e194d-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-n9nn6

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 114 KB
45 KB 40ms
17ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-KF9WKVJ

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV75N6N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbe3b465622eacbfcc91f3221f3726d27f07263bd8e27cd0bb4229ca9db7c7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45523
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Apr 2023 01:05:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV75N6N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 00:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1804
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 28 Apr 2023 02:35:44 GMT

GET
H2 200 hotjar-1354502.js Show response
static.hotjar.com/c/ 9 KB
4 KB 69ms
37ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1354502.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV75N6N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

62e628543b1cb5d27bee0072459c5b65d3eaf373862f5c51555f3eb2fdd6a41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:48 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/6daddd22a2a511f01d531b85e476f4b2
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 3YFQCUFW3APd0NLm4b140wVkuC0a4_Jd9zdVNAAq2A7lvKbdTBjVVw==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 39ms
8ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV75N6N
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230024-FRA

GET
H2 200 1292.js Show response
script.crazyegg.com/pages/scripts/0011/ 6 KB
2 KB 52ms
16ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0011/1292.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV75N6N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7be3b9dd3ae55133b94f2c9eab1263ad2e86bccbf2b2b19897af32ab9068a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 24959
cf-polished: origSize=6063
ce-version: 11.5.73
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 18:09:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 7beb66285e38bb32-FRA

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 57ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV75N6N

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Thu, 20 Apr 2023 19:01:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1DF86CEB1EF0429692847DD84D3F6306 Ref B: FRA31EDGE0721 Ref C: 2023-04-28T01:05:48Z
etag: "808c558fba73d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12048

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: c-cv904.na1.hubspotlinks.com
URL: https://c-cv904.na1.hubspotlinks.com/Ctc/UA+113/c-Cv904/VVr5hy6kzbWHVbVz6Q4zz9H3W33LWhB4ZV2WfN4Hzmfm3q905V1-WJV7CgCkHW5mdqBD4XzVH7W6yw85F977_J5W6pSxxb7KSwXvW7yyt7C3MVLdMW2s5J125565JWW7mRtHw42B3LvW552-Gr5b0R04W49MG0D5RcGqVN6G9cQH_tvrDW437M4x7b1QcRV9-H443p4LsmW2RFYlx7Yc6WHVT7Bfr6rQY3BW2kHNxf6qClsrW3H8vgJ1wT8N2W7Yml9T74Wty7W88_stn4D1GSTW8Wy-tl6pjrYTW3nSmbm8dls_ZW9hMHjd6_DTFcW3NXHDX7B3TlhW8zGdcl1QY4lwW4pJyH297sB0WW3Qy5Bh21_PjL32f81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Apr 2023 01:05:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: iLMM2jTc9LiPHwimEVeAE8RHwrTGM2r6EcaeGfhOft9C2MXuGJZmXOhRwgAdi4jKmgUx/ez42Cy53PMVY9rypA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 8282853.js Show response
js-na1.hs-scripts.com/ 1 KB
873 B 149ms
122ms Script
application/javascript 2606:4700::6812:873b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-na1.hs-scripts.com/8282853.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV75N6N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:873b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c8207b70427b6643f8f05f6512b5dd715c732cf83e8e6121073bc4ee4d879fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 27 Apr 2023 06:49:20 GMT
server: cloudflare
x-hubspot-correlation-id: 94608dd5-8cb9-4549-8322-f049c660a11c
x-trace: 2BD51D6D1133EBA62AD397BF616FE9F805051EF065000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://drugfree.org
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 7beb662849852bb4-FRA

GET
H2 200 c.min.js Show response
cdn.c212.net/ 747 B
1 KB 50ms
6ms Script
application/javascript 2600:9000:223c:1000:16:cfb1:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.c212.net/c.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV75N6N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1000:16:cfb1:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 03:07:34 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jan 2020 19:12:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 79095
etag: "9f5634a151b9e5ecb2adec9462f783d6"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 747
x-amz-cf-id: 44YKiYPaL3D88HrH6btBHy_bBT__-VtYDfmQXS_ga0bnlTgItbWUPw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
85 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ECZGQ0GWSZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV75N6N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07fae80e23ec0d79096f6b641dfd582b4a8ab0c2a6398f8862b5a5dc7f937d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86503
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 01:05:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
80 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z5LKKRKCEL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV75N6N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9db3bb1fed99d3d590084ee196bf89faa09d66d8cc1a974f17d3f964c05a2bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81763
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 01:05:48 GMT

GET
H2 200 news.png
drugfree.org/wp-content/uploads/2020/04/ 508 B
767 B 168ms
167ms Image
image/png 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/uploads/2020/04/news.png
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: cc567f15c54910768b7e7746d6285dc17ef764d58d22b733deab46cb2b3604a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Mon, 21 Feb 2022 17:31:16 GMT
server: nginx/1.22.1
etag: "6213cc64-1fc"
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 508
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 bhm-marcus-daugherty-hero-image-cropped.png
drugfree.org/wp-content/uploads/2023/02/ 85 KB
85 KB 168ms
167ms Image
image/png 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/uploads/2023/02/bhm-marcus-daugherty-hero-image-cropped.png
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: bd6ef8c5f2d094a0297833a28914635e1aaf38ef53f9d5dc95dc4696bab5869a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Tue, 07 Feb 2023 16:35:58 GMT
server: nginx/1.22.1
etag: "63e27dee-15457"
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 87127
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 paramount-doc-untreated-and-unheard-social-2022-web.png
drugfree.org/wp-content/uploads/2022/11/ 200 KB
200 KB 168ms
168ms Image
image/png 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/uploads/2022/11/paramount-doc-untreated-and-unheard-social-2022-web.png
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 72ffb7be1595bea670f9440d8f9d3b27674ea239a5a9ad6bc01673ec9572e47e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Wed, 09 Nov 2022 16:06:15 GMT
server: nginx/1.22.1
etag: "636bcff7-31e89"
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 204425
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 RxAware_Press-Release-photo-nc_600x432-e1682021017303.png
drugfree.org/wp-content/uploads/2022/07/ 1 MB
1 MB 168ms
168ms Image
image/png 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/uploads/2022/07/RxAware_Press-Release-photo-nc_600x432-e1682021017303.png
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 48d894948dbab2efb7ba700f1d524132f81a6aac51a20084cf23f0a8fcabed15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Thu, 20 Apr 2023 20:03:40 GMT
server: nginx/1.22.1
etag: "64419a9c-119259"
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 1151577
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H2 200 f2a7ebd6c4b277a5d2cc.png
drugfree.org/wp-content/themes/coa-2020/dist/ 5 KB
5 KB 166ms
166ms Image
image/png 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drugfree.org/wp-content/themes/coa-2020/dist/f2a7ebd6c4b277a5d2cc.png
Requested by: Host: drugfree.org
URL: https://drugfree.org/wp-content/themes/coa-2020/dist/style.css?ver=7e83072dc58ab34d82a74c789578c2f0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-209-146.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 61c1056e913d2d88985ac9acece6f99beb391f1bd3fc3466f55288c40079ff39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/wp-content/themes/coa-2020/dist/style.css?ver=7e83072dc58ab34d82a74c789578c2f0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Fri, 28 Apr 2023 01:05:48 GMT
last-modified: Wed, 26 Apr 2023 19:09:29 GMT
server: nginx/1.22.1
etag: "644976e9-126d"
content-type: image/png
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 4717
expires: Sat, 27 Apr 2024 01:05:48 GMT

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/8282853/016a42ba-f163-41ea-a443-33cef8b44eee/ 19 KB
5 KB 149ms
136ms XHR
application/json 2606:4700::6811:d4f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/8282853/016a42ba-f163-41ea-a443-33cef8b44eee/json?hs_static_app=forms-embed&hs_static_app_version=1.3102&X-HubSpot-Static-App-Info=forms-embed-1.3102

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22234cd6b02a2761a05750be3312766a0ab055e651d4255a43cd95645a6cf80e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Fri, 28 Apr 2023 01:05:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: 44fa8f57-350f-4e2d-8ec2-d6c98fb8334d
x-evy-trace-route-service-name: envoyset-translator
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 16
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c64f1994-de03-4364-a630-1a23c1e5624a
Server: cloudflare
X-Trace: 2BD07F79DC9E107525EF21F1819C41CB8769DE0F01000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://drugfree.org
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 7beb6628e9fd194d-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-th6jg

GET
H2 200 XJMVBBXP.js Show response
static.fundraiseup.com/embed-data/elements/ 6 KB
2 KB 234ms
233ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/embed-data/elements/XJMVBBXP.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AQNJPZQD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

884c0a4756ec9785481a2a6a3cbc4ee6085eb60360ef048e917acbc5b023d044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HWGMRTQV3ENPQEPD
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: PcyfeLNr+9YQ/icR5iDgcR/37AKz9DrTRxEYV2qPrImJABRC5o3HJjp/70QUSlGpVau20349NRg=
last-modified: Thu, 27 Apr 2023 19:39:01 GMT
server: cloudflare
etag: W/"f65bb1f29484a71717146dfc844ed2cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLx389kOr9P9jTMxsOSaWzg%2F%2B6BcnrBq7V0XeaY5BVKApWaTgtq1yoRTr%2BKfzNrLo4w0%2Bgxv8wE%2BnT0bdR6ckojWk3nMDhGIKMKGoyE3r1bqrC73ZcVqOS4v7cka%2B6XlCqVUfYFGjZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 7beb6628fee12bdd-FRA

GET
H3 200 1.365d3c8afa01.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js Show response
static.fundraiseup.com/ 30 KB
7 KB 15ms
15ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1.365d3c8afa01.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/31dec025e8c7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d194f76f940646b0c21586b5bb3d255b577af7d0bf9c7a89f938fbac4bb365c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RB59DNNHYGKMB2CR
age: 918058
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: KE7pjcGO+90u4eTD3GaeOqnfh9vKChJ3ntXbBR2P+RtTD83QRO5Dk76Zca5czMAWA80G3GfQNm4=
last-modified: Mon, 17 Apr 2023 09:52:13 GMT
server: cloudflare
etag: W/"b7367ad14da46b5a1a17cd79a1f8b95e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MStH2qwO8Ig0xnE46NxGc19WD8kDMGXaxZx2HU6f3IB8imSh%2BnFxKVrtLkzmEISp0L%2BOGqWYLC2U5%2FUzRvAqA6rRPh0zF8%2F4gK3iOgb4RQKe7iz8S2P48Y1exZ3rdVh7zDiWEKkiggc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66295abf6949-FRA

GET
H3 200 332.a62731576513.link-v2.js Show response
static.fundraiseup.com/ 8 KB
3 KB 17ms
17ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/332.a62731576513.link-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/31dec025e8c7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

629074e6c4a51683788693742c8faa83dffcf45e42d0467d35023631531cf54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KD2DNQB7R925S7CG
age: 51414
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4CumqaxfF04csQDTr0MIkNXeKhq1C+V8LL33WaZhrNNHBnizPIJOfWfs1hME2w0XJGy/dU0Cqvg=
last-modified: Thu, 27 Apr 2023 10:37:23 GMT
server: cloudflare
etag: W/"3f692c82cc9b03166a70c92ee3742336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9uyJF9h8Od6yBdf%2FiX7in3XUfrmT2X8EdA7zWLCgNJwxlzYbPGpjmBL8I1KqMLobDy52TZB4iFrspJmBqNvuIVzPJjZQ%2Fk9igIJBkHTZRcFtcLtevN064cpHXF5oBPeJ3dsq8l1VLSE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66295ac06949-FRA

GET
H3 200 299.e0a3387056db.checkout-crypto-currencies.js Show response
static.fundraiseup.com/ 17 KB
3 KB 16ms
16ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/299.e0a3387056db.checkout-crypto-currencies.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/31dec025e8c7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb36ad6b731dbeb51f62cbe178c6f7bccbf7d936b712d56df2448d7e93dd2556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 56ZP6CG4EJY60TB2
age: 2557107
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: QoQ1CKObGGCtvMRbBGjhCja2pPLKQruf8CLa/YzUbc3zsj8ykJ+gJo+KmS/iV0eU80HXkqIfaco=
last-modified: Wed, 29 Mar 2023 10:34:14 GMT
server: cloudflare
etag: W/"270811ce941469c1d02d8633b94e6fd3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRakStEiUzG3T3gkzD5vQhWuRdHegb7rQ0Odh%2FeNf%2BayVWIcP%2FdC80hhEPwvJomnbjZbTG4OqmQisQU3LAz%2B0WIVOt4YTiFNnko4p6bCHuIwGf3inQO1sSQE7bgcijdlH3nJ60GDEDU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66295ac36949-FRA

GET
H3 200 386.ad1dd206d551.sticky-button-v2-styles.js Show response
static.fundraiseup.com/ 3 KB
2 KB 15ms
15ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/386.ad1dd206d551.sticky-button-v2-styles.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/31dec025e8c7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48cb0148850c7fe2cc8efa4abd54301b9fac1e544634a27227d2fa3c3a04ecd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GK6ZWV4FAVE6HSP5
age: 918057
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: WEut3qekG+q001zVV0+oMNYfEC3jKd8wKCEnCQzEyBHsDajM1GcrTypujIojnPnikSjWFatJ07k=
last-modified: Mon, 17 Apr 2023 09:52:22 GMT
server: cloudflare
etag: W/"37f282772f10db822499844eaa550d86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZPJGL7uG2hBQZakB1jGqiPrsjR68jmpPmg1a0mz0Y%2B4H6EkANe99aJb3FX8g9Lcf8Ix0GDMGKIpMCgETNioLssfsyACBhh3%2BGzttbnTPuTMeX9EQ9eEyx6x72Kr9cfv4yA1cpC3hjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66295ac46949-FRA

GET
H3 200 384.11ec0ae86637.sticky-button-v2.js Show response
static.fundraiseup.com/ 18 KB
7 KB 16ms
16ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/384.11ec0ae86637.sticky-button-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/31dec025e8c7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27ad1d6006a125bdfe54c1b41724736d9edd705e9d934954d7a38d4528c6b143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QG8PN5PQ6XGADY50
age: 51400
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: U7oC7T92/eNGFQ27guunlIm5+VYa6VZ9RVj6UvRnHaIJiWCp3E3a/bSWyZnnBOCSdVqHycyfgDs=
last-modified: Thu, 27 Apr 2023 10:37:24 GMT
server: cloudflare
etag: W/"472322f7421ee7f4bd3a03c2ff6fc2be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujnxbMtJmZYwlTRWWCBV%2B8WBsFrRpaeO6ja%2FsbEKCHQj2W%2Bbdn8gcuqr2spVhnH7SKydy0gTQdZBl1j%2Bsqbkgoz3jyUSQRfq%2F9T09OEJfJnxWBGiHMIY119zWMDhlHmV5NN3xZ0eImQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66295ac56949-FRA

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ Frame 59D9 524 KB
163 KB 28ms
27ms Script
application/javascript 2606:4700::6810:bb41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bb41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cbba247ca6de6962085423c671b17bd76d58692e32e8e40ad808a12e27bbeab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-encoding: br
age: 1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3102/bundles/project-v2.js&cfRay=7beb66263afb368c-IAD
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"250bc2c0c0e298494335c72c83b09e23"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3102/bundles/project-v2.js
date: Fri, 28 Apr 2023 01:05:49 GMT
x-amz-version-id: 5gHIUZSUvmnzlEXn3ZiYc88hx3wrAZ6P
via: 1.1 2f66aa06710fece8ed203ab0ea81eb56.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD89-C3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: fd5186df-e9f4-406c-9359-08d25a231150
last-modified: Tue, 25 Apr 2023 11:31:17 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2975%2BYxxB5Az9KPSrlMlkPheCtbVt4toNAcYm%2BvwlEta7XAb8pH1tVlSIBk7Yno%2Fy%2B36nY5hUTxQxOLc4TUI%2BwWkZIXR79OmCzPd2RpfbiWVTeiR0ME%2FFqn6FsZ1STwH7qdQqKUK3MquuQxu"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-9sjmd
cf-ray: 7beb66297cf7368c-FRA
x-amz-cf-id: Wvt7LhPuwpKpPBhlm3VLjlbSLrA4W-m_1xLtTqhaU5fC5xQZ5vCfzQ==

GET
H2 200 modules.58186d35f175af355542.js Show response
script.hotjar.com/ 264 KB
68 KB 40ms
9ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.58186d35f175af355542.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1354502.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

e5abfd65c55dc5e6f697b2825ff51a5d645e7b23a6d959c324143b71f36055df

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 09:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 56682
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69210
last-modified: Thu, 27 Apr 2023 09:20:33 GMT
etag: "c12209e29a66e3097786324f83a79f90"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: r1E0GAGvWoO5Mn2aTPCxqcR3qpBm30iO94ngbs1Fuh49jrly3EOdhA==

GET
H2 200 drugfree.org.json Show response
script.crazyegg.com/pages/data-scripts/0011/1292/site/ 960 B
712 B 35ms
19ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0011/1292/site/drugfree.org.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0011/1292.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fdf7644a9c76376240e57b0e64a0fa77e3eff14cf26d5779883552627460b4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 16643
ce-version: 11.5.73
content-length: 441
last-modified: Thu, 27 Apr 2023 20:28:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7beb6629a8f69159-FRA

GET
H2 200 adsct
t.co/i/ 43 B
377 B 137ms
113ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6044107c-7761-4c1c-88e4-7ced7ce17575&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=37de45e8-120b-434a-8a96-324781a4f653&tw_document_href=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4keu&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 106
date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: f2675815964d1359
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 15a7191fd2361177c4bce2d386024add638b4ceab5325122e2b66f63267d86d5
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 388ms
121ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6044107c-7761-4c1c-88e4-7ced7ce17575&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=37de45e8-120b-434a-8a96-324781a4f653&tw_document_href=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4keu&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 113
date: Fri, 28 Apr 2023 01:05:48 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4f8c2f2ab6e08431
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 34e3d3b60a859b7ecd76b0fd73e6ba3e74acf6ef98d224401dcd01aea227a3b4
content-length: 43

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 140ms
120ms Script
application/javascript 2606:4700::6811:6bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/8282853.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 798d10a2358bf2bb2383db429dbd3872c61623eae564f5ec4b35cebe16e8d3ee

Request headers

Referer: https://drugfree.org/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:49 GMT
x-amz-version-id: aBw9KhRIvCv.ZxIPDLAZZBBgMDNKkxQd
via: 1.1 a075746ea1824aa1c02a5e26a9e968e4.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD89-C3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.362/bundles/project.js&cfRay=7beb6629b9333686-IAD
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 82f02d93-942f-4114-a3b9-b8fdc92bb0db
last-modified: Thu, 27 Apr 2023 09:01:08 UTC
server: cloudflare
etag: W/"bace8c71ddeb09e8dcafa17e11c33f6c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-httbh
cf-ray: 7beb6629b9333686-FRA
x-amz-cf-id: WkJ_q1SbOq8-xaWfpZJ1dxgzuBtMEUnrCSDjfv8xKWqGkL9jyakbdA==
x-hs-target-asset: collected-forms-embed-js/static-1.362/bundles/project.js

GET
H2 200 8282853.js Show response
js.hs-analytics.net/analytics/1682643900000/ 65 KB
21 KB 166ms
146ms Script
text/javascript 2606:4700::6810:8bce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1682643900000/8282853.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/8282853.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 714efc8e0e3abf859c865370715dceb448306614d0dd8117ad06faabf5681d34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:49 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: HWGYZXAJ4JV0ADX6
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 25
x-amz-id-2: 5GQGx+UL1XHMAFWl37SLJV+Edaae/u+rs0Ny5pGKAEn3KbDFBZYV+iyIA+dNSiuzbd464QE/zRQ=
x-evy-trace-listener: listener_https
x-request-id: d3544f5b-4735-448c-89a3-c30cee6674f5
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 18 Apr 2023 14:14:08 GMT
server: cloudflare
etag: W/"6fdddb5a4239e73a5c3b8acf4d9e4e4e"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-p4p72
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7beb6629ced5382a-FRA
expires: Fri, 28 Apr 2023 01:10:49 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/8282853/ 208 KB
64 KB 410ms
391ms Script
text/javascript 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/8282853/banner.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/8282853.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 484c2a9ed3a82a57d496c15f84d3da8257208e0a0fef76a6ddf304b69908bbb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:49 GMT
x-amz-version-id: i_neRaOWo7gO.8qt.vbxCDPpqZ.UIt_P
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: R7J318X4Z21JTT3Y
x-amz-server-side-encryption: AES256
x-amz-id-2: I7dNoxyWJ86+AUdaYn3uVV7UBNuPeljA4K9SWUF4jtBvBM+3sCiYeldIJ2PtMX7tlY2lqif4TEo=
last-modified: Mon, 17 Apr 2023 16:21:12 GMT
server: cloudflare
etag: W/"22b5d00e46eb57167d09127c5f9e93a6"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://drugfree.org
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7beb6629bec56931-FRA
expires: Fri, 28 Apr 2023 01:10:49 GMT

