shop.heroinsupport.org Open in urlscan Pro
23.227.38.74 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://shop.heroinsupport.org/
Submission: On September 26 via automatic, source certstream-suspicious (September 26th 2021, 12:04:02 pm UTC) — Scanned from DE

Summary HTTP 284 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 70 IPs in 5 countries across 46 domains to perform 284 HTTP transactions. The main IP is 23.227.38.74, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is shop.heroinsupport.org.
TLS certificate: Issued by R3 on September 26th 2021. Valid for: 3 months.

This is the only time shop.heroinsupport.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
26	2a04:4e42:800... 2a04:4e42:800::268	54113 (FASTLY) (FASTLY)
2	2a04:4e42:800... 2a04:4e42:800::282	54113 (FASTLY) (FASTLY)
2	2600:9000:21f... 2600:9000:21f3:7c00:1f:123e:c280:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:21ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:9cd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.72.223 172.67.72.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::ac43:4703	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:20:... 2606:4700:20::ac43:498a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.146.248.82 54.146.248.82	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
6	13.224.193.78 13.224.193.78	16509 (AMAZON-02) (AMAZON-02)
3	13.225.78.103 13.225.78.103	16509 (AMAZON-02) (AMAZON-02)
6	13.225.78.56 13.225.78.56	16509 (AMAZON-02) (AMAZON-02)
3	13.224.193.38 13.224.193.38	16509 (AMAZON-02) (AMAZON-02)
8	104.198.248.251 104.198.248.251	15169 (GOOGLE) (GOOGLE)
5	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
2	54.209.91.188 54.209.91.188	14618 (AMAZON-AES) (AMAZON-AES)
1	23.227.38.33 23.227.38.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	13.224.193.11 13.224.193.11	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	13.224.193.28 13.224.193.28	16509 (AMAZON-02) (AMAZON-02)
7	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28f::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:20ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.193.116 13.224.193.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c01::9d	15169 (GOOGLE) (GOOGLE)
2	13.225.78.46 13.225.78.46	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	54.78.108.238 54.78.108.238	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	18.159.15.241 18.159.15.241	16509 (AMAZON-02) (AMAZON-02)
4	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.225.78.67 13.225.78.67	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	3.87.166.65 3.87.166.65	14618 (AMAZON-AES) (AMAZON-AES)
18	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c0b::5c	15169 (GOOGLE) (GOOGLE)
2	54.186.42.192 54.186.42.192	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:36d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:46::44 2620:1ec:46::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6810:6d12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:643	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:294::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:1ec:bdf::44 2620:1ec:bdf::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:20e... 2600:9000:20eb:f600:1:427b:a440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:2a00:c:cd6:6900:93a1	16509 (AMAZON-02) (AMAZON-02)
3	13.225.78.51 13.225.78.51	16509 (AMAZON-02) (AMAZON-02)
1 5	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	52.54.234.247 52.54.234.247	14618 (AMAZON-AES) (AMAZON-AES)
2	44.241.220.182 44.241.220.182	16509 (AMAZON-02) (AMAZON-02)
1	3.216.159.230 3.216.159.230	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:37d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
1	52.29.166.16 52.29.166.16	16509 (AMAZON-02) (AMAZON-02)
284	70

16 23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)

shop.heroinsupport.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a04:4e42:800::268 (United States)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
productreviews.shopifycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:800::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:7c00:1f:123e:c280:93a1 (United States)

ASN16509 (AMAZON-02, US)

shipping-bar-cdn.shopstorm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:21ac (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.getvop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.getvop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:9cd1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.codeblackbelt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.72.223 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

code.tidio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:4703 (United States)

ASN13335 (CLOUDFLARENET, US)

widget-v4.tidiochat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:498a (United States)

ASN13335 (CLOUDFLARENET, US)

loox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.248.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-248-82.compute-1.amazonaws.com

upsell-now.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.193.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-78.fra2.r.cloudfront.net

sdk.loyaltylion.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-103.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.78.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-56.fra2.r.cloudfront.net

secure.givelively.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.193.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-38.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.198.248.251 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 251.248.198.104.bc.googleusercontent.com

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

sdk-static.loyaltylion.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.209.91.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-91-188.compute-1.amazonaws.com

api.getvop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.33 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.224.193.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-11.fra2.r.cloudfront.net

members.givelively.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.193.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-28.fra2.r.cloudfront.net

images.givelively.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28f::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:20ed (United States)