GET
H2 200 / Show response
c212.net/c/etag/ 384 B
859 B 136ms
106ms Script
text/html 13.32.99.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c212.net/c/etag/?clientId=1myRfcrW&pixel=0&dmp=1&e1=1
Requested by: Host: cdn.c212.net
URL: https://cdn.c212.net/c.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-45.fra60.r.cloudfront.net
Software: Jetty(9.4.31.v20200723) /
Resource Hash: 83570984ac066eae1a59773c11bfef094e6557791d7456d492b306c8257adf43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:49 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
server: Jetty(9.4.31.v20200723)
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-type: text/html;charset=iso-8859-1
content-language: de-DE
server-timing: intid;desc=c3bf535102ea93ab
content-length: 384
x-amz-cf-id: e25FjcvJUlabc18RxQtWi4N7zRbxE7FXGvxcEqVh3pqX8vNGNMqC7g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ActivityServer.bs Show response
bs.serving-sys.com/Serving/ 1 KB
1 KB 128ms
8ms Script
text/html 52.29.31.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=1225997&rnd=577183.9146230356
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV75N6N
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.31.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-31-225.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 199e3307596527c519954add56f1cf27c296a7e76cebdc8f535771aef8701ea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 01:05:49 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 591
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H2 200 admin-ajax.php Show response
drugfree.org/wp-admin/ 124 B
483 B 895ms
895ms XHR
text/html 3.215.209.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://drugfree.org/wp-admin/admin-ajax.php

Requested by

Host: drugfree.org
URL: https://drugfree.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.209.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-209-146.compute-1.amazonaws.com

Software

nginx/1.22.1 /

Resource Hash

6258ec85c02711aca66fc86b2e5ea18716f95f013aa051f8bd4782f669bfb03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.22.1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://drugfree.org
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 298598497637256 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 74ms
73ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/298598497637256?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0de93453ab7ed9c546d7f73ae584b3ad3e36226315fa45aa28713819e2c7a6d7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 28 Apr 2023 01:05:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: PP1ScrrQXfK+E6XYg59efIlNFBCJ5WgqFifBApl/bA2CK27P1tGdPmbbJ0hFK79zXNsa0oqZ+K6T6I2F7JGKtA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
180 B 15ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1771490407&t=pageview&_s=1&dl=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Partnership%20to%20End%20Addiction&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABQAAAAC~&jid=273452482&gjid=1035016072&cid=1227335195.1682643950&tid=UA-18808595-1&_gid=324134486.1682643950&_r=1&_slc=1&gtm=45He34q0n81NV75N6N&z=1741881206

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 01:05:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drugfree.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 15ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1771490407&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Partnership%20to%20End%20Addiction&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=Baseline&el=page%20url%3A%20https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&_u=aEDAAEABQAAAACAEK~&jid=374171306&gjid=1107723127&cid=1227335195.1682643950&tid=UA-18808595-11&_gid=324134486.1682643950&_r=1&_slc=1&gtm=45He34q0n81NV75N6N&cd11=2023-04-28T01%3A05%3A49.75%2B00%3A00&cd10=1227335195.1682643950&z=2103393101

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 01:05:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drugfree.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
130 B 7ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1771490407&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Partnership%20to%20End%20Addiction&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth%20(Percentage)&ea=Baseline&el=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&_u=aEDAAAABQAAAAC~&jid=&gjid=&cid=1227335195.1682643950&tid=UA-18808595-1&_gid=324134486.1682643950&gtm=45He34q0n81NV75N6N&z=433353841

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 02:38:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80855
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1771490407&t=pageview&_s=1&dl=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Partnership%20to%20End%20Addiction&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABRAAAACAEK~&jid=&gjid=&cid=1227335195.1682643950&tid=UA-18808595-11&_gid=324134486.1682643950&gtm=45He34q0n81NV75N6N&cd1=Partnership%20to%20End%20Addiction&cd2=Precious%20Mack&cd3=2019-11-20&cd11=2023-04-28T01%3A05%3A50.25%2B00%3A00&cd10=1227335195.1682643950&z=1298807741

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Apr 2023 02:38:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80855
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 38ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ECZGQ0GWSZ&gtm=45je34q0&_p=1771490407&_gaz=1&cid=1227335195.1682643950&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682643950&sct=1&seg=0&dl=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&dt=Partnership%20to%20End%20Addiction&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ECZGQ0GWSZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 01:05:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drugfree.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 53ms
17ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ECZGQ0GWSZ&cid=1227335195.1682643950&gtm=45je34q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ECZGQ0GWSZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 01:05:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drugfree.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 50ms
17ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ECZGQ0GWSZ&cid=1227335195.1682643950&gtm=45je34q0&aip=1&z=269927215

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 01:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z5LKKRKCEL&gtm=45je34q0&_p=1771490407&cid=1227335195.1682643950&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682643950&sct=1&seg=0&dl=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&dt=Partnership%20to%20End%20Addiction&en=page_view&_fv=1&_ss=1&ep.hit_timestamp=2023-04-28T01%3A05%3A48.809%2B00%3A00&ep.full_referrer=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z5LKKRKCEL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 01:05:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drugfree.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 52009999.js Show response
bat.bing.com/p/action/ 0
118 B 124ms
123ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/52009999.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 28 Apr 2023 01:05:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E9F6F31579144531A17C4B9F6D39F820 Ref B: FRA31EDGE0721 Ref C: 2023-04-28T01:05:50Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=52009999&tm=gtm002&Ver=2&mid=a7cb0877-f1cb-467b-9e30-7ae82def392d&sid=d0d65060e56011edb21c83aa732bf4aa&vid=d0d68850e56011edab4b19d0e4801461&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Partnership%20to%20End%20Addiction&p=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&r=&lt=3356&evt=pageLoad&sv=1&rn=44191

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Apr 2023 01:05:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7312F88C50834EE6B3191E5488DF5DEC Ref B: FRA31EDGE0721 Ref C: 2023-04-28T01:05:50Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6873.3ada498ec170deac4c72.js Show response
static.fundraiseup.com/ 255 KB
78 KB 21ms
21ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/6873.3ada498ec170deac4c72.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9c4cd52c3dd745a229da2f0dda750478ec496ef00bb1fbf1ec5eba1371cb159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F6CBGV2ZM8Z0PDP
age: 827948
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: q2kNn86Kza8l2uNHspIhjsPId4xtJtd/V9A8wg25f21y8PXiQiF3+uKHAk4LgXyNDMPIDUyiLlY=
last-modified: Tue, 18 Apr 2023 10:54:22 GMT
server: cloudflare
etag: W/"8d3a63a40818acfe58e2f92bad136881"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhKiIgcGJ53vQpG5CAAqCsNhWxjQR3NXBFw7R6HaZupYRE9%2BjB%2ByTjzUhmGasPLADRWStXvm67jo2%2F3JRui0v2uw7JwVStxbj0VD3tC7kopCv6wcDV0WYIYJoE%2Bb5EH7t%2BSGXCJ2GHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6630ce8f6949-FRA

GET
H3 200 checkout-locale5.bc12af2f4ee23deaa6dc.js Show response
static.fundraiseup.com/ 53 KB
14 KB 16ms
15ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-locale5.bc12af2f4ee23deaa6dc.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

355ace3684c48b3ba293e57bd53b3c9f54ddd36467bc4725c428aab087679b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QBMAWTNWQJ3K72S3
age: 658060
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 0/Mv3esZcW4SRlAEU5C6TuWDX1JqyK6K0J7kfageE0/eyZpqAlrrntU6snPhe7nSaFjudj7b5Iw=
last-modified: Thu, 20 Apr 2023 09:56:28 GMT
server: cloudflare
etag: W/"3258a14693a6daea362437e127e20f44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7KMrsJOhCMrK5AGBmKDovOn9cc%2Brk3Azd9RygicL3uGCsN7nAOxEnbwGen1Ue6oJfktvmd8kTnId0gtxj5dVxKdCFWumMPaDh2NE63aYc5U8uY1M2TqOCTgHoK0DfFZ2yzNe3F1lMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb66310eb46949-FRA

GET
H2 204 0
bat.bing.com/action/ 0
120 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=52009999&tm=gtm002&Ver=2&mid=a7cb0877-f1cb-467b-9e30-7ae82def392d&sid=d0d65060e56011edb21c83aa732bf4aa&vid=d0d68850e56011edab4b19d0e4801461&vids=0&msclkid=N&gtm_tag_source=ua&ec=Scroll%20Depth%20(Percentage)&el=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&gc=USD&tpp=1&en=Y&p=https%3A%2F%2Fdrugfree.org%2F&sw=1600&sh=1200&sc=24&evt=custom&rn=750145

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Apr 2023 01:05:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 11A8CD9E588145388323473011973503 Ref B: FRA31EDGE0721 Ref C: 2023-04-28T01:05:50Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
122 B 35ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=52009999&tm=gtm002&Ver=2&mid=a7cb0877-f1cb-467b-9e30-7ae82def392d&sid=d0d65060e56011edb21c83aa732bf4aa&vid=d0d68850e56011edab4b19d0e4801461&vids=0&msclkid=N&gtm_tag_source=ua&ec=scroll%20depth&el=page%20url%3A%20https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&gc=USD&tpp=1&en=Y&p=https%3A%2F%2Fdrugfree.org%2F&sw=1600&sh=1200&sc=24&evt=custom&rn=134671

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Apr 2023 01:05:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7B2BB33F3E244A7AABB200A4BFAFA0D Ref B: FRA31EDGE0721 Ref C: 2023-04-28T01:05:50Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 v2.js Show response
js.hsforms.net/forms/ Frame BD62 524 KB
164 KB 20ms
19ms Script
application/javascript 2606:4700::6810:bb41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:bb41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cbba247ca6de6962085423c671b17bd76d58692e32e8e40ad808a12e27bbeab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-encoding: br
age: 546
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3102/bundles/project-v2.js&cfRay=7beb58d8f91c30e7-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"250bc2c0c0e298494335c72c83b09e23"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3102/bundles/project-v2.js
date: Fri, 28 Apr 2023 01:05:50 GMT
x-amz-version-id: 5gHIUZSUvmnzlEXn3ZiYc88hx3wrAZ6P
via: 1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD89-C3
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: d5d18868-52c5-4244-a95e-b30639da2d4a
last-modified: Tue, 25 Apr 2023 11:31:17 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0bE1DeLf8R%2B%2FwyWUv0ZYpse2VdTGoLUv1o%2FttUJQ0swArLBPhghbpOMS4MgYJ5UAGZ1gGzFfwZRELO3Vke%2F6s5mZrv9aj7NvnvqN0%2F%2BaoMLIuRvfjXeWKn2qPYOA7Wa%2BgS%2FWRLODIsffsq%2F"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-dqc58
cf-ray: 7beb66312c33929f-FRA
x-amz-cf-id: h5EJ1DY8cgu84kLOvtstYtkcM1Qosr29ow-quA3EUC3hemt7JwaEmg==

POST
H2 200 tb
fndrsp.net/ 2 B
287 B 134ms
133ms Ping
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AQNJPZQD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBY%2BFv%2BSFMbB0fZcsFQua%2BOrzPop72dZv8Yhy39UjGWtBZMk9cSTFS1QS4Loh3m4Cxt4cNhgCT27ZrLAq7DNpu45e6bw1qy9d3AtsEL%2BjeEV9pYZ3n%2Badi1NT%2BdD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://drugfree.org
access-control-allow-credentials: true
cf-ray: 7beb663139b22c19-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 621D 473 KB
128 KB 53ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2c4f8d66c9bae8c9f00d858fd7192dffcb5f86c4f2775a3abb1ac6143347b460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:50 GMT
via: 1.1 varnish
age: 12
x-cache: HIT
content-length: 130379
x-request-id: d42a4202-72c6-41e0-9d15-3715109c4a39
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 20:40:58 GMT
server: Fastly
etag: "e0c2fcb6f1be2cfafacb1bed780a0f67"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 / Show response
js.stripe.com/v3/ 473 KB
127 KB 54ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2c4f8d66c9bae8c9f00d858fd7192dffcb5f86c4f2775a3abb1ac6143347b460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:50 GMT
via: 1.1 varnish
age: 50
x-cache: HIT
content-length: 130379
x-request-id: f16163d3-8587-45c6-be2a-18519746efdc
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 20:40:58 GMT
server: Fastly
etag: "e0c2fcb6f1be2cfafacb1bed780a0f67"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 20ms
18ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-18808595-1&cid=1227335195.1682643950&jid=273452482&gjid=1035016072&_gid=324134486.1682643950&_u=aEBAAAAAQAAAAC~&z=752673538

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Apr 2023 01:05:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drugfree.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-18808595-11&cid=1227335195.1682643950&jid=374171306&gjid=1107723127&_gid=324134486.1682643950&_u=aEDAAEABQAAAACAEK~&z=486242449

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 28 Apr 2023 01:05:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drugfree.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
644 B 138ms
123ms Image
image/gif 2606:4700::6811:d4f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 94f6a32a-802f-4ae8-8341-0e821d279e6f
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9e7147f6-5f88-4357-92e7-f56e33ea4721
server: cloudflare
x-trace: 2B652756C6F235751439D3BC26D7AA7188F43D0F5E000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-bdjln
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7beb6631be56929c-FRA

GET
H3 200 327.85e7a07acc69.impact-slider-v2-styles.js Show response
static.fundraiseup.com/ 9 KB
3 KB 20ms
19ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/327.85e7a07acc69.impact-slider-v2-styles.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/31dec025e8c7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ec05bb3633f88173ca0168580314160bb75c293130f1129874271ccafac7b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C16BZSENTQSY5SMP
age: 916910
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 85nNtlE6hEmtB/dBHVzs/1ietb717chkauRc3GUKXhnUzQUnilKBx5fluMktw+DYWEMvbrSOYyg=
last-modified: Mon, 17 Apr 2023 09:52:20 GMT
server: cloudflare
etag: W/"b7d43d3b9d1e4146842b699c6b258228"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvHz8LzNs8IJ2kwSjY2Td8TO6QEMoRvOi09dT03Vo4k3mkhQS8niM37S%2FtUN2p7DvnCuD%2FjiLuNbSL%2Fasuczsocm4edT9XFWnAc2dx%2BLhByNXG7HT92mKZDTRxvT9vxBMdQNupXiOFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6631af176949-FRA

GET
H3 200 325.a9c39106f2d8.impact-slider-v2.js Show response
static.fundraiseup.com/ 28 KB
8 KB 23ms
23ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/325.a9c39106f2d8.impact-slider-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/31dec025e8c7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04635a249a821f57b33b7bbaecdd98e15fbf93bad68ac1053364fd019486d945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y8EFNQ6V3044EY6Y
age: 51411
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: L/YbZMHuzK0g3U7B043nJ9conE9V7Lt+OCWIR0GcBvnPyYZSHe93Y9lRe3bK0ueoYhQAOO0GZGDmrhw+WvEcVQ==
last-modified: Thu, 27 Apr 2023 10:37:22 GMT
server: cloudflare
etag: W/"ea84bdf020731070f78f025b8fba8a37"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYCPSIlDrDV%2Fj%2B2RCNrMXfx73%2BsXfFV7%2B6sAZy9XcRQKfwVJDLn4JJ2uOvf5THpZXwS6MWnbwNP5aSkTNGTFkepqAFA%2BFFGBwUgvZ5beuIPhd0npJwM8dhqtKMbDWFIivapJUYh9gj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6631af186949-FRA

GET
H3 200 381.c98d2766acbb.social-proof-v2-styles.js Show response
static.fundraiseup.com/ 5 KB
2 KB 22ms
18ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/381.c98d2766acbb.social-proof-v2-styles.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/31dec025e8c7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

249ba5cb7246f2ea4c249bc161fa90db331c46e0ed7654127bc18e44dd6f3daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GK6Q7ZS9T9TVQ3A0
age: 918058
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: pEaQN4f34Ge2SN/SKDTB4RD5RhMy3ybZj0TG7FtdVLiBq1/VHzIJ2UtYSThdhDibtSwOfB/Cj60=
last-modified: Mon, 17 Apr 2023 09:52:22 GMT
server: cloudflare
etag: W/"7325f6d5aa58ceb3d36601da42d85816"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHgam7%2FEVZ8izqYtcEpLeyjsAYubp25ICk%2BjSNP%2BgG7AB3nBPnUfVGH5kMAPmSo3eCHDe2271UCQD17gl4%2FCndIuC3WG15Sa0qIrkzksNTqAoTb4NGVQ6TUVdg%2FAU6wl2CYF1bFh%2FZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6631cf216949-FRA

GET
H3 200 379.4a050b231c8e.social-proof-v2.js Show response
static.fundraiseup.com/ 33 KB
11 KB 24ms
21ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/379.4a050b231c8e.social-proof-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/31dec025e8c7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5542aa0448512f0077b452d3c1e5902dbf2c8de67d5600370335e5267c4a3918

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QG8HVS6F532JF2P5
age: 51401
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 02LZcF2wElsVLl6+xOj89/RyLfLoVRnvXHCO1Y+WadLWQcdsohvzcUGzDyQ4vnlA/StgHNq+Flk=
last-modified: Thu, 27 Apr 2023 10:37:24 GMT
server: cloudflare
etag: W/"d3253e7c9c9d88502d638f369bacd635"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UkX4RFNx2bw2QEs9PlTUWTmZgdNrN8d670dUTHZ3pYxMXG5CfaLAVF3Dupfnbib%2BH4czm%2BvHSfvCgHTou9B7DWJIcMyNpF2sjXPSbPOGzpi2W731BjgAaEdKOBlh2tZtDOJdw1TquY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6631cf226949-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame 46B4 56 KB
56 KB 64ms
46ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FGANEAH119N018T1
age: 1913603
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56996
x-amz-id-2: oVxctf6P5r0l8Gr5QICHmDzPneqvDp4oR0BwP+FV+YZyzsNDUlzv4zjs3tNELVwKlPG3XaMNmSw=
last-modified: Thu, 02 Feb 2023 10:31:08 GMT
server: cloudflare
etag: "643ad5d92cd7c31076790077c3003abc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Il%2Bg9oiCef%2FOS42I1NZxWaYczjlS8JVCn82%2BGFP%2B%2Bujc6jh5bakRY%2B%2FyNUSXhRWrJah%2FlK2tV6F186tPJx5epDeleH1zhMY6%2BrL7sx5JWmCPzD6Je8hhEQCfWI592XDFevMqr39i%2FR4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7beb66321a9b30c4-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame 59D9 56 KB
13 KB 99ms
23ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Gothic%20A1&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3338c82cbcea67cd682199940100b7d44018acb03e7f232be3e2ef2730fc1df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 01:05:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 01:05:50 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
960 B 65ms
17ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_c6bde0fc_ccd3_4e45_a024_a9191700d40a&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec6aeb97f65e6838b59b6b416e672193b6d026210ece9c63133cfc8cce424718

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 640
x-xss-protection: 1; mode=block
expires: Fri, 28 Apr 2023 01:05:50 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/sync/ 1 KB
2 KB 63ms
19ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?sync=auto&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1
Requested by: Host: c212.net
URL: https://c212.net/c/etag/?clientId=1myRfcrW&pixel=0&dmp=1&e1=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 830 785530e master cdg-pixel-x9 config_version:"unknown" /
Resource Hash: 93bae0dd32bd186fbd1f08991bdf2c93510c718a2c0bf52b46713586ec3be103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 01:05:50 GMT
Server: MT3 830 785530e master cdg-pixel-x9 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1524
Expires: Fri, 28 Apr 2023 01:05:49 GMT

GET
H2 200 ebAttribution.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 24 KB
8 KB 66ms
8ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebAttribution.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=1225997&rnd=577183.9146230356
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d7ca90f5224456c5b0b3377d1dd87a5a96ee9f07b6b9ca0b86e4e757b3a0f50b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
content-encoding: gzip
last-modified: Wed, 18 May 2022 14:07:07 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"8440d88fdf94d6823ae9ecb94a935255"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=432
accept-ranges: bytes
x-amz-cf-id: KjcXS2VtJ2HxMcagQLvo9L8_1Pr8qQsywdETgZdcTHqIG3Z9-Gvlew==
content-length: 7894

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298598497637256&ev=PageView&dl=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&rl=&if=false&ts=1682643950625&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=29&cs_est=true&fbp=fb.1.1682643950624.137099953&it=1682643950035&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Apr 2023 01:05:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
1007 B 160ms
122ms Image
image/gif 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 01:05:50 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-HubSpot-Correlation-Id: a200e29a-68b3-48af-b763-aeeebe728534
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 4
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8c035fa7-2e0a-4a9b-954c-680ac2e56663
Server: cloudflare
X-Trace: 2B7BB49213AD79497D580497566A496066AF5465E9000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-58fd596dd9-v9xpw
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7beb6633cc773603-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 19ms
17ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18808595-1&cid=1227335195.1682643950&jid=273452482&_u=aEBAAAAAQAAAAC~&z=1874880764

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 01:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 55ms
53ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18808595-1&cid=1227335195.1682643950&jid=273452482&_u=aEBAAAAAQAAAAC~&z=1874880764

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 01:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 23ms
22ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18808595-11&cid=1227335195.1682643950&jid=374171306&_u=aEDAAEABQAAAACAEK~&z=557980415

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 01:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 25ms
24ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-18808595-11&cid=1227335195.1682643950&jid=374171306&_u=aEDAAEABQAAAACAEK~&z=557980415

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 01:05:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 9304.35bf886b9940df891d05.js Show response
static.fundraiseup.com/ 38 KB
12 KB 18ms
17ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9304.35bf886b9940df891d05.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b237f93294f583c1375c8531b404cc21e17e9f15769a254c7d08d512d292f10b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: THCAF64G3CKV52A1
age: 227202
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 8BKqM895qIzij/G13OJs26nauOqOpaUdhF30C5RiRnodNClJiBjxvgz/Cj5yw1G6hq0NIFZDajw=
last-modified: Tue, 25 Apr 2023 09:44:25 GMT
server: cloudflare
etag: W/"609ec38fe91ec94353ab0e6443e873a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUfUODwcrs0h%2B05tm1%2B3jMaP6T3dWjSu3BuWMPiBmvDAcffbWYdxeygBm%2FyMpmphwAkXuc9KyBDr31iUn0HBKiCR2lElvqnVb9UIsHGRXru2F9ztFzi5MP7G71sn9KtQQeWcjlSR%2BQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6633e8276949-FRA

POST
H2 200 / Show response
sentry.fundraiseup.com/api/2/envelope/ 2 B
159 B 303ms
92ms Fetch
application/json 147.135.78.45
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.fundraiseup.com/api/2/envelope/?sentry_key=cb0af19166ad4bdeb8c3efc4848d6635&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/6873.3ada498ec170deac4c72.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.78.45 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Caddy, nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://drugfree.org
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
date: Fri, 28 Apr 2023 01:05:50 GMT
server: Caddy, nginx
content-length: 2
vary: Origin
content-type: application/json

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
470 B 116ms
115ms XHR
application/json 2606:4700::6811:6bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=8282853&utk=
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/6873.3ada498ec170deac4c72.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 792632bf30dbfae8c40b11760e13c69bc49b342326909517a38c0740c65fc8ed

Request headers

Accept: application/json, text/plain, */*
Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 05f603e5-e2d4-475c-a969-4ce66f9c8f71
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2835a489-6f17-4f21-bca9-ca99b692d325
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://drugfree.org
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-9sjmd
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7beb66343f2d3686-FRA

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 621D 271 KB
76 KB 520ms
491ms Script
application/javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=FEQXTG8EYPCG2&currency=EUR&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

433de54c0bd3db38b5121a04a428a0bfb6bd8162287300583553fc5cdeb978e9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-LeNvkUX8uLvh4B9Po9HrYkn6+IeXGhy3OwAvEHsj6PQlddKB' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-LeNvkUX8uLvh4B9Po9HrYkn6+IeXGhy3OwAvEHsj6PQlddKB' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-LeNvkUX8uLvh4B9Po9HrYkn6+IeXGhy3OwAvEHsj6PQlddKB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-LeNvkUX8uLvh4B9Po9HrYkn6+IeXGhy3OwAvEHsj6PQlddKB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS
p3p: true
paypal-debug-id: f9930079c4a2a
server-timing: "traceparent;desc="00-0000000000000000000f9930079c4a2a-dc7ab0cba15b2eeb-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 76424
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230105-FRA
traceparent: 00-0000000000000000000f9930079c4a2a-33732bc3921f6500-01
x-timer: S1682643951.792842,VS0,VE484
etag: W/"12a88-dQg5h8WnlODNAPKPcaHI7o4hyr8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.119.woff2
fonts.gstatic.com/s/gothica1/v13/ Frame 59D9 9 KB
10 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gothica1/v13/CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gothic%20A1&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2ef1fb8e14731044ec0ef5180e4252ce4620bab1fa108ce11907f64db95a8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 19:34:12 GMT
x-content-type-options: nosniff
age: 451898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9340
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:27:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 19:34:12 GMT

GET
H2 200 CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.118.woff2
fonts.gstatic.com/s/gothica1/v13/ Frame 59D9 9 KB
9 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gothica1/v13/CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gothic%20A1&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c74f2c4ab48823aade5b87df701183b4930de537ffaf6ffa10b022769a199741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:07:01 GMT
x-content-type-options: nosniff
age: 601129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9484
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:27:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:07:01 GMT

GET
H2 200 CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.116.woff2
fonts.gstatic.com/s/gothica1/v13/ Frame 59D9 11 KB
11 KB 38ms
16ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gothica1/v13/CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gothic%20A1&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76fa34904e5e53dc20736cabfbacdc8efabc84ebe8f664a7707b4c6fd6310db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10956
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:45:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 01:05:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BD62 56 KB
13 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Gothic%20A1&display=swap

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3338c82cbcea67cd682199940100b7d44018acb03e7f232be3e2ef2730fc1df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 01:05:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 01:05:50 GMT

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
662 B 18ms
18ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_981599b3_2214_4e95_bce7_da500c4cf54e&render=explicit&hl=en

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

351cbd1b6acd78f66291817b182d8c554db1489686ff779c6e3e2e94e6251bfd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 641
x-xss-protection: 1; mode=block
expires: Fri, 28 Apr 2023 01:05:50 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 45B8 200 B
787 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 9856403
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 01:05:50 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 416573
x-content-type-options: nosniff
x-request-id: 2e597b13-0429-4ca0-b835-f93bcaf9d1b0
x-served-by: cache-fra-eddf8230077-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame A554 52 KB
53 KB 20ms
19ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6FFDET68KX52M68W
age: 1709811
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53064
x-amz-id-2: 4y+CiNEgmC0BO1vUfuz4x/QU34qeG1Zg+xGU3YooLddFhb5DWYi4v8wkmhp8N+0baOVbJKzhZuE=
last-modified: Fri, 03 Feb 2023 09:23:03 GMT
server: cloudflare
etag: "c9e466876957e9d2128f63b225a81ae3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GWfBXYAZXdtlcu2QuBDwumrxulX%2BfzxAlfzO3QWhTI77rvZZnOZSVhKVawezzO87RZ3IQ%2FnntC3xaPEmof2ZIx%2FSpzaCMzhN817dqF4zWGZZztnKzki9N9tMxPWMCmXl6iESFO%2B%2FCA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7beb6634ec5c30c4-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame A554 56 KB
56 KB 13ms
13ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FGANEAH119N018T1
age: 1913603
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56996
x-amz-id-2: oVxctf6P5r0l8Gr5QICHmDzPneqvDp4oR0BwP+FV+YZyzsNDUlzv4zjs3tNELVwKlPG3XaMNmSw=
last-modified: Thu, 02 Feb 2023 10:31:08 GMT
server: cloudflare
etag: "643ad5d92cd7c31076790077c3003abc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdSxPGYTxXp5Dluv2GwzOZqEeRpW1vvJr%2F1HAjUrqksDwP2euptM%2B4qKbFs%2F7HD412UVwjY%2FFJ5P4IAkT7Mv2JSQgd3ldbQCm273hnjZR0Qf8PD0J9JDycRPeKIJZ5ExG959tUc3254%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7beb6634ec5d30c4-FRA

POST
H3 200 5479328665203767555 Show response
api.fundraiseup.com/paymentSession/ 430 B
882 B 362ms
361ms XHR
application/json 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/paymentSession/5479328665203767555

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/6873.3ada498ec170deac4c72.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6271b54f1e485948bbddc90c5755632dda8bf924a61d04029d19cde212c0f2ad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
content-security-policy: frame-ancestors 'self' fundraiseup.com
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-response-time: 67ms
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://drugfree.org
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJSG6k5Q4TuCZQrMS4NK8iWDErKGbALWGsYZevZFhFEuu1Tr%2BLbJL5DmPsO7yXEvDFp%2B5NsM9n%2Bj5VKi6HJZc%2BJuZ4v15eQpXIxp181Rs%2FS5iTGzNz2n9dNkLSiLzk0fVCk5iPM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7beb6634f8c96949-FRA
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 45B8 0
718 B 532ms
180ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951323019
x-envoy-upstream-service-time: 14
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 8
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643951318955
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 45B8 0
717 B 577ms
225ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951358700
x-envoy-upstream-service-time: 60
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 9
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643951318979
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 45B8 631 B
468 B 8ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:50 GMT
via: 1.1 varnish
age: 14274060
x-cache: HIT
content-length: 332
x-request-id: bdab45f6-fe10-426c-a327-79ef2013eb70
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 362894

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ 407 KB
164 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?&onload=hsRecaptchaLoaded_c6bde0fc_ccd3_4e45_a024_a9191700d40a&render=explicit&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f60d86b7a0533b50a13c93041a550e1672791299373f986d649e4e44e8dfcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drugfree.org/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167070
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 21:06:39 GMT

GET
H3 200 375.0b8e81b21e04.social-proof-emoji-heart.js Show response
static.fundraiseup.com/ 491 B
1004 B 15ms
15ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/375.0b8e81b21e04.social-proof-emoji-heart.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/31dec025e8c7.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1689cac0273907a63ff4b652ca6dc4a05799d8dd354e159556a48ce5752cbadd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5AC760WCAZ2WG94K
age: 1778997
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: E4Gab8HszXUWJOPKu5pIQdZK7s3RZRhvuLgEu/FkYFIalfBDrPiFvJ4k0fk1GsdzycXGVVKiJLM=
last-modified: Fri, 07 Apr 2023 10:44:25 GMT
server: cloudflare
etag: W/"8184a0195bbb3721cc1c591864842219"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2alqd5L%2B7gzNxAS8bB%2F%2F3qZqX8lA3KkPKFB11plJc9WGugL6EXMWtm4AL49neYdfQAFi0QK0CdYaNXu85obI7atBDyYv9HjUahapG87sQXxNs4Ffu0RInkyi%2F1nBq2bWdqFGeaR%2Fn3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb663528d26949-FRA

GET
H2 200 CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.119.woff2
fonts.gstatic.com/s/gothica1/v13/ Frame BD62 9 KB
9 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gothica1/v13/CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gothic%20A1&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2ef1fb8e14731044ec0ef5180e4252ce4620bab1fa108ce11907f64db95a8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 19:34:12 GMT
x-content-type-options: nosniff
age: 451898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9340
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:27:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 19:34:12 GMT

GET
H2 200 CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.118.woff2
fonts.gstatic.com/s/gothica1/v13/ Frame BD62 9 KB
9 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gothica1/v13/CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gothic%20A1&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c74f2c4ab48823aade5b87df701183b4930de537ffaf6ffa10b022769a199741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:07:01 GMT
x-content-type-options: nosniff
age: 601129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9484
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:27:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:07:01 GMT

GET
H2 200 CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.116.woff2
fonts.gstatic.com/s/gothica1/v13/ Frame BD62 11 KB
11 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gothica1/v13/CSR94z5ZnPydRjlCCwl6aaU4Qt0V05ZAcgT3T1VKO2vL6LbP.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gothic%20A1&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76fa34904e5e53dc20736cabfbacdc8efabc84ebe8f664a7707b4c6fd6310db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10956
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:45:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 01:05:50 GMT

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame 3FE5 56 KB
56 KB 13ms
13ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FGANEAH119N018T1
age: 1913603
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56996
x-amz-id-2: oVxctf6P5r0l8Gr5QICHmDzPneqvDp4oR0BwP+FV+YZyzsNDUlzv4zjs3tNELVwKlPG3XaMNmSw=
last-modified: Thu, 02 Feb 2023 10:31:08 GMT
server: cloudflare
etag: "643ad5d92cd7c31076790077c3003abc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyJrq%2F%2Bn4AuDlPthJfLElVgJY8SHLSblXCrZuPf%2FemVnP9qIda4EGUkJ70DdYq%2BmIU1PBCzDkMH%2Bc8pScNQR1i1CgfdG7RxNEaAozA7V0H7DNGrJzHpodQxJOOp2A1C9AQCDM9f%2BrYA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7beb66353c9630c4-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame 3FE5 52 KB
53 KB 18ms
17ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6FFDET68KX52M68W
age: 1709811
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53064
x-amz-id-2: 4y+CiNEgmC0BO1vUfuz4x/QU34qeG1Zg+xGU3YooLddFhb5DWYi4v8wkmhp8N+0baOVbJKzhZuE=
last-modified: Fri, 03 Feb 2023 09:23:03 GMT
server: cloudflare
etag: "c9e466876957e9d2128f63b225a81ae3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urGPxeqquL4bP1tdo7D9aZg7uoFcdR6qLKMVkjpGPjL7e%2BHvCN%2BVKHEUSrMu6tzSsd1ne9R1wZTi948gdG3%2FNB7sHpywBBtwVstyT%2BHtDZ74yOw0uIHjOhEOOsJIH6Q0ge3QlAWucDI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7beb66353c9830c4-FRA

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame ECD0 3 KB
1 KB 23ms
22ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=1374644b-1bee-4500-8d9d-0748485e5462&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?sync=auto&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 830 785530e master cdg-pixel-x34 config_version:"unknown" /
Resource Hash: d7fea83abc115c622c32eadceeeb09c75cbeeb217b09835cb18e3cea24fc9b0d

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 939
Content-Type: text/html
Date: Fri, 28 Apr 2023 01:05:50 GMT
Expires: Fri, 28 Apr 2023 01:05:49 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 830 785530e master cdg-pixel-x34 config_version:"unknown"
Vary: Accept-Encoding

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ 0
491 B 23ms
20ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 830 785530e master cdg-pixel-x7 config_version:"unknown" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 01:05:50 GMT
Server: MT3 830 785530e master cdg-pixel-x7 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Fri, 28 Apr 2023 01:05:49 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 3437 930 B
2 KB 81ms
8ms Document
text/html 2600:9000:2057:3a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 158
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 01:05:12 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amz-cf-id: hDqr0Ne3vvh28w6rVmtzp_adTOkkUQuKTJ_iHA37cOFeCOfTgvH0rA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 5522.092d16bbb46ba6c99183.js Show response
static.fundraiseup.com/ 12 KB
4 KB 18ms
18ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/5522.092d16bbb46ba6c99183.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e9a7236a8326d24ef072194766b80e083f74dede5e9434f48df9ac70f9b0ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F69WSK2DG73V8YJ
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: DiTCgwqZiwyTHvTppdWtj8xBIrfiYs13ENiFRZQom3gyrJLSrXSPfhq0RahJbzR+R5Mg9Y5LZ8o=
last-modified: Tue, 18 Apr 2023 10:54:21 GMT
server: cloudflare
etag: W/"20960bd8834e0093bada54d8359da623"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMR1y41Qj%2BgJQu0Hh9qbrG7l6auJGYpgxhiyl84QEgoQxHvnTzsITd%2BafBfsuAkeO9BbZy47FOyUs3%2FkI%2F4hFOSrtsHfgXAcIh1%2F5zsUwnPgidOk05bdxC8X4863%2FsEqxY36gG2bPMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635b91a6949-FRA

GET
H3 200 8531.ed91f43e1e8edf276fb8.js Show response
static.fundraiseup.com/ 106 KB
29 KB 21ms
21ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/8531.ed91f43e1e8edf276fb8.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bf4a2a1cfa91e3a41177b5996f3cac4e430e299f7ae357b22314644f0c5268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F6FB3QX233E5WJZ
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: L+Lr2UN97Zlx1UhVX6/kVuwH/peXB7inNCxY3a5dFVD+HHd9q9VX3JFYc77a8nYjBCO4HaM6H2Y=
last-modified: Tue, 18 Apr 2023 10:54:23 GMT
server: cloudflare
etag: W/"eadad4a2b4fd9c1a69cf2fed96654eb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9JP2rJx2c8PLJ%2BA4HSSK73ZGjVTa90QittQAfb%2BCzc4Jr1T9cQ%2FDhfDBjLTbOSwdhNdR7KarOhn0XDkJunlx8g5wJo0%2BtcBjmMMUxuppAxjKY6JJRqq1b0gcRczW4xrTryJvdO8BQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635b91b6949-FRA

GET
H3 200 3881.ae6bd939838afe6d0c43.js Show response
static.fundraiseup.com/ 8 KB
4 KB 16ms
16ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3881.ae6bd939838afe6d0c43.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7051e6c08b0a7640009ca7fc6a9a33d6a08f86393edd7281e05c38083394fd9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CABF37CTB4NF0ZR5
age: 1176299
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: U6GiWwzpkK5N4fFQX2ZjLaTrLLaAW7xmv2a9NxS4QMg1/S7QEmVisTT3r7a8bc/WkwW+9x6Ftlc=
last-modified: Fri, 14 Apr 2023 10:10:22 GMT
server: cloudflare
etag: W/"58effc86c234c442c5eb48af14305e53"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIVX48lREHgrKrzjI19IL7%2BEv7T5VnUcFKHqX4mIpzZ3PgYsF2ThSYOkdVsySAjHK4ghqVUGWtHt7MD0L%2BoKNkZWJbDGg1VKp69%2FMyna0e5S5L3UIJNUH%2BI37563y2WpfV%2BNKFYMaDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635b91c6949-FRA

GET
H3 200 8443.bf2d73e25ed82773f943.js Show response
static.fundraiseup.com/ 3 KB
2 KB 13ms
13ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/8443.bf2d73e25ed82773f943.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8355c8539944fa485fca127385dc3725d3fa9f7a68eed05429eb461071d1c444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CAB42WP1A4WWND2X
age: 1176299
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: tgK/SUrG9e/CemnvgyIQvstkjSeEHcnrac4TBvCt09lmH/sd94sG4F/JGPul54d8xT7nTWoORDg=
last-modified: Fri, 14 Apr 2023 10:10:22 GMT
server: cloudflare
etag: W/"473e4899723083b83aaaf41a5f2eace9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4UU9KB6boMANrAzrpexcqr3pWAuPwNelx4fGj7S1DCJALWIE9gTSNL6MocqxCyoiLG9pcaoRprW4UuVep4FoveKMegh8p41khYoJldwwuGjElI1UJo1kbW5I277VNLADzW47WjWSrY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635b91d6949-FRA

GET
H3 200 3344.69403b76645848e911a6.js Show response
static.fundraiseup.com/ 26 KB
7 KB 15ms
15ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3344.69403b76645848e911a6.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8990e1cacb6e07a5e3b45d67f6cae39ab510f871d85400ec5ae9d84b1ab89c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F6APS9ZE8BE4W34
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JNWmrNN9BkrJolSKTBv3MNKwTSnmwa/8z2AT/O4CNPD0jG2WiZah7gygnOKO6gxp5AdGSMb6WEY=
last-modified: Tue, 18 Apr 2023 10:54:17 GMT
server: cloudflare
etag: W/"78bfd471a69e449ec0cfb615b0839e5e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJ4gdUmAz6oU09DEw1pVSA06qRV1bHUTUJStYmS7MWFu%2F7O2FAcQAfS1zK0LYF8jcKnr22ZVmLRzuAqPSVkvYJchjXHurGlm%2ByeuYznGeMN64rX8wk%2F0TvmPQi0cZ5CULRE66mOVeWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635c9246949-FRA

GET
H3 200 6595.4228d42963e088f778fb.js Show response
static.fundraiseup.com/ 62 KB
20 KB 16ms
16ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/6595.4228d42963e088f778fb.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9eb65b5474ab72b192a650fa117bdb27daeec660e171c4acff00d413aa768cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2VBSRCD30BSSHAXW
age: 658569
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: u7hHevau5JhHqptdn8FX33EgqVpL9jQnizT1Mt94F0dTPj6hWnDcip34h5yj+R3MB3GWEBM1wOM=
last-modified: Thu, 20 Apr 2023 09:56:26 GMT
server: cloudflare
etag: W/"fd304d682392aff568ea156aa108f144"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DEDnhUx4yUOMseEGFBGbVh9yHs5d9hQ6QA9vydUQuAAXvxcOeVw8HoltUYp1ySxhdi8VaMUAALOWoX%2FO1ofOvItpiZVZYn%2Fih%2BOEdppu%2Fug52kyJUwsHI%2BXTbxDtKbsiElZR3Q4Lmb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635c9266949-FRA

GET
H3 200 7470.787afe90679822916f59.js Show response
static.fundraiseup.com/ 25 KB
9 KB 19ms
18ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/7470.787afe90679822916f59.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8205fa766fac97c6b31850384f465ec41a860b6347e872d7007e0af4c31fdd8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4AWYY9H69XF588J6
age: 658625
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: NTqI+OnSMJvFG6M5VjJ4IDkvSZMcL6vKQQHIYpVDVhv0aKx6MQzg15vpCk6HnWso0QTWFOj6KLM=
last-modified: Thu, 20 Apr 2023 09:56:27 GMT
server: cloudflare
etag: W/"f6c1eaae9eb2366ad27a2030a685723c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FELV97vGO%2B99UCheyAY2AaOVYmlXxtJH93kYDmYwINiiop1hjNqqnwRT9TkOBk4mIMW%2FwD6zvVxlpt0rffXwYvFtkWlEix4WXowBL2CcBP4xq42VEUY1HG64WKyXa11Na%2FIjrv8B1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d92a6949-FRA

GET
H3 200 4172.1c0a66e3189eed1ebffd.js Show response
static.fundraiseup.com/ 18 KB
3 KB 15ms
14ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4172.1c0a66e3189eed1ebffd.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01014fb5bed5e21b7ae3ca6d476b9b24617c8b2077dd96fab4836697f1476e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: F6Y9451W43P145XK
age: 2302099
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: g24/pEtJKycHGKAg4KSLcNjGo/8DbPeQFDtgIpkGxQqlnoGx05YgcCHLuNecmLWbq4zg5+NIq5g=
last-modified: Fri, 28 Oct 2022 08:55:28 GMT
server: cloudflare
etag: W/"440cb8c0adbc34dbdded50b143db1d9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPXbAqQ5FnC8jg%2FT9lw3M4MvugWuIxSE5X1LUrJeKcqsgmAv%2BqYdm4VEH7j6diDMxbM4aqqw7jaXtdv%2Bswho1fpY4IBa%2F1Q5sRL5juemKhcFLvVI%2BZoHC89g0Me9ykC83wIqf07BenI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d92b6949-FRA

GET
H3 200 976.a556cda25e8ae07b1540.js Show response
static.fundraiseup.com/ 2 KB
2 KB 32ms
31ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/976.a556cda25e8ae07b1540.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c26fa98707d1c87c30d2fc179659d8708578e0dafd95792ca5f8044e4ad1852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KS0P0XZ6NRM488X4
age: 1176298
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xRLlfezHmZB8Smraz8vgA6J7JzYxHfXgnYJ9tbjs1TZryeOth5vj3m2h6Bw/ypG9TOlrlpjdFHk=
last-modified: Fri, 14 Apr 2023 10:10:22 GMT
server: cloudflare
etag: W/"c249032eb1d13a6f508b0312d0ca0c0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1d3dAS7053%2F7ITey6cPloOsPoIIXZILtLPF3v1F%2BfmiZ3MP9cq52VGqrOobP%2BPPvE%2BMp6ifp2JeoMuf%2Fjh34VQdH%2FqvRPahhmeJwTD5dU2mRJtCm1Nfg3U%2B0vEQ5vJfzXmkpbQc8YI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d92d6949-FRA

GET
H3 200 2752.cf756e63ff294de60f0c.js Show response
static.fundraiseup.com/ 11 KB
4 KB 18ms
16ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2752.cf756e63ff294de60f0c.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1de8adc3e5e57e25f9c97f2eb0f99b23b7d795399a0bb390ae0f187eb416c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F6BFJDG6PGQ4WZG
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: FpnM/t2BLQuVlJ//6hxJiYlrLzMh6h3FOfepHKJmDpOyhMFS5tJh+zJeRnitI5nTxff+HQ/6ejc=
last-modified: Tue, 18 Apr 2023 10:54:15 GMT
server: cloudflare
etag: W/"322311020a5fe9b6953571d8a1a332a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsh5n%2B71QD0TYPDjUykE5YfmX7Pxtq8%2BhvFYSz9eu7lUDsEmzsz3UADFxNYTzzW9yz8gkhyBkCcGcxBvwajxSVem1JBVSkkmzQ3qCYR0KgjX%2FQ4x%2F16LA3GvwOz0lpGvM89egraG%2FW0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d92e6949-FRA

GET
H3 200 9389.3eb936d9a74248ccc554.js Show response
static.fundraiseup.com/ 11 KB
4 KB 19ms
18ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9389.3eb936d9a74248ccc554.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be52c64beff26262780cf4d4f78c42934a4a0b17cc216d765da0dbe6c26fa279

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F66RVXSFRDKMG9F
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Vh7UHFe9nX01tlsmIs7We5ehqfMhh9GScnyXTDz3RYv9Cxos84pvjOdkTpD3Yd5xWomHW/0HDAo=
last-modified: Tue, 18 Apr 2023 10:54:23 GMT
server: cloudflare
etag: W/"5b15fd9049191f68c44ddc3e9761f5f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljlVS5zEzbs9gh9cx%2FmjE0kRNeTOTqDdmZLkpvaOOmyFyu%2FZ5ehNs%2FnUYpwLGkpXzOPVIEHha%2FpS4RTXz1xZ1DV9GZxIzWu4xB5rIS%2Fx8H6LvDpkvaq73OV%2BcAFeTVOgqZ%2B1nvL60es%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d9306949-FRA

GET
H3 200 1307.45793398d64962eb79e3.js Show response
static.fundraiseup.com/ 15 KB
6 KB 19ms
18ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1307.45793398d64962eb79e3.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2d273e83e36b2709f8861128b1b3be29e18d1456aaaed5606f9faf19e974655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F6DGNYNSCZ2KZQ2
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Mb+jQh5HrfqkotqZQE6VzE4x4uH+60REHYENGX67cWeEwsMi2Ni60y7rmeinSrusufBKm/iWo0w=
last-modified: Tue, 18 Apr 2023 10:54:10 GMT
server: cloudflare
etag: W/"bd9ada8314bc642632f456d33ab46b54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaMuLu3%2BUX0eN0eU6%2BWUEXbCFY9GmcScQxZy4BCkn8yqbXnyLnWWddf4ovhm41IUu%2BXDkI0HdMDYxYnac5VIfTJW3NC7nluyAr6QImVPwJ3Feetg8%2ByxEo7bVYLaIHkotZpMmKiN9aE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d9326949-FRA

GET
H3 200 5294.93a005ad4e2d9e0d4d65.js Show response
static.fundraiseup.com/ 7 KB
4 KB 33ms
32ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/5294.93a005ad4e2d9e0d4d65.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39408c95ff280b560a37029bb071fd2040281705a3eb478eb2970db224eef7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KS0XBDXHM42S75RX
age: 1176298
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 42kB244pVAM8qGvTyAKcPaPTX/ptlUbaHaDHijOQERWBph+Fq8kEpttIjmcHy3dDRDtsY/KCSSk=
last-modified: Fri, 14 Apr 2023 10:10:22 GMT
server: cloudflare
etag: W/"e84c7a67363c57b3ba2a7a92a413d39c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FI%2BrtouBOqHGPKRIg1%2Fl%2FQNF0S7RGhFx8ZMv7lft%2FH%2F92zjn5AxH1H52OByAlqCp4G0sdUC%2BiFI%2BQf7N3%2BbUlyUAU307zkOEkZwwBHNNxS7VWHoMSl0eeOqQCGCMz4o9EMymDEz7E4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d9336949-FRA

GET
H3 200 2100.1fdc7b0fb36331045e12.js Show response
static.fundraiseup.com/ 17 KB
6 KB 15ms
14ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2100.1fdc7b0fb36331045e12.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44d65f79f7b3f8325c989d5c49a28456e948c1848f416ec27950906d65287cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F66WZMP2RZAC4P8
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: arRnWpPQ2EJfxJkHDECYJq5ZLB6mutjo4R8kerI9oCahq+6t/x8MrjUamFBBc+qBJo+KwNDiuBs=
last-modified: Tue, 18 Apr 2023 10:54:13 GMT
server: cloudflare
etag: W/"634807b2c2d74c286c8802fa93ea1f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Msewe8qRGOg3jCUz4JYj0gyvmajqe3CtURsldKEtd6K1wsgtv3gPjY92NoDkzupxG0NGvmX0NwSPela4a3AFJEhC9zSa4aUFqTTig8miQAwtjUXuymAmqaMkUSKtqvK7wAS4bSEW2XM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d9346949-FRA

GET
H3 200 5651.38d5648ed6b86f5a18eb.js Show response
static.fundraiseup.com/ 12 KB
6 KB 19ms
18ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/5651.38d5648ed6b86f5a18eb.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beb85df238002c24b24c84dc4b97377c866ceb2808e3aae4ce46e5dcd3d3642b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KS0TRBQ6GH7V03TB
age: 1176298
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: x6uc+X673cz6zl2/XoKLrd6WySuFFWNoQis7OjfetJI8/OLICR6x0lqY5pJYMG/ozP4u87ezjRw=
last-modified: Fri, 14 Apr 2023 10:10:22 GMT
server: cloudflare
etag: W/"d3e5de42911bc38cc9d8f714a619c41d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pJyUce45PMGpZXgtPYDaa%2BLtG33nMOqS1gmbrJsTfmZQECzk7DZ%2BOXx6buYIsmE74wQaDlBQ%2BRxESLWxFE1k4dgyc%2BphREe02QTJuSryDiR6qP3mRBOHGg3%2F1%2BThqIIUkjwW8qys44%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d9356949-FRA

GET
H3 200 4531.794e13f62835960bd9dd.js Show response
static.fundraiseup.com/ 10 KB
4 KB 29ms
28ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4531.794e13f62835960bd9dd.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff30bda6951604ed3e63e52d326189c1557d383f6b1504959cd24c28366bc0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F61GSKKY8EYQHET
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: lGt41ehcUgi09zybqdTwNeUsYfP2SONad8huqi18CdKZCOccAut7ouvWqOEK1Rzj09s3two/Ey0=
last-modified: Tue, 18 Apr 2023 10:54:21 GMT
server: cloudflare
etag: W/"faab670004d19c600dce392d50787a74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euniREw4Pu4QMwT3OvzuY75lqfkVB4HYTkzraUdFYdvrdtfter2LSGGLhuiyPK7bLpz1OIj0b7XCFUY8EMWaCwov%2FjMoRxCQ2YbQAQ2jst3kx6WdWt8ibD2uEUHnlvn6bIdAwkcksmo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d9366949-FRA

GET
H3 200 6658.1bc73a9dd83b76cb9e63.js Show response
static.fundraiseup.com/ 17 KB
5 KB 19ms
19ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/6658.1bc73a9dd83b76cb9e63.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de55de0d68a32f262cab4f3ea06c4124475dc03cecbb9be150fd08e95f3b89d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F63KY4KCRWSFYP9
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /tfDiC6gda7iiHZ2hC4nMRPdy1Hgcw/t56kes/YTBmzDKDDTUVkyO6l1OLA/Xr6cHHQsv+LsN9k=
last-modified: Tue, 18 Apr 2023 10:54:22 GMT
server: cloudflare
etag: W/"b6da353e32f97043f88f02eecf2a053b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evAE%2FPADpHQccXHgsbLuATliV0EjbwkTKPrbH%2FaiVOEFcivlWuSOtJbP1OXx8s1rnOgsdVxuJkd1Lnbbuopi0hmKeYjlfAajve1e28STseCO3caB5GCLX%2BS1PA1fRrDGYSx5XGi%2FLM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d9376949-FRA

GET
H3 200 3646.bcb5eebea42eac8202ef.js Show response
static.fundraiseup.com/ 16 KB
6 KB 22ms
21ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3646.bcb5eebea42eac8202ef.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c29af4757b60d023fc310efe359ced76fdbec3361821e55a1c6099389f935841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F69Q2K45JRXPH91
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: jQ4fZwB8dN+PG+Dc+gX038EkxiO2WXeNtc7sUx/fCll47l+z5+LMwo2pmNSYyJX+xgm2HtgW8lE=
last-modified: Tue, 18 Apr 2023 10:54:19 GMT
server: cloudflare
etag: W/"5757af941c315b95d61a7a43c928e7e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVEkOmE91c95ntGU7qsl5Mjq4u36m2c%2BgtJsEztQt2fqdT6NbkUIKv4SqqjpGLJgT8K57v9kFpaHV8rQ3gjyL8FpUG9Lak6Px2E9Qhb%2FkRMZsNhpA1Ty1T1C32GA5mfHEwlrsXHn%2Bj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d9386949-FRA

GET
H3 200 3105.e5169021cff64cb539cf.js Show response
static.fundraiseup.com/ 15 KB
6 KB 23ms
22ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3105.e5169021cff64cb539cf.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6319be0f68fb1cf0fc052512808b8c3bcec8bc407f0e5d16c397592bc467e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KS0MJWZK7V20ZMAX
age: 1176298
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cgN2q1S+xTkXhSWtFAzcAm2i6hceGDSMxxL0m+jcByDxUFVyz/wY9YRvjajfwPZAK+1qNgiE7Nw=
last-modified: Fri, 14 Apr 2023 10:10:21 GMT
server: cloudflare
etag: W/"1fe4d120e99b0d7f852c020c67c75cef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLkc0Q93gTYT4qefjD%2B0VfcO4X%2BzgHXL%2FzIVaaAOo8FZz33IwgdYiuKwdKph8MuerMtuHtrLAs1DWkQwOY1%2Ba2UZFk9szL0pRuqy7dNCYUjpenMTK978PXgLWVJs%2F6OeFZ%2FNNdEE%2FEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d9396949-FRA

GET
H3 200 3092.fb12f6ab6b6091606a37.js Show response
static.fundraiseup.com/ 8 KB
3 KB 21ms
19ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3092.fb12f6ab6b6091606a37.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49ece89012f756dac1682b900dd4fd184bbf7de3f1a2086031a8f3fbcc389e82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KS0G71KA1Z9Q8SC9
age: 1176298
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: CoQpy0kRTB4HHj9yLhTTe+AQAeEnqNi+qxptXSn8GLLgM3/C7iWUE/deg4O1+wS5NKcaZ0KXLok=
last-modified: Fri, 14 Apr 2023 10:10:21 GMT
server: cloudflare
etag: W/"d11585f3b79457bc3df3bc7ea4565d02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4QF8IxRZFVmDy%2BIbiLLcRpcGYjZM4tfDxuQ8X9T2RELh1a13U%2FzNI95Ldr1eIUEOfOU9dCZkOVBaMpQEfTCfzMEK8zTvyGgbgwRavKUZt1q8pymn%2FF7ArTKEGGAaeQ%2BANK8yV%2FXYUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d93b6949-FRA

GET
H3 200 9927.97162ecd45bf8fe0d053.js Show response
static.fundraiseup.com/ 24 KB
8 KB 20ms
18ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9927.97162ecd45bf8fe0d053.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8455a7ce9bd5574d0c06f4a96a950afab8ccd97189c6baa230dfa3fd1a2708cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F67N9EM8TFQQCP1
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: OLX4qo83HjW3NHbaBnuSX5o9rD+r4lDa7YOVDXE75OXWL9PDugQXVRc/IOhPFpoMHs83XadnER8=
last-modified: Tue, 18 Apr 2023 10:54:23 GMT
server: cloudflare
etag: W/"31f363d2b3d859ef88b59e88e878698a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TeK5Wobkr2kHWsBp7g7Q6BZcsNVwWuIUuq0fjS11n2jcTOVXKLOuMS72ncb2stRhOoUDgY2o%2BnADp0MTFf9Eh9VIpJ%2FPQeLkpp2IdsRF8Il3iIQ7O%2BkYB%2BVx5%2F9PXkKqB84fDvSRuq8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d93c6949-FRA

GET
H3 200 939.184bfe3e05c38a249429.js Show response
static.fundraiseup.com/ 17 KB
6 KB 25ms
24ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/939.184bfe3e05c38a249429.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f26a2105f322886dc9ab3abc493f08c0576156026cb30a9d0fd0da1983f8c1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F608TX0QQCPCCSN
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: D9xFi42i70RSbi6NTye5OStrNG0wnCUZj8tQ98LCdp5hnWspQKgZdxTVpaRhoPcqX5Jd8bsg4Eg=
last-modified: Tue, 18 Apr 2023 10:54:23 GMT
server: cloudflare
etag: W/"aa552a14f5c9e6151edb013377bc5772"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F4jGpU%2BA7wNdAb7Kl472weNsh293DYQKr87lNBuRDTNHMNYa5eKzvP8quILHgzhTEupSzIDCS3ebDK2wUmbG08HHBbgwKuudIv0XpyxjQ5xMRh%2BUnJnsYv9epSw916%2F70kxtoqrwVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d93d6949-FRA

GET
H3 200 1178.74f42b37b35f07e00c21.js Show response
static.fundraiseup.com/ 21 KB
6 KB 26ms
25ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1178.74f42b37b35f07e00c21.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f34616a1714025cda536f27fbc2609fabe98ec92bf406022c23f2381311aa12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F610FCF461PAMB4
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: VQbyb9ObPSDpL3g8CkExrrMWmY3RrW4q5PFfGhElb3f9DM7TYQOzWeXrXgdDh6HFucxw87fOvRU=
last-modified: Tue, 18 Apr 2023 10:54:10 GMT
server: cloudflare
etag: W/"dc73ef827458393fa28ce5a9960b5745"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfLyVIdTg2ARg9BMjUu6H41IIkNC7%2Fa1DysYnvuQwmfrkuMp%2FsH2a2MwwfpdQLybwI9qujKGuS0Z7bsEtOMi%2F1y7G2K4JDX1HVDSRO3nbJYOgj5OfeHO2GeOecPopsZ3iEPhH5GPE0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d93e6949-FRA

GET
H3 200 3313.3ab22598c71454354f34.js Show response
static.fundraiseup.com/ 24 KB
7 KB 20ms
19ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3313.3ab22598c71454354f34.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f8158d733aab41235dcb57f88a60f1d0bc1e2a8c9154fc3a22917ab2844af4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F60E19GJZAGCY7Q
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4jNvKJ8IYh7xrfM/BTrmrbwrlT9woTZPCqE+3nwU6avFytngZwMvV6Ktq78GYnYEbliH74OhonY=
last-modified: Tue, 18 Apr 2023 10:54:17 GMT
server: cloudflare
etag: W/"37e676a9b1deb134210a5b9a56ef1c68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ri8cgcPe5MmoOq420zF3oVBz0LNJPHTBllUWrP2KwdE3%2FAqIh5UAwqYZcxu71UFcuslji61YyvyDrBlrvQzwmC4%2Bgk%2FAY4xEv7CcYnnY8pjms3wGTwrqErCUVEhxwI3GiqvFNzu9vhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d93f6949-FRA

GET
H3 200 617.e60e0e4a3f08148c977c.js Show response
static.fundraiseup.com/ 8 KB
3 KB 21ms
21ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/617.e60e0e4a3f08148c977c.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4431a5374cb4423c56fc90de7cdb0d1b40e847c6e8caac08001148fcda1e8b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5F67AMP99SXNF4BN
age: 827949
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: D+lcQommSt6fwHsBn00XK4m9yltJVtLJlaThjC1UiTYjJ59XiPfosydo5IVew+Madf4cqUnZBdE=
last-modified: Tue, 18 Apr 2023 10:54:21 GMT
server: cloudflare
etag: W/"540684482b07d39ed76d3d8d9f6f83cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zpesX5YAWiaMHcQYVSvLm%2BB6VrsjH8G5FVF8T63kZpwuFeL361y2WMVgFRKZaTljFpImneUZ%2BlIleM1g4W%2BuNoWtoVq6Jq3A9IfFm96coCSid1KawoxhhufrgKk2fM3f9kp6Pi22ng%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d9406949-FRA

GET
H3 200 4957.364280e472fc6825f6c5.js Show response
static.fundraiseup.com/ 17 KB
6 KB 27ms
26ms Script
text/javascript 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4957.364280e472fc6825f6c5.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35dc5153ae31a290fbcdbdcf72c8eb6015695a63308e8e6a0a3aa9d0f618ef4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1VKSPHK3XD72ZZP9
age: 658622
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: KuMq1D9aQggniKYzifjq5kcHZFkHwQ8HHA+qxpgGF2Wv5JgInUYVIJ6Ig8j8lb0obkRlCclrJEk=
last-modified: Thu, 20 Apr 2023 09:56:25 GMT
server: cloudflare
etag: W/"26409292d3563627c46b0083ef585994"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l80VgO2dvr6lq41zw%2F53zCNOst%2F6LJkMgoKCYCLfOOe9P0OnWHcYZCqvdJwOO3bdfG4oFhXacM46xJDo9gXC2jVK0NTYTlX5HUFgYz0gcbVyTCo78XOfksdKeGxdB%2FTDhl5Tfk0oDsI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7beb6635d9416949-FRA

GET
H2 200 /
ucarecdn.com/7be99eff-1546-46a9-8328-69b315f51554/-/resize/470x/-/format/auto/ Frame 621D 16 KB
16 KB 300ms
256ms Image
image/webp 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/7be99eff-1546-46a9-8328-69b315f51554/-/resize/470x/-/format/auto/
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Uploadcare /
Resource Hash: a2a16d2940205b3d6c9b3beaac23c2a9f48ba97a06844b088b7ab9c400dcc616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
x-image-width: 470
server: Uploadcare
etag: "0b654065dd6963d5436b37b05f97631a"
vary: accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=31345649
content-disposition: inline
x-image-height: 263
content-length: 16062

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame 621D 56 KB
56 KB 420ms
419ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CNFY8X3QR9J6Z8VF
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56996
x-amz-id-2: iXlLMUEOLMeCMZ7PCJNXTt1QgIzaEr2Sk5Q30+xEzAw5PlrFSLOXgOjsuoxXqX+J8dAyhxTAFUw=
last-modified: Thu, 27 Apr 2023 10:37:32 GMT
server: cloudflare
etag: "643ad5d92cd7c31076790077c3003abc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Jlp6%2BMdthKwd9YVnmaKYCzIJ5SnHpeJqN83%2F8bRQ5Yd9WZAAUcgRYbEenidJvvqLFGaxgaaWCLI7gzyGZX1H0ZCjegymfbdq%2FemCJPHst3xfrMKTw9G86O5jS0TMm3UV%2BBw3VAFriE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7beb6635dd0030c4-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame 621D 52 KB
53 KB 18ms
18ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 71498G76KEC5W6ZH
age: 188233
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53064
x-amz-id-2: NeDRIa2GyqmOWDqb5vIpI77ZnRhz1aW1L0aoDVPCQXxIN6ljHIAO/KcIiTrQC0YmyBUVatTGA+U=
last-modified: Tue, 25 Apr 2023 12:16:31 GMT
server: cloudflare
etag: "c9e466876957e9d2128f63b225a81ae3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N977XbosZL1%2FPYow9958XNsIqUS%2FyEQvV1rYSBXnk636eLZ9h35mZJcAbTcqPcAahaCI4R5Lg0FzclhiIcnW3bMNAyjKF1ZhHffhn%2FmW70%2BxZuH3UBPmv0ZuIPcv0AXIrtBgXoRc4OM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7beb6635dd0130c4-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-700italic.c1ca7861fd408c55b05d.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame 621D 55 KB
56 KB 431ms
431ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-700italic.c1ca7861fd408c55b05d.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac0eed0925278f6e9e12505feb97e74e706ce28dafbf9a5463ecdfa2d532a5f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CNFJ3X09DBRK6V73
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56724
x-amz-id-2: J9Y6zR2XQF9kW2tMp7HAT25LgxO3F+3dm3xEZWRZahDuHhivoIk9/V2AZW1+PI1Rkn1LU1bLV20=
last-modified: Thu, 27 Apr 2023 10:37:32 GMT
server: cloudflare
etag: "9842fc10b668d97ed9139e6e3ac142ed"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4C%2BgxrR1IqJewcXE1rRRSN2j6mnvwm7PXbJ2tdwX88jHdPPfyoZgu4TefsCfQSa2JeSPhjXgY4PLbojb%2FgKyAM5bO2MXB82PTTT0hqWNOhxlDRl%2BDk0tOQhoT2UjroZROoosBP3peE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7beb6635dd0230c4-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-700.a858bab2f594ef47e251.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame 621D 52 KB
52 KB 436ms
435ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-700.a858bab2f594ef47e251.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36fc9410b3f02fdce5060168717a2182c1275ba8f116f257661b6deaa2851ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CNFZ82X5KSS856CA
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53024
x-amz-id-2: FkrxVQ4VUDNpuaGkBFHtpWLw3edeTbgRfr+rOaOvxU2E0ROSzEfKvQDRQNXCxAP9PXmTmcMkI74=
last-modified: Thu, 27 Apr 2023 10:37:32 GMT
server: cloudflare
etag: "d6502c623b1b74dce94988d329d4f4b7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MACUvuPj9V%2FLXWKMqDzIpbq0CxKmllx3dQjTxzQNp9oR3IkcCDVxmHbrxh3ezf54m031VltZrIhYU%2BEV6tFv5wdLye0kqNkA6Y8CqlMhx53821Gko1map3fOhhnga3YVJiotEufb6so%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7beb6635ed0930c4-FRA

GET
H2 200 /
ucarecdn.com/568bca50-e8e2-49d0-a3aa-efe9fabc8691/-/resize/x50/-/format/auto/ Frame 621D 4 KB
4 KB 160ms
125ms Image
image/webp 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/568bca50-e8e2-49d0-a3aa-efe9fabc8691/-/resize/x50/-/format/auto/
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Uploadcare /
Resource Hash: 3b1b6b41195e47d81c77e6771b89e717dc6acebda46d691af89e9e185db58d53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
x-image-width: 201
server: Uploadcare
etag: "b90693d3e9277d633647870d41ae640d"
vary: accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=30741834
content-disposition: inline
x-image-height: 50
content-length: 3826

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame ECD0 43 B
528 B 20ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=135612&mop_top=
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=1374644b-1bee-4500-8d9d-0748485e5462&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 830 785530e master cdg-pixel-x27 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=1374644b-1bee-4500-8d9d-0748485e5462&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 01:05:51 GMT
Server: MT3 830 785530e master cdg-pixel-x27 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Fri, 28 Apr 2023 01:05:50 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 41F6 50 KB
27 KB 29ms
28ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9kcnVnZnJlZS5vcmc6NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&badge=inline&cb=iqthuzep8ein

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

79edc9daf40ed7f21f979c38f11a51f04fd6be6b90d8760f912e1ae51b115cb5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D2UKKdUStU6EPm4HLKNr2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27793
content-security-policy: script-src 'report-sample' 'nonce-D2UKKdUStU6EPm4HLKNr2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 01:05:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 873A 50 KB
27 KB 31ms
31ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d79c889138cf2a0948ac659ab8d3ef54302f3d7d674e63cd6f69f6fc1d74eaab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JtG20cMCrLgoo_frVOXIRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27757
content-security-policy: script-src 'report-sample' 'nonce-JtG20cMCrLgoo_frVOXIRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 01:05:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame C0A1 50 KB
27 KB 28ms
27ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

87bdad0c1f7ae890c8df40a4475127c0bf1af967ff2e6d9a41703b7a503ed520

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wbkCk_tXBSxljPtU7Eax2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27604
content-security-policy: script-src 'report-sample' 'nonce-wbkCk_tXBSxljPtU7Eax2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 01:05:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame D4F4 50 KB
27 KB 43ms
43ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25bcfc5d84e9a6f121cbce9d638dc13691d0a87efdcb7cb91a367181ef1bfe5a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aacfA2sriCmvIfJpMl7UKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27551
content-security-policy: script-src 'report-sample' 'nonce-aacfA2sriCmvIfJpMl7UKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 01:05:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame 621D 55 KB
56 KB 387ms
387ms Font
application/octet-stream 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
Origin: https://drugfree.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CNFMBPDRJH088QVA
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56460
x-amz-id-2: IvvFd0zcAOOpG26gRNNysCa/A2UUg25jKU2kpBJsZYuzEfortg3w49DucTgruIbgtNvJCpqbFHs=
last-modified: Thu, 27 Apr 2023 10:37:32 GMT
server: cloudflare
etag: "cc65a7d46bec1bcadfd3a27d571765f5"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzM3ZaYm%2BERa1n33wtM1DWhrjPAZd60XgtFjp8ZSFK4ULMns0nC9pwvPwwZRuysUDkYcZ%2BpULwY%2Fh6FH%2FQmry1rPaHdTXvrSNYAm%2FsCAeWXnax2z3a%2F8RxJPWAtzI0CGtts42vYlY5w%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7beb66367d7230c4-FRA

GET
H3 200 heart.2a83cab78ea0.png
static.fundraiseup.com/images/common/emoji/ Frame 3FE5 3 KB
4 KB 13ms
12ms Image
image/webp 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.fundraiseup.com/images/common/emoji/heart.2a83cab78ea0.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79cfcda8c3ff375e58c3b6955daa0c9b3509285657732d79069e33d3242f94e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 05TEAB1EMMF0HK7W
age: 638277
cf-polished: origFmt=png, origSize=4439
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="heart.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2898
x-amz-id-2: 8O85Zu+irWxRMXK0zx/eHgvJN1jZwOibXTHlTeSr7pztkrlamonlz1YrKEwrBXDHknC6vaPxgak=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Apr 2023 09:56:19 GMT
server: cloudflare
etag: "2a83cab78ea0c158d707fd931ff221f0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gNYmzg2wYLicCfYjKbPTVk6mXsg6CB2PT7xybNUphSbugGE1mVQ1DSIP8Jr3jd%2BNpaU4jB006JLp%2Bb6PBQJnB4mtnEqw3j3q4cj6sWfnhUXbxY6msVXXxOFJEdUTSjYU%2FtOEd5ajXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7beb663689ac6949-FRA

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame ECD0 0
492 B 20ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=1374644b-1bee-4500-8d9d-0748485e5462&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 830 785530e master cdg-pixel-x28 config_version:"unknown" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=1374644b-1bee-4500-8d9d-0748485e5462&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 01:05:51 GMT
Server: MT3 830 785530e master cdg-pixel-x28 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Fri, 28 Apr 2023 01:05:50 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 3437 0
492 B 377ms
271ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951365362
x-envoy-upstream-service-time: 106
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 48
x-stripe-client-envoy-start-time-us: 1682643951318968
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 41F6 55 KB
24 KB 26ms
10ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9kcnVnZnJlZS5vcmc6NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&badge=inline&cb=iqthuzep8ein

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 21:06:40 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 41F6 407 KB
163 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f60d86b7a0533b50a13c93041a550e1672791299373f986d649e4e44e8dfcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167070
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 21:06:39 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 873A 55 KB
24 KB 21ms
12ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 21:06:40 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 873A 407 KB
163 KB 32ms
23ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f60d86b7a0533b50a13c93041a550e1672791299373f986d649e4e44e8dfcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167070
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 21:06:39 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame C0A1 55 KB
24 KB 16ms
13ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 21:06:40 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame C0A1 407 KB
163 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f60d86b7a0533b50a13c93041a550e1672791299373f986d649e4e44e8dfcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167070
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 21:06:39 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame D4F4 55 KB
24 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 21:06:40 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame D4F4 407 KB
163 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f60d86b7a0533b50a13c93041a550e1672791299373f986d649e4e44e8dfcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167070
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 21:06:39 GMT

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 3437 86 KB
16 KB 9ms
8ms Script
text/javascript 2600:9000:2057:3a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:02:40 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 192
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: RT7Xyks2OTc1ZS8mKpbwbuMpKxAhrzpF5gka3-e23Ve93x2C55wmMw==

GET
H2 200 controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html Show response
js.stripe.com/v3/ Frame 8229 325 B
874 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f299570812f10a5431a335b867b9b72fa745fe0050f071f443603a47f34a8cdd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 34
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 01:05:51 GMT
etag: "83cdc86c0f3d8d83bf6bac9f58a55da5"
last-modified: Thu, 27 Apr 2023 20:12:06 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 081a147d-ee95-4949-af39-01dadd83d6f3
x-served-by: cache-fra-eddf8230077-FRA

GET
H2 200 elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html Show response
js.stripe.com/v3/ Frame 68D5 798 B
1 KB 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

70859c4d97ad5b6202a50b165b8d9ff4058800042aac66b401dbf868015c7cdd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17533
cache-control: max-age=31536000
content-encoding: br
content-length: 361
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 01:05:51 GMT
etag: "0739a6afc8e0f33c4cf4f4f2322bd985"
last-modified: Thu, 27 Apr 2023 20:12:06 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 283
x-content-type-options: nosniff
x-request-id: 26f1f5e1-f545-4c7e-a43c-604961c28d71
x-served-by: cache-fra-eddf8230077-FRA

GET
H2 200 elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html Show response
js.stripe.com/v3/ Frame 4CC5 798 B
472 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

70859c4d97ad5b6202a50b165b8d9ff4058800042aac66b401dbf868015c7cdd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17533
cache-control: max-age=31536000
content-encoding: br
content-length: 361
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 01:05:51 GMT
etag: "0739a6afc8e0f33c4cf4f4f2322bd985"
last-modified: Thu, 27 Apr 2023 20:12:06 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 284
x-content-type-options: nosniff
x-request-id: 42744544-650a-4782-a7fd-6e72bb6377aa
x-served-by: cache-fra-eddf8230077-FRA

GET
H2 200 elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html Show response
js.stripe.com/v3/ Frame E910 798 B
439 B 9ms
9ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

70859c4d97ad5b6202a50b165b8d9ff4058800042aac66b401dbf868015c7cdd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17533
cache-control: max-age=31536000
content-encoding: br
content-length: 361
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 01:05:51 GMT
etag: "0739a6afc8e0f33c4cf4f4f2322bd985"
last-modified: Thu, 27 Apr 2023 20:12:06 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 285
x-content-type-options: nosniff
x-request-id: 1447a7ac-04ce-415b-9d17-21cc248824bc
x-served-by: cache-fra-eddf8230077-FRA

GET
H2 200 elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html Show response
js.stripe.com/v3/ Frame 2BAE 820 B
475 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

88d4e2d79181a9b55e01bfdfeb400c0831e63243df730e007dc718826129586d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16057
cache-control: max-age=31536000
content-encoding: br
content-length: 370
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 01:05:51 GMT
etag: "c3ca19bec0109cec3975d8067b6f638e"
last-modified: Thu, 27 Apr 2023 20:12:06 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 4e0b9ecc-2427-4eed-b9a9-9778c7e7b652
x-served-by: cache-fra-eddf8230077-FRA

GET
H2 200 elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html Show response
js.stripe.com/v3/ Frame 405C 798 B
494 B 9ms
9ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6a9d7f67a3f07cb076dfad862634aba07b018bab5c026e56aeaca77ded19b609

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 16656
cache-control: max-age=31536000
content-encoding: br
content-length: 362
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 01:05:51 GMT
etag: "3a2b6a0707a26c7d5dd0595f954fbde2"
last-modified: Thu, 27 Apr 2023 20:12:06 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 27
x-content-type-options: nosniff
x-request-id: e748f1c6-1771-4532-911d-e62d2030cae7
x-served-by: cache-fra-eddf8230077-FRA

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 873A 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:52:14 GMT
x-content-type-options: nosniff
age: 436417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Apr 2023 23:52:14 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 873A 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 437836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:28:35 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 873A 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:30:46 GMT
x-content-type-options: nosniff
age: 437705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:30:46 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 8229 0
716 B 170ms
170ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951476713
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643951475973
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-619a48bc285ef73b842b3144461c7fe5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8229 404 KB
98 KB 8ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

031b0889db1fceb6c266f956b25a9a95fc59e64c72e6bd7c30739c8296dcad0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 17533
x-cache: HIT
content-length: 99723
x-request-id: 209cb03a-8f5f-4fb9-9bba-3c4219f3ee36
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 20:12:18 GMT
server: Fastly
etag: "ffdce8bed3d361dc6ab0efb3b0d43f4f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1461

GET
H2 200 controller-29563f727e5e752fc3bb42afc31979da.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8229 450 KB
123 KB 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-29563f727e5e752fc3bb42afc31979da.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b6918f0f7a4745c4ff5f00786438935cf32c146f14dba7b96c37a054aa2df3ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 27425
x-cache: HIT
content-length: 125905
x-request-id: fd145a3b-2194-4390-8449-f05997994a74
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 17:26:46 GMT
server: Fastly
etag: "4fb125a47507653ef37e355469fe710f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3010

POST
H2 200 csp-report
q.stripe.com/ Frame 68D5 0
716 B 169ms
168ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951482893
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643951482369
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 68D5 0
716 B 170ms
170ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951482676
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643951482384
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-619a48bc285ef73b842b3144461c7fe5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 68D5 404 KB
98 KB 12ms
11ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

031b0889db1fceb6c266f956b25a9a95fc59e64c72e6bd7c30739c8296dcad0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 17533
x-cache: HIT
content-length: 99723
x-request-id: 76e37a2b-d1eb-4940-814e-e0fc5b324f21
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 20:12:18 GMT
server: Fastly
etag: "ffdce8bed3d361dc6ab0efb3b0d43f4f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1462

GET
H2 200 ui-shared-8e0738abf8e3eac6f0c3ffcbc8a62937.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 68D5 288 KB
90 KB 19ms
19ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-8e0738abf8e3eac6f0c3ffcbc8a62937.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

68d5262f35369095b3cfe0f10b208435e814576e80264405ed82ea44f132a58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 27419
x-cache: HIT
content-length: 92316
x-request-id: bfd306ee-3cf4-4022-af33-134a5bed491c
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 17:26:49 GMT
server: Fastly
etag: "6a157162e34a00ebdf695e648c755811"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 791

GET
H2 200 elements-inner-card-49e641e6ae8cb2890df34dabbf62fb3e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 68D5 46 KB
12 KB 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-49e641e6ae8cb2890df34dabbf62fb3e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b48e1141180d9eb4297ddc69ce9b46565ca016186d9ad11471238c620e89beee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 287988
x-cache: HIT
content-length: 12210
x-request-id: 9f15bd4b-ae15-4470-999e-d470c6228f1f
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Mon, 24 Apr 2023 17:02:50 GMT
server: Fastly
etag: "15d6d18487117438f36a7fec85fac587"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6842

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame 68D5 19 KB
3 KB 12ms
12ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 3052905
x-cache: HIT
content-length: 3195
x-request-id: 01ef5f83-3f86-4487-b3c2-c9a1487e72d5
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 34237

GET
H2 200 elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css
js.stripe.com/v3/fingerprinted/css/ Frame 68D5 10 KB
2 KB 20ms
19ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 1756801
x-cache: HIT
content-length: 1614
x-request-id: 799f1217-dda8-49d6-aa97-24276cbdd7fc
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Fri, 07 Apr 2023 17:03:11 GMT
server: Fastly
etag: "26f037181250b55faed2d329facbb2fb"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 25721

POST
H2 200 csp-report
q.stripe.com/ Frame 4CC5 0
716 B 173ms
168ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951488933
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643951488193
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4CC5 0
716 B 170ms
165ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951488945
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643951488223
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-619a48bc285ef73b842b3144461c7fe5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4CC5 404 KB
98 KB 20ms
15ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

031b0889db1fceb6c266f956b25a9a95fc59e64c72e6bd7c30739c8296dcad0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 17533
x-cache: HIT
content-length: 99723
x-request-id: b2fdf488-f0a8-4378-9b2c-7eff813655a2
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 20:12:18 GMT
server: Fastly
etag: "ffdce8bed3d361dc6ab0efb3b0d43f4f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1463

GET
H2 200 ui-shared-8e0738abf8e3eac6f0c3ffcbc8a62937.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4CC5 288 KB
90 KB 24ms
19ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-8e0738abf8e3eac6f0c3ffcbc8a62937.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

68d5262f35369095b3cfe0f10b208435e814576e80264405ed82ea44f132a58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 27419
x-cache: HIT
content-length: 92316
x-request-id: 3bdfdfb7-5054-491b-9acf-7c687b0844c7
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 17:26:49 GMT
server: Fastly
etag: "6a157162e34a00ebdf695e648c755811"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 792

GET
H2 200 elements-inner-card-49e641e6ae8cb2890df34dabbf62fb3e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4CC5 46 KB
12 KB 9ms
9ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-49e641e6ae8cb2890df34dabbf62fb3e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b48e1141180d9eb4297ddc69ce9b46565ca016186d9ad11471238c620e89beee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 287988
x-cache: HIT
content-length: 12210
x-request-id: 122ab2d5-bd4e-4585-9af2-86b3666a697f
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Mon, 24 Apr 2023 17:02:50 GMT
server: Fastly
etag: "15d6d18487117438f36a7fec85fac587"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6843

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame 4CC5 19 KB
3 KB 19ms
14ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 3052905
x-cache: HIT
content-length: 3195
x-request-id: a63af8b3-b1d5-4ef5-8911-f5ea4b9443f1
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 34238

GET
H2 200 elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css
js.stripe.com/v3/fingerprinted/css/ Frame 4CC5 10 KB
2 KB 20ms
15ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 1756801
x-cache: HIT
content-length: 1614
x-request-id: 3ea6e283-7a4e-47d3-9e71-f40a0e10e4c4
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Fri, 07 Apr 2023 17:03:11 GMT
server: Fastly
etag: "26f037181250b55faed2d329facbb2fb"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 25722

POST
H2 200 csp-report
q.stripe.com/ Frame E910 0
716 B 172ms
166ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951495027
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643951494630
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E910 0
716 B 177ms
170ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951495236
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643951494642
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-619a48bc285ef73b842b3144461c7fe5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E910 404 KB
98 KB 26ms
19ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

031b0889db1fceb6c266f956b25a9a95fc59e64c72e6bd7c30739c8296dcad0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 17533
x-cache: HIT
content-length: 99723
x-request-id: 0024b64e-820b-4e5d-a27a-6d5211b528a7
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 20:12:18 GMT
server: Fastly
etag: "ffdce8bed3d361dc6ab0efb3b0d43f4f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1464

GET
H2 200 ui-shared-8e0738abf8e3eac6f0c3ffcbc8a62937.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E910 288 KB
90 KB 26ms
19ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-8e0738abf8e3eac6f0c3ffcbc8a62937.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

68d5262f35369095b3cfe0f10b208435e814576e80264405ed82ea44f132a58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 27419
x-cache: HIT
content-length: 92316
x-request-id: e92f8a87-7ad8-4308-b0a9-466acb69d7d3
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 17:26:49 GMT
server: Fastly
etag: "6a157162e34a00ebdf695e648c755811"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 793

GET
H2 200 elements-inner-card-49e641e6ae8cb2890df34dabbf62fb3e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E910 46 KB
12 KB 10ms
10ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-49e641e6ae8cb2890df34dabbf62fb3e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b48e1141180d9eb4297ddc69ce9b46565ca016186d9ad11471238c620e89beee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 287988
x-cache: HIT
content-length: 12210
x-request-id: f1ea58c0-d25f-4630-a523-ec83c38aa3f9
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Mon, 24 Apr 2023 17:02:50 GMT
server: Fastly
etag: "15d6d18487117438f36a7fec85fac587"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6844

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame E910 19 KB
3 KB 24ms
17ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 3052905
x-cache: HIT
content-length: 3195
x-request-id: 83c2242f-4962-4932-ac14-05338b00f421
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 34239

GET
H2 200 elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css
js.stripe.com/v3/fingerprinted/css/ Frame E910 10 KB
2 KB 25ms
18ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-046f9875f50920dbc17b81ddbea74c2d.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 1756801
x-cache: HIT
content-length: 1614
x-request-id: 5b0a49db-3628-449f-9647-d886e1bc1afb
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Fri, 07 Apr 2023 17:03:11 GMT
server: Fastly
etag: "26f037181250b55faed2d329facbb2fb"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 25723

POST
H2 200 csp-report
q.stripe.com/ Frame 2BAE 0
716 B 173ms
166ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951498423
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643951498237
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2BAE 0
716 B 256ms
248ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951498621
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643951498332
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-619a48bc285ef73b842b3144461c7fe5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2BAE 404 KB
98 KB 28ms
19ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

031b0889db1fceb6c266f956b25a9a95fc59e64c72e6bd7c30739c8296dcad0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 17533
x-cache: HIT
content-length: 99723
x-request-id: 7f11c4c5-37ef-4308-96e3-07fdc9f60bbd
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 20:12:18 GMT
server: Fastly
etag: "ffdce8bed3d361dc6ab0efb3b0d43f4f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1465

GET
H2 200 ui-shared-8e0738abf8e3eac6f0c3ffcbc8a62937.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2BAE 288 KB
90 KB 28ms
20ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-8e0738abf8e3eac6f0c3ffcbc8a62937.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

68d5262f35369095b3cfe0f10b208435e814576e80264405ed82ea44f132a58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 27419
x-cache: HIT
content-length: 92316
x-request-id: 67c59c3b-9f9f-4417-8e95-ba67c7507a8c
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 17:26:49 GMT
server: Fastly
etag: "6a157162e34a00ebdf695e648c755811"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 794

GET
H2 200 elements-inner-au-bank-account-46d07bdf7e046961ee56313380c7a17b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2BAE 16 KB
6 KB 9ms
9ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-au-bank-account-46d07bdf7e046961ee56313380c7a17b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

89d7f54263abdf50646291963910aac79a04a13bd4469a869a27d7f2bc270f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 181688
x-cache: HIT
content-length: 5862
x-request-id: 0bd51d0e-1ebf-4bb5-88f5-4a52f719c77c
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Tue, 25 Apr 2023 21:01:14 GMT
server: Fastly
etag: "102eece8f8afb73154663c16ae9fbd17"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame 2BAE 19 KB
3 KB 27ms
18ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 3052905
x-cache: HIT
content-length: 3195
x-request-id: ae837c75-2954-4bcf-9152-117c62ff9174
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 34240

GET
H2 200 elements-inner-au-bank-account-57fba3d32760450908b133bd3a67dfe9.css
js.stripe.com/v3/fingerprinted/css/ Frame 2BAE 803 B
457 B 27ms
19ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-au-bank-account-57fba3d32760450908b133bd3a67dfe9.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b3317edb36ae2953f386b91e2dd78698347bcfe17cfb655a27e150763f7905b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 1206376
x-cache: HIT
content-length: 314
x-request-id: 584f8bde-5709-4b1e-8b13-a7f6d4ac04d0
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 13 Apr 2023 21:18:25 GMT
server: Fastly
etag: "df8aa0b0d19ae07d20c3a5f512eac71d"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

POST
H2 200 csp-report
q.stripe.com/ Frame 405C 0
716 B 308ms
299ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951640170
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643951639957
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 405C 0
716 B 309ms
300ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951640474
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643951639979
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-619a48bc285ef73b842b3144461c7fe5.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 405C 404 KB
98 KB 32ms
22ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

031b0889db1fceb6c266f956b25a9a95fc59e64c72e6bd7c30739c8296dcad0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 17533
x-cache: HIT
content-length: 99723
x-request-id: d7e15767-d89c-4919-9d62-c435ab657885
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 20:12:18 GMT
server: Fastly
etag: "ffdce8bed3d361dc6ab0efb3b0d43f4f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1466

GET
H2 200 ui-shared-8e0738abf8e3eac6f0c3ffcbc8a62937.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 405C 288 KB
90 KB 32ms
22ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-8e0738abf8e3eac6f0c3ffcbc8a62937.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

68d5262f35369095b3cfe0f10b208435e814576e80264405ed82ea44f132a58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 27419
x-cache: HIT
content-length: 92316
x-request-id: d304085e-0760-4213-b994-e6fa3388cca6
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 27 Apr 2023 17:26:49 GMT
server: Fastly
etag: "6a157162e34a00ebdf695e648c755811"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 795

GET
H2 200 elements-inner-iban-597ad6e6c51724f33f8178d72790a5fb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 405C 18 KB
7 KB 9ms
9ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-iban-597ad6e6c51724f33f8178d72790a5fb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

54b49f19a7cf5ad55069f9ba97bbafd1b062023cd754d3ce63920677be9ffda6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 287469
x-cache: HIT
content-length: 7111
x-request-id: 10333596-a557-4dfc-bffd-298d71b012a9
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Mon, 24 Apr 2023 17:02:50 GMT
server: Fastly
etag: "fe2fea262ad2c524f9b8d9cccc60bbf3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 37

GET
H2 200 ui-shared-a0743d6674663452a45b92310a7268c6.css
js.stripe.com/v3/fingerprinted/css/ Frame 405C 19 KB
3 KB 31ms
21ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-a0743d6674663452a45b92310a7268c6.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 3052905
x-cache: HIT
content-length: 3195
x-request-id: 00988bbe-5531-48ac-a3c5-17c69cdc4e03
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Thu, 23 Mar 2023 17:02:05 GMT
server: Fastly
etag: "dbd37658a3a8a3842b147403a54940ff"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 34241

GET
H2 200 elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css
js.stripe.com/v3/fingerprinted/css/ Frame 405C 485 B
547 B 30ms
21ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 230780
x-cache: HIT
content-length: 226
x-request-id: 81a1d8a4-8ef3-4ff6-95ef-961e519b7e06
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Mon, 24 Apr 2023 20:04:12 GMT
server: Fastly
etag: "f6ff2b5ca153d43c332b4e54c118e3d0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 34

POST
H3 200 tb
fndrsp.net/ 2 B
494 B 128ms
127ms Ping
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AQNJPZQD

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FmGwU0Z4gq7Act8IvjIt4IWkz5hBjbEIkZKEg4GXyvvo7aF69bY0xJkr%2B0bVX3sHXTjre%2BDJohOVw3UbGaz5gt2OyhHsYXfsBEpZpkjalbbT5sySa1TSeep%2Fozu"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://drugfree.org
access-control-allow-credentials: true
cf-ray: 7beb663858915c68-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 6 Show response
m.stripe.com/ Frame 3437 156 B
670 B 522ms
170ms XHR
application/json 34.208.115.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.115.43 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-115-43.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

745776bb3e82020e5974002813e3f337e94d8620372085728dc54bcc6a5225b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643951901809
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1682643951901445
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D4F4 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:52:14 GMT
x-content-type-options: nosniff
age: 436417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Apr 2023 23:52:14 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D4F4 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 437836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:28:35 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D4F4 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:30:46 GMT
x-content-type-options: nosniff
age: 437705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:30:46 GMT

GET
H3 200 token Show response
api.fundraiseup.com/paymentSession/5479328665203767555/googlePay/ 234 B
801 B 143ms
140ms XHR
text/plain 104.26.5.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/paymentSession/5479328665203767555/googlePay/token?merchantOrigin=drugfree.org

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/6873.3ada498ec170deac4c72.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd76bff6e9f5aa3e068b9ec182e1fcff09930e83002d3d4b7e9e307708b94678

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
content-security-policy: frame-ancestors 'self' fundraiseup.com
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-response-time: 32ms
pragma: no-cache
server: cloudflare
vary: Origin
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://drugfree.org
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n92sG3IRwbYpLKZ2RxRffzbIFt298XJq7Rn%2BDnVHo0or9n82NBiVKMSvEOp3c3Fm%2FkeIZA6iUf%2BzF1RZMzP1A9e0bHAgaxJ22h7bvDsqd81JW3QQ%2Bd9tyaa0fYyp4KQ%2FK1nnnpA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7beb6638eb136949-FRA
expires: 0

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 873A 102 B
134 B 25ms
25ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95e9deeefa7eb53c1ef328c9a9793310a04632a3e66b971808d13a16c4f08944

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9kcnVnZnJlZS5vcmc6NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&badge=inline&cb=iqthuzep8ein
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 28 Apr 2023 01:05:51 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298598497637256&ev=InitiateCheckout&dl=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&rl=&if=false&ts=1682643951563&cd[content_name]=Quick%20One-Time%20Checkout&cd[content_ids]=%5B%22FUNJLSAEDSS%22%5D&cd[content_type]=product&sw=1600&sh=1200&v=2.9.102&r=stable&ec=1&o=29&fbp=fb.1.1682643950624.137099953&it=1682643950035&coo=false&eid=event.1682643951561.3836026&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Apr 2023 01:05:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 41F6 102 B
134 B 16ms
15ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95e9deeefa7eb53c1ef328c9a9793310a04632a3e66b971808d13a16c4f08944

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9kcnVnZnJlZS5vcmc6NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&badge=inline&cb=iqthuzep8ein
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 28 Apr 2023 01:05:51 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame D4F4 102 B
134 B 58ms
57ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95e9deeefa7eb53c1ef328c9a9793310a04632a3e66b971808d13a16c4f08944

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9kcnVnZnJlZS5vcmc6NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&badge=inline&cb=o294xlgw3ns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 28 Apr 2023 01:05:51 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame C0A1 102 B
134 B 38ms
37ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95e9deeefa7eb53c1ef328c9a9793310a04632a3e66b971808d13a16c4f08944

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9kcnVnZnJlZS5vcmc6NDQz&hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&size=invisible&badge=inline&cb=o294xlgw3ns6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 28 Apr 2023 01:05:51 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame 621D 13 KB
6 KB 771ms
771ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=drugfree.org&t=xo&v=5.0.370&source=payments_sdk&mrid=FEQXTG8EYPCG2&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=FEQXTG8EYPCG2&currency=EUR&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

50fbed8ca909623832102082225905a6865f67b0cf4680a394ea45aabb09fe3c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ifHLPkj0frePVRGfL1BaSYcTUIoef/pj8RcmeaH/fsQBoYW0' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ifHLPkj0frePVRGfL1BaSYcTUIoef/pj8RcmeaH/fsQBoYW0' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:52 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS
paypal-debug-id: f934869aa531d
server-timing: "traceparent;desc="00-0000000000000000000f934869aa531d-42e55bcca83fdf86-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4749
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230105-FRA
traceparent: 00-0000000000000000000f934869aa531d-6687c7664292bc56-01
x-timer: S1682643952.633425,VS0,VE764
etag: W/"3537-3XbPumpuKCP4BEeqPdil44Pnm2Q"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 621D 1005 B
2 KB 189ms
188ms XHR
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d405a89e2f62bf6205e35373f4aaa31a25837fae43f94c22df860f8beb8edd2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: application/json

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f9348693488c5
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230042-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f9348693488c5-fff15683d368bfb1-01
x-timer: S1682643952.985498,VS0,VE181
etag: W/"3ed-ZOE1qW4pZ9m0M1ty1Pktho+SnEQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://drugfree.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 217ms
202ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://drugfree.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://drugfree.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 28 Apr 2023 01:05:51 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f934869480650
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f934869480650-fef38e55e6a88053-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230042-FRA
x-timer: S1682643952.781905,VS0,VE195

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 116 KB
36 KB 95ms
59ms Script
application/javascript 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb752bc50264e20fb3409303a4ddacd0bf9528f9abbfa01bb7732821ac1caf4a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vm1L0dBJRHBDO513GN1wdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vm1L0dBJRHBDO513GN1wdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 28 Apr 2023 01:05:51 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 8229 474 B
610 B 22ms
7ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0b5d4136315e4225837caecbf5f8a09fe7cde24ebb0f1b367eff68ffa3bea497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-83cdc86c0f3d8d83bf6bac9f58a55da5.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 4
x-cache: HIT
content-length: 297
x-request-id: 9c3aa2a3-86b1-4e34-8c5c-4e38031e0944
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Thu, 27 Apr 2023 20:40:58 GMT
server: Fastly
etag: "1714863a176128e503007ac53746f687"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 68D5 474 B
371 B 7ms
7ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0b5d4136315e4225837caecbf5f8a09fe7cde24ebb0f1b367eff68ffa3bea497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 4
x-cache: HIT
content-length: 297
x-request-id: 6db3a03f-f1ee-4a3a-a790-302f79af8832
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Thu, 27 Apr 2023 20:40:58 GMT
server: Fastly
etag: "1714863a176128e503007ac53746f687"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2BAE 474 B
372 B 7ms
7ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0b5d4136315e4225837caecbf5f8a09fe7cde24ebb0f1b367eff68ffa3bea497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 4
x-cache: HIT
content-length: 297
x-request-id: d71facd6-b698-439f-8391-7b75b69719d5
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Thu, 27 Apr 2023 20:40:58 GMT
server: Fastly
etag: "1714863a176128e503007ac53746f687"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 banks-a7d997c53ff554cc3ec0247e0c61fa42.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 2BAE 4 KB
2 KB 17ms
17ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/banks-a7d997c53ff554cc3ec0247e0c61fa42.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4a9508d1b930239dc0fa249afc784febd3ba9b3506f8e258585a87e7de05a6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-c3ca19bec0109cec3975d8067b6f638e.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:51 GMT
via: 1.1 varnish
age: 778668
x-cache: HIT
content-length: 1459
x-request-id: 47505734-7b2b-4302-b604-161ad090bae7
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Tue, 18 Apr 2023 20:24:50 GMT
server: Fastly
etag: "a7d997c53ff554cc3ec0247e0c61fa42"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 4CC5 474 B
371 B 7ms
7ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0b5d4136315e4225837caecbf5f8a09fe7cde24ebb0f1b367eff68ffa3bea497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 4
x-cache: HIT
content-length: 297
x-request-id: 49496d5b-227c-4e34-a756-abcec647acba
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Thu, 27 Apr 2023 20:40:58 GMT
server: Fastly
etag: "1714863a176128e503007ac53746f687"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 405C 474 B
370 B 8ms
7ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0b5d4136315e4225837caecbf5f8a09fe7cde24ebb0f1b367eff68ffa3bea497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-iban-3a2b6a0707a26c7d5dd0595f954fbde2.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 4
x-cache: HIT
content-length: 297
x-request-id: a45cb774-87ec-41f4-b44f-3a8149dbd27a
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Thu, 27 Apr 2023 20:40:58 GMT
server: Fastly
etag: "1714863a176128e503007ac53746f687"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E910 474 B
371 B 7ms
6ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0b5d4136315e4225837caecbf5f8a09fe7cde24ebb0f1b367eff68ffa3bea497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-0739a6afc8e0f33c4cf4f4f2322bd985.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Apr 2023 01:05:51 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 4
x-cache: HIT
content-length: 297
x-request-id: e8dc39a2-da7c-4e28-8b85-1effa80e643c
x-served-by: cache-fra-eddf8230078-FRA
last-modified: Thu, 27 Apr 2023 20:40:58 GMT
server: Fastly
etag: "1714863a176128e503007ac53746f687"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame B324 7 KB
1 KB 17ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

db27de08495d5527fcb44919525a139cd0836bcd14d9eca2e64255522682f052

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QOLcNktdem0EmZSvziZetQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1147
content-security-policy: script-src 'report-sample' 'nonce-QOLcNktdem0EmZSvziZetQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 01:05:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sync
c212.net/c/ Frame ECD0 0
250 B 108ms
108ms Image
text/plain 13.32.99.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c212.net/c/sync?u=&c=US&dmpId=1&pid=1374644b-1bee-4500-8d9d-0748485e5462
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-45.fra60.r.cloudfront.net
Software: Jetty(9.4.31.v20200723) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
server: Jetty(9.4.31.v20200723)
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
server-timing: intid;desc=e4d8860e60d2c9ef
content-length: 0
x-amz-cf-id: 04ursSyhP7kjT64HUoet1YXrIvtxqOYg3rCq3t8mcIBfJagvniW4kg==

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame ECD0 43 B
528 B 17ms
16ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=435863&check=1374644b-1bee-4500-8d9d-0748485e5462&mop_top=
Requested by: Host: drugfree.org
URL: https://drugfree.org/?form=FUNJLSAEDSS&utm_campaign=2023%20Donation%20Moments&utm_medium=email&_hsmi=256062192&_hsenc=p2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA&utm_content=256062192&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 830 785530e master cdg-pixel-x25 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=1374644b-1bee-4500-8d9d-0748485e5462&no_iframe=1&exsync=https%3A%2F%2Fc212.net%2Fc%2Fsync%3Fu%3D%26c%3DUS%26dmpId%3D1%26pid%3D%5BMM_UUID%5D&mt_lim=1&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 28 Apr 2023 01:05:52 GMT
Server: MT3 830 785530e master cdg-pixel-x25 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Fri, 28 Apr 2023 01:05:51 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 5180 7 KB
1 KB 17ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

489e95ba95d52b53f05063b9b4d57fb9757f09574ab9899ab486d2cdc8e697e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ro2S8hHTWY0Axuk1EhtIkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1147
content-security-policy: script-src 'report-sample' 'nonce-ro2S8hHTWY0Axuk1EhtIkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 01:05:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 357ms
336ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952675896
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952675368
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 353ms
332ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952675523
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952675172
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 350ms
331ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952675646
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952675290
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 359ms
340ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676588
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676109
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 367ms
349ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952675907
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952675516
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 353ms
335ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952675811
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952675511
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 373ms
355ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676957
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682643952676283
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 351ms
334ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676339
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676055
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 353ms
336ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676190
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952675981
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 366ms
349ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676829
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676208
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 355ms
339ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676644
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676273
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 370ms
354ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676946
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676431
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 355ms
339ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676386
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676164
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 352ms
337ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676275
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952675925
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 366ms
352ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676400
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682643952675855
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 361ms
348ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676474
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676035
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 347ms
335ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952675540
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682643952675251
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 342ms
332ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952675888
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1682643952675448
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 344ms
337ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676016
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952675764
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 338ms
333ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952675968
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952675584
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 348ms
347ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676598
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676341
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 351ms
351ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676708
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676391
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 336ms
336ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676771
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676481
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 347ms
347ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952677149
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676549
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 345ms
345ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952677045
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676781
access-control-allow-credentials: true
content-length: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 11DD 18 KB
8 KB 201ms
200ms Document
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fdrugfree.org&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2a86fb0af1ecdcb93bc1f44f072e3fe70ca3e792810bdf6b862cb31ea87fa71

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-REPjTeb3Wx8AQPRVho1Upg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-REPjTeb3Wx8AQPRVho1Upg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 28 Apr 2023 01:05:52 GMT
expires: Fri, 28 Apr 2023 01:05:52 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 334ms
333ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952677302
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1682643952676681
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 323ms
323ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952676940
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676798
access-control-allow-credentials: true
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame B324 55 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 21:06:40 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame B324 407 KB
163 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f60d86b7a0533b50a13c93041a550e1672791299373f986d649e4e44e8dfcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167070
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 21:06:39 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 5180 55 KB
24 KB 11ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 21:06:40 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ Frame 5180 407 KB
163 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f60d86b7a0533b50a13c93041a550e1672791299373f986d649e4e44e8dfcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 21:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167070
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:25:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 21:06:39 GMT

POST
H3 200 tb
fndrsp.net/ 2 B
456 B 138ms
138ms Ping
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AQNJPZQD

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IvZ0Dt5hPDpz1JcCgAT7I8CT6EnbG%2F1aTPZu8joSHmGSq2%2Bsy4iNKh7mvskIzSJ3Cr%2BfHxPsBp15xYjc6sS7fhpN43znZ927deMFku01ZnBRMj5TX0rzv4vGerk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://drugfree.org
access-control-allow-credentials: true
cf-ray: 7beb663efcee5c68-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 tb
fndrsp-checkout.net/ 2 B
509 B 343ms
306ms Ping
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp-checkout.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AQNJPZQD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRPM6rcoahiAsDI8MWXanG68Ap1uc0jLi23vzuBnloI5rG9%2BgMCa1a9xxRVokWiwXmshwhu8kJk0LqN9OTjzn3KVbLYpS7eaxQoDPGLJoPtC7t3bnfgGa26vh2MQ9c%2FfAJA%2BAw9R"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://drugfree.org
access-control-allow-credentials: true
cf-ray: 7beb663f3df09b8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 298ms
295ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952677388
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676860
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 298ms
297ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952677841
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952677068
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 298ms
297ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952677835
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952677192
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 293ms
293ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952677521
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1682643952676942
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8229 0
274 B 281ms
280ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-619a48bc285ef73b842b3144461c7fe5.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:52 GMT
x-stripe-server-envoy-start-time-us: 1682643952677119
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1682643952676987
access-control-allow-credentials: true
content-length: 0

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ Frame 621D 55 KB
17 KB 38ms
9ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=drugfree.org&t=xo&v=5.0.370&source=payments_sdk&mrid=FEQXTG8EYPCG2&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&vault=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 3500939bafc7
dc: ccg11-origin-www-1.paypal.com
content-length: 16464
last-modified: Tue, 03 May 2022 17:28:29 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-000000000000000000003500939bafc7-164968a15e974145-01
etag: "6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Fri, 28 Apr 2023 02:05:52 GMT

GET
H2 200 ts
t.paypal.com/ Frame 621D 42 B
814 B 195ms
172ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AFEQXTG8EYPCG2-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AFEQXTG8EYPCG2-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=6342f383-f7eb-4285-8dd8-1da27255f770&fltp=analytics&mrid=FEQXTG8EYPCG2&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1682643952516&g=0&completeurl=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&ru=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 28 Apr 2023 01:05:52 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: f406bbe1a8aa1
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-fra-eddf8230054-FRA
pragma: no-cache
traceparent: 00-0000000000000000000f406bbe1a8aa1-aeebb24c7f73922f-01
x-timer: S1682643953.563703,VS0,VE144
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 01:05:52 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame B324 40 KB
24 KB 59ms
59ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8abec8d404dd80935420f737a543ad25ce7e05b02586789d2df87b480935833

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24474
x-xss-protection: 1; mode=block
expires: Fri, 28 Apr 2023 01:05:52 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 5180 39 KB
24 KB 58ms
58ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cc605503c3ff857a96a5be95be333b63b2eb0545eca0665e8cdcf46936bd63ca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24502
x-xss-protection: 1; mode=block
expires: Fri, 28 Apr 2023 01:05:52 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame D90C 54 KB
17 KB 10ms
10ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Fri, 28 Apr 2023 01:05:52 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-d994"
expires: Fri, 28 Apr 2023 02:05:52 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 2933ba232e212
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000002933ba232e212-c8a419c5d232e4ff-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 11DD 2 KB
2 KB 131ms
131ms Other
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: c-cv904.na1.hubspotlinks.com
URL: https://c-cv904.na1.hubspotlinks.com/Ctc/UA+113/c-Cv904/VVr5hy6kzbWHVbVz6Q4zz9H3W33LWhB4ZV2WfN4Hzmfm3q905V1-WJV7CgCkHW5mdqBD4XzVH7W6yw85F977_J5W6pSxxb7KSwXvW7yyt7C3MVLdMW2s5J125565JWW7mRtHw42B3LvW552-Gr5b0R04W49MG0D5RcGqVN6G9cQH_tvrDW437M4x7b1QcRV9-H443p4LsmW2RFYlx7Yc6WHVT7Bfr6rQY3BW2kHNxf6qClsrW3H8vgJ1wT8N2W7Yml9T74Wty7W88_stn4D1GSTW8Wy-tl6pjrYTW3nSmbm8dls_ZW9hMHjd6_DTFcW3NXHDX7B3TlhW8zGdcl1QY4lwW4pJyH297sB0WW3Qy5Bh21_PjL32f81
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fdrugfree.org&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I2Qo1WeU2DU.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/r... Frame 11DD 156 KB
55 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I2Qo1WeU2DU.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhnUfX9pd_H04z-aZc24iGs4GkHRw/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fdrugfree.org&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7200705aed5c1fb33575c8066b75efd51c8b96ffdc03828a64e71e0614ee90f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 17:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56384
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 12:25:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 17:20:22 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame B324 600 B
624 B 8ms
7ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:09:35 GMT
x-content-type-options: nosniff
age: 438977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Apr 2023 23:09:35 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame B324 530 B
554 B 10ms
7ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:21:51 GMT
x-content-type-options: nosniff
age: 467041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Apr 2023 15:21:51 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame B324 665 B
689 B 14ms
12ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:02:00 GMT
x-content-type-options: nosniff
age: 468232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Apr 2023 15:02:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B324 15 KB
15 KB 11ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 437837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:28:35 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B324 15 KB
15 KB 14ms
12ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 601229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B324 15 KB
15 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:30:46 GMT
x-content-type-options: nosniff
age: 437706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:30:46 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame B324 60 KB
60 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AL8dmw9n3jRu_9iPsIeVDkhaK1Zt2ER4h0McbIDOO_YPl2qszsQv_GbN6aqcbEVtOzbyM40FH8pLyU9XT4E0zQu7PpCu-vfxsgr5FTwaMQCdRfnXQM_NqzzAaN76MU0qgqqhgPPmnCPrJKJMRvl-mfVk_ZlOoATeq-E4ob5-zjrtv76-E_QH6dsqXJdcLfkfvr1nad-qJ7cAzxQ1sMng4oWGnFmGf68ymGmmr80000RawxuDBqn7CEU&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5ba7123fffae964cb83c437a2257f26d4a2c6bb94ddf2975c343802bc435635b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61071
x-xss-protection: 1; mode=block
expires: Fri, 28 Apr 2023 01:05:52 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5180 600 B
624 B 8ms
7ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:09:35 GMT
x-content-type-options: nosniff
age: 438977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Apr 2023 23:09:35 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5180 530 B
554 B 19ms
18ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:21:51 GMT
x-content-type-options: nosniff
age: 467041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Apr 2023 15:21:51 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5180 665 B
689 B 20ms
19ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:02:00 GMT
x-content-type-options: nosniff
age: 468232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Apr 2023 15:02:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5180 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 437837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:28:35 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5180 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 601229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5180 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:30:46 GMT
x-content-type-options: nosniff
age: 437706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:30:46 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame 5180 31 KB
31 KB 18ms
16ms Image
image/jpeg 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AL8dmw9r4CWhwrJ4-Ckpwq2WyzMVvZzYJdrGhI-loN6XAwv6IrhaFEM_2bDEP67xRIqJF7D0zJ2hRzzsFmkt1j4cmxnMiNqN2KQXjLUNl3k5zXcSxOcKTHM8uV7KmllJuNU3wuY6ud_mCC1bkgxuQrBJjXEVSEHuX1utenLxoqjW94-xL1x7b9dgG6cvR0KoGHiNXWbMs2jf70x6Tdzlad39WC_Wps_UiE8QbEeEznKkwCA0AmEZGaQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8bfe2015c20e885ed285b5ad76a796ba2121bcadf77c3c2bb8f1ad1becc989a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=4PnKmGB9wRHh1i04o7YUICeI&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32146
x-xss-protection: 1; mode=block
expires: Fri, 28 Apr 2023 01:05:52 GMT

GET
H2 200 ts
t.paypal.com/ Frame 621D 42 B
160 B 188ms
188ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AFEQXTG8EYPCG2-1&page=muse%3Aoffer%3A%3A%3AFEQXTG8EYPCG2-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=6342f383-f7eb-4285-8dd8-1da27255f770&es=visitorInfoFlowStarted&mrid=FEQXTG8EYPCG2&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1682643952794&g=0&completeurl=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 28 Apr 2023 01:05:52 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 1f3f387714114
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-fra-eddf8230054-FRA
pragma: no-cache
traceparent: 00-00000000000000000001f3f387714114-3efb7331000a70d3-01
x-timer: S1682643953.798216,VS0,VE181
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Apr 2023 01:05:52 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame D90C 437 B
2 KB 337ms
335ms Fetch
application/json 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f0cf6ca9cd0f3751d2c712731196077bece59700f1942569959d8f0fb54d612

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-9cjbah0iCZq4okCep6UfB0Ow0YlSs1ifonjVs7G7PdQO0p4E' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-9cjbah0iCZq4okCep6UfB0Ow0YlSs1ifonjVs7G7PdQO0p4E' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
date: Fri, 28 Apr 2023 01:05:53 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f12176467f902
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230105-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f12176467f902-d069c4df1ae0a160-01
x-timer: S1682643953.997759,VS0,VE328
etag: W/"1b5-gFGMpHuHvJGlnS3D+cW/9ZjnAnM"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 174ms
173ms Preflight 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 28 Apr 2023 01:05:52 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f1217648d2395
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f1217648d2395-0ba197b66856b5fe-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230042-FRA
x-timer: S1682643953.821352,VS0,VE165

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I2Qo1WeU2DU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fKn... Frame 11DD 70 KB
26 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I2Qo1WeU2DU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fKnjMrCWPFo.L.B1.O/am=wLEBQA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgximxFHuRrEgIjwUHLMmLIF6_sXw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/ujg=1/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I2Qo1WeU2DU.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhnUfX9pd_H04z-aZc24iGs4GkHRw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b4d96dd7dbcc2f8c65071dd2467ba6d2a0ccf185a62ce0b39fe358fc201e35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 16:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26141
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 01:25:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 16:14:14 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 11DD 1 MB
385 KB 64ms
64ms XHR
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b833ada5dc92e0019e3e5770ecd602e82eacfac19e6ec951c43de15204c92474

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3baS5mTcZXQ8k9BjSpdynQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3baS5mTcZXQ8k9BjSpdynQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 28 Apr 2023 01:05:52 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I2Qo1WeU2DU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fKn... Frame 11DD 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I2Qo1WeU2DU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fKnjMrCWPFo.L.B1.O/am=wLEBQA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgximxFHuRrEgIjwUHLMmLIF6_sXw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/ujg=1/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b264b3c55e426c2b8f42b92596dbe265a7d29f750582806213799dbf57058b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 16:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9374
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 01:25:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 16:14:15 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I2Qo1WeU2DU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fKn... Frame 11DD 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.I2Qo1WeU2DU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fKnjMrCWPFo.L.B1.O/am=wLEBQA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgximxFHuRrEgIjwUHLMmLIF6_sXw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/ujg=1/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

287863bd09fa0e39071ddb8112ec7dc27eaeaf0634baca30c145485a8401bb63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 16:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13516
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 01:25:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 16:14:15 GMT

POST
H3 200 log Show response
play.google.com/ Frame 11DD 131 B
155 B 33ms
16ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 01:05:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 38ms
13ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 28 Apr 2023 01:05:52 GMT
expires: Fri, 28 Apr 2023 01:05:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 11DD 131 B
155 B 41ms
24ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 01:05:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 36ms
14ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 28 Apr 2023 01:05:52 GMT
expires: Fri, 28 Apr 2023 01:05:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 11DD 131 B
155 B 33ms
17ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 01:05:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
16ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 28 Apr 2023 01:05:52 GMT
expires: Fri, 28 Apr 2023 01:05:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 33ms
15ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 28 Apr 2023 01:05:52 GMT
expires: Fri, 28 Apr 2023 01:05:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 11DD 131 B
155 B 34ms
18ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 01:05:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 31ms
15ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 28 Apr 2023 01:05:52 GMT
expires: Fri, 28 Apr 2023 01:05:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 11DD 131 B
155 B 34ms
17ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 01:05:52 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 31ms
15ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 28 Apr 2023 01:05:52 GMT
expires: Fri, 28 Apr 2023 01:05:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 11DD 131 B
155 B 35ms
18ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 28 Apr 2023 01:05:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Apr 2023 01:05:52 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 140ms
118ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2397838929&v=1.1&a=8282853&rcu=https%3A%2F%2Fdrugfree.org%2F&pu=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&t=Partnership+to+End+Addiction&cts=1682643953000&vi=0cf5adc47bf23930066031ac4fda7b07&nc=true&u=11262379.0cf5adc47bf23930066031ac4fda7b07.1682643952996.1682643952996.1682643952996.1&b=11262379.1.1682643952996&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 11dc4d5a-ce50-428c-b649-fcff5056bb7b
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4d6e5821-4d7d-46f8-8ef6-a2744015c2ba
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCq3ruigweFQCKcYPcssgEF7vIlxVTvu56ym7T7e5kmU8y8iFk92oxidE4ku0ZEQfmIJqbscm%2FSio18ylt504VoUo9g1YX66G9Cpa9vYYEF1vhosi%2FbqpCWaRmL5ftne%2Bp6kwqKaKPBatH4AQ7Pd"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-7gblk
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7beb66427f469b70-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
636 B 141ms
128ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=c61f025e-dd92-4669-9c20-aa56749416e9&fci=c6bde0fc-ccd3-4e45-a024-a9191700d40a&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2397838929&v=1.1&a=8282853&rcu=https%3A%2F%2Fdrugfree.org%2F&pu=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&t=Partnership+to+End+Addiction&cts=1682643953006&vi=0cf5adc47bf23930066031ac4fda7b07&nc=true&u=11262379.0cf5adc47bf23930066031ac4fda7b07.1682643952996.1682643952996.1682643952996.1&b=11262379.1.1682643952996&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 632c4f9c-de85-48a1-a696-19095591e0ac
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0b458813-53d9-4786-b5fc-f6bd5f6cacb9
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0msjuFS5%2F4D3OSCjrGGikZ7KsHP5%2BTqpDOeBUAQ%2BKri7PwHvmF0mrjQfDFgOIdILdm21WudfNXedoz12cSboLij3JROokZTc1wEukwQV6rnE4h1WQlgCZvPOU0cXmlIJwr25uWSDITzrZFVfo%2Fq"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-r7kqt
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7beb66427f4c9b70-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 160ms
146ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=c61f025e-dd92-4669-9c20-aa56749416e9&fci=c6bde0fc-ccd3-4e45-a024-a9191700d40a&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2397838929&v=1.1&a=8282853&rcu=https%3A%2F%2Fdrugfree.org%2F&pu=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&t=Partnership+to+End+Addiction&cts=1682643953008&vi=0cf5adc47bf23930066031ac4fda7b07&nc=true&u=11262379.0cf5adc47bf23930066031ac4fda7b07.1682643952996.1682643952996.1682643952996.1&b=11262379.1.1682643952996&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1a65113a-ff7a-49b7-af50-f1795ef0626c
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5501af8f-16f7-431f-bd8b-f375fa0a1549
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POYChLVvRRtv2KnOCNSXLd%2FlZtyAwfoQnu2ZJ7v3NU9urqtMGdvKJvNnDkSPgxsBDY1dkcvqtl9%2B4H1MtFOq8MsbJAgR1T6tgbQTRoOShAYg0ynGZ8Sce%2BxzrAi%2BBTzIj8GnK0wE7cPtmx1M5YC2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-r7kqt
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7beb66427f479b70-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
631 B 132ms
127ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=016a42ba-f163-41ea-a443-33cef8b44eee&fci=981599b3-2214-4e95-bce7-da500c4cf54e&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2397838929&v=1.1&a=8282853&rcu=https%3A%2F%2Fdrugfree.org%2F&pu=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&t=Partnership+to+End+Addiction&cts=1682643953010&vi=0cf5adc47bf23930066031ac4fda7b07&nc=true&u=11262379.0cf5adc47bf23930066031ac4fda7b07.1682643952996.1682643952996.1682643952996.1&b=11262379.1.1682643952996&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d49e0254-4843-4661-becf-87be3fa8b958
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: db97dfea-b22a-4ae6-be4e-2a28b30687a7
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duPK4RNTokhN%2FRwIaBRddTvzNxBMXCaZxfp24Iv1x71DsiNtcIi0qxebSrWxAvKoEw9%2F4majo2p7C64PgkwgVJSDH5YhPSEZebavB%2Bj4AvT%2Ftfpjhef%2BRrVaSMtlUKpcA25tDKoPyKMh2rXe8rEL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-zftp9
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7beb66427f4a9b70-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
637 B 131ms
126ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=016a42ba-f163-41ea-a443-33cef8b44eee&fci=981599b3-2214-4e95-bce7-da500c4cf54e&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2397838929&v=1.1&a=8282853&rcu=https%3A%2F%2Fdrugfree.org%2F&pu=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&t=Partnership+to+End+Addiction&cts=1682643953013&vi=0cf5adc47bf23930066031ac4fda7b07&nc=true&u=11262379.0cf5adc47bf23930066031ac4fda7b07.1682643952996.1682643952996.1682643952996.1&b=11262379.1.1682643952996&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 01:05:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1c9df950-d808-4146-a4c8-69c0dbeda9a8
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4a4b26ae-b0d4-4ac6-98af-9ed2f4de7bef
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngZw6fcR%2BpwrPRBG80CHdq8Kk0TzP8p8dV3GwCYgdaApCMrtlBCNK1sxupZIpSI8gUw0RTEvSFLYFp2csSEbmfNBFH5dSAdEvskGufNFVGqUCxj4pHkeHSmAZrKjQrISlNm7ffDzFCXZGc69T%2BkH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-lcxp9
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7beb66427f489b70-FRA
x-robots-tag: none

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 33D7 200 B
946 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drugfree.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 9856406
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 01:05:53 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 416575
x-content-type-options: nosniff
x-request-id: 6f9acaed-7582-4069-9e3b-93b4a9d23991
x-served-by: cache-fra-eddf8230077-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame 33D7 0
716 B 167ms
166ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643953153550
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643953153032
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 33D7 0
716 B 171ms
171ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643953154543
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682643953153318
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 33D7 631 B
480 B 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:53 GMT
via: 1.1 varnish
age: 14274063
x-cache: HIT
content-length: 332
x-request-id: b9f08811-f720-490e-a754-fa00d5e0cad2
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 362896

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 648B 930 B
2 KB 9ms
8ms Document
text/html 2600:9000:2057:3a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 160
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 28 Apr 2023 01:05:12 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amz-cf-id: WApZN9KNy13LFObkQhuePan3Nv57vumWy6FVXjnDW2tGGc5NtHlXmA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 648B 0
490 B 166ms
165ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 28 Apr 2023 01:05:53 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643953180256
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1682643953179934
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 648B 86 KB
16 KB 9ms
8ms Script
text/javascript 2600:9000:2057:3a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:02:40 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 194
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: btzG0YOWILmfbIHpV_N_5q9VPFn23qHQfGDmcCt3XY_-3FiNO7pLEA==

POST
H2 200 6 Show response
m.stripe.com/ Frame 648B 156 B
669 B 172ms
171ms XHR
application/json 34.208.115.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.115.43 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-115-43.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5ab3a0e0fd351b3d09070e1ef2fb9f6870c38c1e8ae36ecc68250ca8262ab286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 28 Apr 2023 01:05:53 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682643953215563
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1682643953215159
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ECZGQ0GWSZ&gtm=45je34q0&_p=1771490407&cid=1227335195.1682643950&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dl=https%3A%2F%2Fdrugfree.org%2F%3Fform%3DFUNJLSAEDSS%26utm_campaign%3D2023%2520Donation%2520Moments%26utm_medium%3Demail%26_hsmi%3D256062192%26_hsenc%3Dp2ANqtz-9IbfhLSzLiRANvRLPTyvpP4C1SqyZuFvW_VpE96uXyAdU5-_LV2q6rHIJ7T2KpD_cFeSkdoDdXnDLdFYAvIsImSzQLpA%26utm_content%3D256062192%26utm_source%3Dhs_email&dt=Partnership%20to%20End%20Addiction&sid=1682643950&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ECZGQ0GWSZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drugfree.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 01:05:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drugfree.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 621D 295 B
367 B 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drugfree.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 28 Apr 2023 01:05:57 GMT
via: 1.1 varnish
age: 14274042
x-cache: HIT
content-length: 209
x-request-id: 64d4cca7-c5bb-4d86-bde2-6b879ce4d9a1
x-served-by: cache-fra-eddf8230077-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 47440

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 15:43:15	Name: _GRECAPTCHA Value: 09ABAvrlQvYzAhrHDphYry8OIdJlrH6Sm7_5lJVblcwvoer0XkhvSHexZlR1eE-IGtLQZizkI2dnk2R6hTddgoS6U
c212.net/c	1970-01-20 15:50:27	Name: c Value: 0%3A7fffffff%3A9788343b%3A644b1bed%3Aedd5
.drugfree.org/	1970-01-20 21:00:03	Name: fundraiseup_cid Value: 16826439486728678626
.drugfree.org/	1970-01-20 13:33:39	Name: _gcl_au Value: 1.1.2135287711.1682643949
.t.co/	1970-01-20 21:00:03	Name: muc_ads Value: f7505ac1-02da-47de-9a0f-f67a49fb5d56
.serving-sys.com/	1970-01-20 12:07:15	Name: ActivityInfo2 Value: 0058W9DuN0_
.serving-sys.com/	1970-01-20 12:07:15	Name: u2 Value: a0ff2e40-e09c-48db-a777-3bff52bcfd774Mj060
.twitter.com/	1970-01-20 21:00:03	Name: personalization_id Value: "v1_qFyfrvqa65cbf7O+Uj/yqw=="
.drugfree.org/	1970-01-20 11:25:30	Name: _gid Value: GA1.2.324134486.1682643950
.drugfree.org/	1970-01-20 11:24:04	Name: _gat_UA-18808595-1 Value: 1
.drugfree.org/	1970-01-20 11:24:04	Name: _gat_UA-18808595-11 Value: 1
.drugfree.org/	1970-01-20 21:00:03	Name: _ga Value: GA1.1.1227335195.1682643950
.drugfree.org/	1970-01-20 21:00:03	Name: _ga_Z5LKKRKCEL Value: GS1.1.1682643950.1.0.1682643950.0.0.0
.bing.com/	1970-01-20 20:45:39	Name: MUID Value: 3659117E234C62C4106D027F22E0630B
.drugfree.org/	1970-01-20 11:25:30	Name: _uetsid Value: d0d65060e56011edb21c83aa732bf4aa
.drugfree.org/	1970-01-20 20:45:39	Name: _uetvid Value: d0d68850e56011edab4b19d0e4801461
.mathtag.com/	1970-01-20 20:49:59	Name: uuid Value: 1374644b-1bee-4500-8d9d-0748485e5462
.drugfree.org/	1970-01-20 20:09:39	Name: _hjSessionUser_1354502 Value: eyJpZCI6IjRiZWY1OTkwLTdlMDMtNTA0Zi1iNmM3LWU1ZGUzODI1MzBhZiIsImNyZWF0ZWQiOjE2ODI2NDM5NTA1NzUsImV4aXN0aW5nIjpmYWxzZX0=
.drugfree.org/	1970-01-20 11:24:05	Name: _hjFirstSeen Value: 1
.drugfree.org/	1970-01-20 11:24:04	Name: _hjIncludedInSessionSample_1354502 Value: 0
.drugfree.org/	1970-01-20 11:24:05	Name: _hjSession_1354502 Value: eyJpZCI6IjU4NDg3NzI3LWE3YzctNDAxZi04NmFmLWM1MGYwYWI4ZmZkNCIsImNyZWF0ZWQiOjE2ODI2NDM5NTA1OTIsImluU2FtcGxlIjpmYWxzZX0=
.drugfree.org/	1970-01-20 11:24:05	Name: _hjAbsoluteSessionInProgress Value: 0
.drugfree.org/	1970-01-20 13:33:39	Name: _fbp Value: fb.1.1682643950624.137099953
.drugfree.org/	1969-12-31 23:59:59	Name: fundraiseup_session Value: {%22t%22:%22.drugfree.org%22%2C%22s%22:%221682643948995%22%2C%22sp%22:2%2C%22x%22:%2210%22}
.mathtag.com/	1970-01-20 12:07:15	Name: mt_misc Value: mt_bt:1
.drugfree.org/	1970-01-20 21:00:03	Name: _ga_ECZGQ0GWSZ Value: GS1.1.1682643950.1.0.1682643951.59.0.0
.mathtag.com/	1970-01-20 12:07:15	Name: mt_mop Value:
.google.com/	1970-01-20 15:47:35	Name: NID Value: 511=AixsfPnGhWrRy60A8k1NQ1blkksE3FPYzeslzglf4esu8aWG-OvDvVKIQaULr7uiIc0UWWJKxNBWHuGxWgXiTtB1WlJfKRMFoFYbgymOVSqQOSWmW7iZvC5RpHZaL_VD31UCQ5OepipFIfGiZuf90TlfCNajQ3bDm8XVrXgE1b4
m.stripe.com/	1970-01-20 21:00:03	Name: m Value: 89d7e733-b5e9-48b2-a6b1-bdb0a8395b3c321724
.drugfree.org/	1970-01-20 20:09:39	Name: __stripe_mid Value: 3d021a6e-74b8-4ab8-abd2-a0d2166c414f76f656
.drugfree.org/	1970-01-20 11:24:05	Name: __stripe_sid Value: b70d0973-7f38-4bbc-81a2-4fbc655561c27a1613
.paypal.com/	1970-01-20 21:00:03	Name: ts_c Value: vr%3Dc56523ff1870a8a0c6827cc5ffffffff%26vt%3Dc56523ff1870a8a0c6827cc5fffffffe
.drugfree.org/	1970-01-20 15:43:15	Name: __hstc Value: 11262379.0cf5adc47bf23930066031ac4fda7b07.1682643952996.1682643952996.1682643952996.1
.drugfree.org/	1970-01-20 15:43:15	Name: hubspotutk Value: 0cf5adc47bf23930066031ac4fda7b07
.drugfree.org/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.drugfree.org/	1970-01-20 11:24:05	Name: __hssc Value: 11262379.1.1682643952996
.hubspot.com/	1970-01-20 11:24:05	Name: __cf_bm Value: GcYIPPximN7oXClOs9jqY2MeRW8d3LNwd_e9O_4LVhE-1682643953-0-ATTmt2O+/cG9mPykqSZF7iFf+jImgy84Cg6D0IfSByMueJC7yUnaxTtgn6lklghMWc9vF1uG41XrAI4yHcQLxGs=
.paypal.com/	1970-01-20 20:09:39	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 11:24:35	Name: LANG Value: de_DE%3BDE
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY4MjY0Mzk1MzIzOSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 11:28:23	Name: tsrce Value: targetingnodeweb
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AFBQ_UdHNAuuA4FA3b_gSumPC1OQbta_t.5ixOoe87Q5XCNeeLmEUwLaJKukwH4ap601vb8JCecsg
.paypal.com/	1970-01-20 11:24:05	Name: l7_az Value: dcg01.phx
.paypal.com/	1970-01-20 21:00:03	Name: ts Value: vreXpYrS%3D1777338353%26vteXpYrS%3D1682645753%26vr%3Dc56523ff1870a8a0c6827cc5ffffffff%26vt%3Dc56523ff1870a8a0c6827cc5fffffffe%26vtyp%3D
.paypalobjects.com/	1970-01-20 11:25:30	Name: paypal-offers--cust Value: null:null:null

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://static.fundraiseup.com/checkout.3e0398635ab22d60ed29.js Message: Allow attribute will take precedence over 'allowpaymentrequest'.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.fundraiseup.com
b2642783.smushcdn.com
bat.bing.com
bs.serving-sys.com
c-cv904.na1.hubspotlinks.com
c212.net
cdn.c212.net
cdn.fundraiseup.com
connect.facebook.net
drugfree.org
fndrsp-checkout.net
fndrsp.net
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
js.hsforms.net
js.stripe.com
m.stripe.com
m.stripe.network
pay.google.com
pixel.mathtag.com
play.google.com
q.stripe.com
r.stripe.com
region1.analytics.google.com
region1.google-analytics.com
script.crazyegg.com
script.hotjar.com
secure-ds.serving-sys.com
sentry.fundraiseup.com
static.ads-twitter.com
static.fundraiseup.com
static.hotjar.com
stats.g.doubleclick.net
t.co
t.paypal.com
track.hubspot.com
ucarecdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
104.244.42.3
104.244.42.69
104.26.5.251
13.32.99.45
146.75.116.157
147.135.78.45
151.101.1.21
151.101.128.176
151.101.193.35
18.66.97.49
188.114.96.3
188.114.97.3
192.229.221.25
2.16.186.25
2.18.233.201
2001:4860:4802:34::36
2400:52e0:1e00::1080:1
2600:9000:2057:3a00:19:7d10:bd80:93a1
2600:9000:223c:1000:16:cfb1:a0c0:93a1
2606:4700::6810:8bce
2606:4700::6810:bb41
2606:4700::6811:6bc7
2606:4700::6811:d4f3
2606:4700::6811:d5f3
2606:4700::6812:19c4
2606:4700::6812:873b
2606:4700::6812:cb1
2606:4700::6813:9308
2606:4700::6813:9a53
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9a
2a00:1450:400c:c0a::5c
2a02:26f0:3500:11::215:14dc
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.215.209.146
34.208.115.43
52.222.236.122
52.29.31.225
54.187.159.182
01014fb5bed5e21b7ae3ca6d476b9b24617c8b2077dd96fab4836697f1476e01
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
031b0889db1fceb6c266f956b25a9a95fc59e64c72e6bd7c30739c8296dcad0b
04635a249a821f57b33b7bbaecdd98e15fbf93bad68ac1053364fd019486d945
07fae80e23ec0d79096f6b641dfd582b4a8ab0c2a6398f8862b5a5dc7f937d3c
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0b5d4136315e4225837caecbf5f8a09fe7cde24ebb0f1b367eff68ffa3bea497
0d35b3de00f30593016a51298f44dff3bc15799076461b3a58789892afb760d0
0de93453ab7ed9c546d7f73ae584b3ad3e36226315fa45aa28713819e2c7a6d7
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
10fdc76cd92396525cf18941196d2251aa4d0c05ba2a0a5421e3af99c01503ae
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
15d221d00382d43099417debb791114499730b7e5e7aa1e092ad867bc0c8789a
1689cac0273907a63ff4b652ca6dc4a05799d8dd354e159556a48ce5752cbadd
16a9478cf49fdd6423eea5feb0e47ef3354d9b58d02e843fccbd19423aec4dcc
17bbae2e0f0c3492e456951f6f76bb2de1f797426c44b18ff9ec6cba5fe5659d
199e3307596527c519954add56f1cf27c296a7e76cebdc8f535771aef8701ea6
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10
1f60d86b7a0533b50a13c93041a550e1672791299373f986d649e4e44e8dfcba
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
22234cd6b02a2761a05750be3312766a0ab055e651d4255a43cd95645a6cf80e
249ba5cb7246f2ea4c249bc161fa90db331c46e0ed7654127bc18e44dd6f3daa
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25bcfc5d84e9a6f121cbce9d638dc13691d0a87efdcb7cb91a367181ef1bfe5a
27ad1d6006a125bdfe54c1b41724736d9edd705e9d934954d7a38d4528c6b143
285ac2c8a9756cb4d09262ef56e6f8ebfebb0a4711ae28fc354ee4fc7187c2e1
287863bd09fa0e39071ddb8112ec7dc27eaeaf0634baca30c145485a8401bb63
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c26124a05418b54329b1411d8f60ad73ef7f517f220045a4468c050cfe2d49c
2c4f8d66c9bae8c9f00d858fd7192dffcb5f86c4f2775a3abb1ac6143347b460
2cb3465b76760e995f060c47bf962d15049bcc8edf53f974a4cf181da6f931b7
2cbba247ca6de6962085423c671b17bd76d58692e32e8e40ad808a12e27bbeab
329d8142dfb49efadeaf4a13ab5256660f55450522a8c2e2c50bca3ab90f0b72
3338c82cbcea67cd682199940100b7d44018acb03e7f232be3e2ef2730fc1df5
34244de931380f37cd8cd0aa1f74c0bd96fbaa5c3a95a1493e19a67134a95d70
351cbd1b6acd78f66291817b182d8c554db1489686ff779c6e3e2e94e6251bfd
355ace3684c48b3ba293e57bd53b3c9f54ddd36467bc4725c428aab087679b3a
35dc5153ae31a290fbcdbdcf72c8eb6015695a63308e8e6a0a3aa9d0f618ef4e
36fc9410b3f02fdce5060168717a2182c1275ba8f116f257661b6deaa2851ee9
39408c95ff280b560a37029bb071fd2040281705a3eb478eb2970db224eef7fd
3b1b6b41195e47d81c77e6771b89e717dc6acebda46d691af89e9e185db58d53
3c8207b70427b6643f8f05f6512b5dd715c732cf83e8e6121073bc4ee4d879fb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
433de54c0bd3db38b5121a04a428a0bfb6bd8162287300583553fc5cdeb978e9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4431a5374cb4423c56fc90de7cdb0d1b40e847c6e8caac08001148fcda1e8b83
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44d65f79f7b3f8325c989d5c49a28456e948c1848f416ec27950906d65287cff
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
4812cf4a078168d4a1338dc71eeb59def7a0699ac3535d3f6016e79832a054a0
484c2a9ed3a82a57d496c15f84d3da8257208e0a0fef76a6ddf304b69908bbb3
489e95ba95d52b53f05063b9b4d57fb9757f09574ab9899ab486d2cdc8e697e4
48cb0148850c7fe2cc8efa4abd54301b9fac1e544634a27227d2fa3c3a04ecd1
48d894948dbab2efb7ba700f1d524132f81a6aac51a20084cf23f0a8fcabed15
49ece89012f756dac1682b900dd4fd184bbf7de3f1a2086031a8f3fbcc389e82
4a9508d1b930239dc0fa249afc784febd3ba9b3506f8e258585a87e7de05a6aa
4ec05bb3633f88173ca0168580314160bb75c293130f1129874271ccafac7b8d
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50fbed8ca909623832102082225905a6865f67b0cf4680a394ea45aabb09fe3c
54b49f19a7cf5ad55069f9ba97bbafd1b062023cd754d3ce63920677be9ffda6
5542aa0448512f0077b452d3c1e5902dbf2c8de67d5600370335e5267c4a3918
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ab3a0e0fd351b3d09070e1ef2fb9f6870c38c1e8ae36ecc68250ca8262ab286
5ba7123fffae964cb83c437a2257f26d4a2c6bb94ddf2975c343802bc435635b
61c1056e913d2d88985ac9acece6f99beb391f1bd3fc3466f55288c40079ff39
61e796fc3bfa417fa0d347db03260a2600edf009ce93b2df2f3e8c4b4463171c
6258ec85c02711aca66fc86b2e5ea18716f95f013aa051f8bd4782f669bfb03a
6271b54f1e485948bbddc90c5755632dda8bf924a61d04029d19cde212c0f2ad
629074e6c4a51683788693742c8faa83dffcf45e42d0467d35023631531cf54b
62e628543b1cb5d27bee0072459c5b65d3eaf373862f5c51555f3eb2fdd6a41f
6364d2b23cfc778001bbe0aec86e1049defbe32e57965a42e118bf784ec13a5f
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
65081a2369df20fedaaa0f4c787ed4805c08cdae572bb813f08982f0381a4cf1
68d5262f35369095b3cfe0f10b208435e814576e80264405ed82ea44f132a58d
6a96b6a4e5f3c88e8ffe9b0fbddb81591ac4ff9782d0aee685fdc1dec0f0b7af
6a9d7f67a3f07cb076dfad862634aba07b018bab5c026e56aeaca77ded19b609
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c26fa98707d1c87c30d2fc179659d8708578e0dafd95792ca5f8044e4ad1852
6cc9e5133bac44c3eb427153f6cf0756dd7228c25057b30a42703f446db16b4d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7051e6c08b0a7640009ca7fc6a9a33d6a08f86393edd7281e05c38083394fd9b
70859c4d97ad5b6202a50b165b8d9ff4058800042aac66b401dbf868015c7cdd
714efc8e0e3abf859c865370715dceb448306614d0dd8117ad06faabf5681d34
72ffb7be1595bea670f9440d8f9d3b27674ea239a5a9ad6bc01673ec9572e47e
73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186
745776bb3e82020e5974002813e3f337e94d8620372085728dc54bcc6a5225b2
76fa34904e5e53dc20736cabfbacdc8efabc84ebe8f664a7707b4c6fd6310db4
792632bf30dbfae8c40b11760e13c69bc49b342326909517a38c0740c65fc8ed
798d10a2358bf2bb2383db429dbd3872c61623eae564f5ec4b35cebe16e8d3ee
79cfcda8c3ff375e58c3b6955daa0c9b3509285657732d79069e33d3242f94e2
79edc9daf40ed7f21f979c38f11a51f04fd6be6b90d8760f912e1ae51b115cb5
7bd1b64dae73f34b5b32b1d8fde5a486ffb6ea60a91915ebd9f8f632d3552769
7dabfc85fd5ab7fd6ee733af7b4cadac9d7fd4e8dce1398678b8b87393036456
7fdf7644a9c76376240e57b0e64a0fa77e3eff14cf26d5779883552627460b4c
8205fa766fac97c6b31850384f465ec41a860b6347e872d7007e0af4c31fdd8f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8355c8539944fa485fca127385dc3725d3fa9f7a68eed05429eb461071d1c444
83570984ac066eae1a59773c11bfef094e6557791d7456d492b306c8257adf43
8455a7ce9bd5574d0c06f4a96a950afab8ccd97189c6baa230dfa3fd1a2708cb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87bdad0c1f7ae890c8df40a4475127c0bf1af967ff2e6d9a41703b7a503ed520
8821cd10861112ac07254592b0b332abd02cfb6ac32c0ac71378be0fb58c309f
884c0a4756ec9785481a2a6a3cbc4ee6085eb60360ef048e917acbc5b023d044
88d4e2d79181a9b55e01bfdfeb400c0831e63243df730e007dc718826129586d
8990e1cacb6e07a5e3b45d67f6cae39ab510f871d85400ec5ae9d84b1ab89c5b
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89d7f54263abdf50646291963910aac79a04a13bd4469a869a27d7f2bc270f3b
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8bfe2015c20e885ed285b5ad76a796ba2121bcadf77c3c2bb8f1ad1becc989a0
8e9a7236a8326d24ef072194766b80e083f74dede5e9434f48df9ac70f9b0ab8
90e0c45f44b756a60e3dd2a8697c0e2327f8a700e71f028868c75318531581a8
93bae0dd32bd186fbd1f08991bdf2c93510c718a2c0bf52b46713586ec3be103
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95e9deeefa7eb53c1ef328c9a9793310a04632a3e66b971808d13a16c4f08944
9775cd9bf83e2343a727e193d80aa6c00c4910cbde9f6a8281f9f9e3abee035f
9b4d96dd7dbcc2f8c65071dd2467ba6d2a0ccf185a62ce0b39fe358fc201e35c
9db3bb1fed99d3d590084ee196bf89faa09d66d8cc1a974f17d3f964c05a2bf8
9f0cf6ca9cd0f3751d2c712731196077bece59700f1942569959d8f0fb54d612
9f8158d733aab41235dcb57f88a60f1d0bc1e2a8c9154fc3a22917ab2844af4e
a2a16d2940205b3d6c9b3beaac23c2a9f48ba97a06844b088b7ab9c400dcc616
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6426278784de0295a6c11aa13683595c5fbd79e81f0f8b2a4a83e0cf318fae7
a69ca4239972b69ca26e34fb1e380f2cf83afc3c78d0d88c1851808ba19afe28
a862551720913c682e4ce454867adc01633dbf31ad132ce1cd4d4ef68292c835
a9eb65b5474ab72b192a650fa117bdb27daeec660e171c4acff00d413aa768cc
ac0eed0925278f6e9e12505feb97e74e706ce28dafbf9a5463ecdfa2d532a5f1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b237f93294f583c1375c8531b404cc21e17e9f15769a254c7d08d512d292f10b
b264b3c55e426c2b8f42b92596dbe265a7d29f750582806213799dbf57058b95
b3317edb36ae2953f386b91e2dd78698347bcfe17cfb655a27e150763f7905b1
b48e1141180d9eb4297ddc69ce9b46565ca016186d9ad11471238c620e89beee
b615e1196fdccd018cce89eb1abd79e84736ae824e93d6e4c134dbdd9b0e7525
b6918f0f7a4745c4ff5f00786438935cf32c146f14dba7b96c37a054aa2df3ab
b833ada5dc92e0019e3e5770ecd602e82eacfac19e6ec951c43de15204c92474
b85df52b32a62f9a7de50b736eac6e6ae8b2cde2fa177b185593511668934051
bc498ca98532ff49c5649d14aa87580d520966ffd4a4b30874179886c3d3f45d
bd6ef8c5f2d094a0297833a28914635e1aaf38ef53f9d5dc95dc4696bab5869a
be52c64beff26262780cf4d4f78c42934a4a0b17cc216d765da0dbe6c26fa279
beb85df238002c24b24c84dc4b97377c866ceb2808e3aae4ce46e5dcd3d3642b
c0bf4a2a1cfa91e3a41177b5996f3cac4e430e299f7ae357b22314644f0c5268
c1c93844ca684648e325b0bb2b1c6245944b6c5ae5653001ae50646d2d16524a
c29af4757b60d023fc310efe359ced76fdbec3361821e55a1c6099389f935841
c2ef1fb8e14731044ec0ef5180e4252ce4620bab1fa108ce11907f64db95a8c6
c6319be0f68fb1cf0fc052512808b8c3bcec8bc407f0e5d16c397592bc467e46
c74f2c4ab48823aade5b87df701183b4930de537ffaf6ffa10b022769a199741
c8abec8d404dd80935420f737a543ad25ce7e05b02586789d2df87b480935833
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9c4cd52c3dd745a229da2f0dda750478ec496ef00bb1fbf1ec5eba1371cb159
c9cfce60e59ade10d786b20eab223c3cb3e061694d77c26993bee22a9fa3862e
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
caafc701d7a4942e770de82e5dae8582b7afc6da85c50b1e99457dcedd1e0b6d
cbe3b465622eacbfcc91f3221f3726d27f07263bd8e27cd0bb4229ca9db7c7b7
cc567f15c54910768b7e7746d6285dc17ef764d58d22b733deab46cb2b3604a9
cc605503c3ff857a96a5be95be333b63b2eb0545eca0665e8cdcf46936bd63ca
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccb348c56075499c7515c254852df8fe7ea90e2ffbbf98022455841dfafcd97c
ce0684751f104925f1c1ed329c2ed45f9d1cbccd7de11e72609c78a711263882
ce6add62abf850acf32592374597d35af6ff08c9b66993888978c453584b6768
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d01886ef8b3761d14964198cf2084e703431266bebd3bb9758af88476ff63733
d0bea28a24ed50bc2d837a61cccd8669caabf7fcea94103a5e4beffe067fda1f
d194f76f940646b0c21586b5bb3d255b577af7d0bf9c7a89f938fbac4bb365c3
d405a89e2f62bf6205e35373f4aaa31a25837fae43f94c22df860f8beb8edd2d
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d79c889138cf2a0948ac659ab8d3ef54302f3d7d674e63cd6f69f6fc1d74eaab
d7ca90f5224456c5b0b3377d1dd87a5a96ee9f07b6b9ca0b86e4e757b3a0f50b
d7fea83abc115c622c32eadceeeb09c75cbeeb217b09835cb18e3cea24fc9b0d
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
db27de08495d5527fcb44919525a139cd0836bcd14d9eca2e64255522682f052
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd76bff6e9f5aa3e068b9ec182e1fcff09930e83002d3d4b7e9e307708b94678
de55de0d68a32f262cab4f3ea06c4124475dc03cecbb9be150fd08e95f3b89d7
df8944bf0e8d9596e393a10db0408637c20c4a38f59e3d08c10c643a26795576
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c52027d4255f455a6ac40b8c8f3d04b497d73bb2e4a8f29be65125b656304f
e45ec0ec8248dbe0ce177e7dfb9f0117da6ed1a2c7c1b4c39674ce9f15730020
e5abfd65c55dc5e6f697b2825ff51a5d645e7b23a6d959c324143b71f36055df
e7200705aed5c1fb33575c8066b75efd51c8b96ffdc03828a64e71e0614ee90f
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7be3b9dd3ae55133b94f2c9eab1263ad2e86bccbf2b2b19897af32ab9068a7d
e7fe6cddb7354738ba40784bab66dc4b6cce364ad55d117f08aaf19eb6ba88ef
ea147bfbd9eea6ba64e8e981ba4fed0e5e69ddc5a02c0dafe47dd1508e47f1fa
eb36ad6b731dbeb51f62cbe178c6f7bccbf7d936b712d56df2448d7e93dd2556
eb752bc50264e20fb3409303a4ddacd0bf9528f9abbfa01bb7732821ac1caf4a
ec6aeb97f65e6838b59b6b416e672193b6d026210ece9c63133cfc8cce424718
ee431470c13290a583f30995c6658fda6fe6b4a6e5f51c32ed1970bac8212b1b
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1de8adc3e5e57e25f9c97f2eb0f99b23b7d795399a0bb390ae0f187eb416c2f
f1f9d401f4356ba40c1546aadcd4d53fff41454b04213e07c91ccc8ba58b5894
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f26a2105f322886dc9ab3abc493f08c0576156026cb30a9d0fd0da1983f8c1ff
f299570812f10a5431a335b867b9b72fa745fe0050f071f443603a47f34a8cdd
f2a86fb0af1ecdcb93bc1f44f072e3fe70ca3e792810bdf6b862cb31ea87fa71
f2d273e83e36b2709f8861128b1b3be29e18d1456aaaed5606f9faf19e974655
f34616a1714025cda536f27fbc2609fabe98ec92bf406022c23f2381311aa12d
f3fc62506de42adfb582af370a04969bead1f675a15960c4fa397fe82d143895
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fbaaba78357d4ed64648de8c0b4d969a5422ec1a384a382fdf82e034aa07da53
fe4bc8dd3ed69bf2875bacf0fe2776c9f109ca2f90bfbf7fb6a915cad69c8983
ff30bda6951604ed3e63e52d326189c1557d383f6b1504959cd24c28366bc0d2

drugfree.org Open in urlscan Pro 3.215.209.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

365 Requests

100 %HTTPS

59 %IPv6

37 Domains

54 Subdomains

50 IPs

5 Countries

8864 kBTransfer

22448 kBSize

45 Cookies

7 Outgoing links

Page URL History

Redirected requests

365 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

drugfree.org Open in urlscan Pro
3.215.209.146 Public Scan

Screenshot
Live screenshot

Full Image

365
Requests

100 %
HTTPS

59 %
IPv6

37
Domains

54
Subdomains

50
IPs

5
Countries

8864 kB
Transfer

22448 kB
Size

45
Cookies

365 HTTP transactions
1 data transactions