ASN13335 (CLOUDFLARENET, US)

www.codeblackbelt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.193.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-116.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-46.fra2.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.108.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-108-238.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.15.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-15-241.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-67.fra2.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.87.166.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-87-166-65.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0b::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.186.42.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-42-192.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:36d8 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zotabox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn-stamped-io.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6d12 (United States)

ASN13335 (CLOUDFLARENET, US)

upsells.boldapps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:643 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tabarn.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
discount-cache.tabarn.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:294::1d72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn1.stamped.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f600:1:427b:a440:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.hextom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:2a00:c:cd6:6900:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.hextom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-51.fra2.r.cloudfront.net

cdn.pushowl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.0.84 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.234.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-234-247.compute-1.amazonaws.com

spm.hextom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.241.220.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-220-182.us-west-2.compute.amazonaws.com

stamped.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.159.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-159-230.compute-1.amazonaws.com

fsb.hextom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:37d8 (United States)

ASN13335 (CLOUDFLARENET, US)

stats.zotabox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a13 (United States)

ASN13335 (CLOUDFLARENET, US)

discount-cache.tabarn.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.166.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-166-16.eu-central-1.compute.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	stripe.com js.stripe.com q.stripe.com r.stripe.com m.stripe.com	346 KB
26	givelively.org secure.givelively.org members.givelively.org images.givelively.org	3 MB
24	shopify.com cdn.shopify.com	580 KB
21	google.com 1 redirects apis.google.com www.google.com pay.google.com play.google.com	431 KB
16	heroinsupport.org shop.heroinsupport.org	170 KB
11	loyaltylion.net sdk.loyaltylion.net sdk-static.loyaltylion.net	250 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	237 KB
11	googleapis.com fonts.googleapis.com maps.googleapis.com ajax.googleapis.com	253 KB
10	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	188 KB
8	shopifysvc.com monorail-edge.shopifysvc.com	3 KB
7	google-analytics.com www.google-analytics.com	80 KB
7	facebook.com www.facebook.com	152 KB
5	hextom.com cdn.hextom.com cdn2.hextom.com spm.hextom.com fsb.hextom.com	82 KB
5	tabarn.app cdn.tabarn.app discount-cache.tabarn.app	111 KB
5	pinterest.com 1 redirects ct.pinterest.com www.pinterest.com	2 KB
5	facebook.net connect.facebook.net	250 KB
5	tidiochat.com widget-v4.tidiochat.com	265 KB
5	getvop.com cdn.getvop.com api.getvop.com c.getvop.com	225 KB
4	pinterest.de www.pinterest.de	14 KB
4	stamped.io cdn1.stamped.io stamped.io	43 KB
4	stripe.network m.stripe.network	173 KB
4	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	81 KB
4	datadome.co js.datadome.co api-js.datadome.co	71 KB
4	fontawesome.com use.fontawesome.com	164 KB
3	jsdelivr.net cdn.jsdelivr.net	8 KB
3	pushowl.com cdn.pushowl.com	36 KB
3	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
3	googletagmanager.com www.googletagmanager.com	147 KB
3	cloudflare.com cdnjs.cloudflare.com	15 KB
2	bugsnag.com sessions.bugsnag.com	141 B
2	yotpo.com staticw2.yotpo.com p.yotpo.com	120 KB
2	boldapps.net upsells.boldapps.net	114 KB
2	zotabox.com static.zotabox.com stats.zotabox.com	30 KB
2	shopifycdn.com productreviews.shopifycdn.com	12 KB
2	google.de www.google.de	677 B
2	googleadservices.com www.googleadservices.com	16 KB
2	pinimg.com s.pinimg.com	20 KB
2	loox.io loox.io	21 KB
2	codeblackbelt.com cdn.codeblackbelt.com www.codeblackbelt.com	78 KB
2	shopstorm.com shipping-bar-cdn.shopstorm.com	73 KB
2	polyfill.io polyfill.io	755 B
1	sentry.io sentry.io	451 B
1	azureedge.net cdn-stamped-io.azureedge.net	25 KB
1	shop.app shop.app	1 KB
1	herokuapp.com upsell-now.herokuapp.com	19 KB
1	tidio.co 1 redirects code.tidio.co	557 B
284	46

	Domain	Requested by
24	cdn.shopify.com	shop.heroinsupport.org cdn.shopify.com
17	q.stripe.com	shop.heroinsupport.org secure.givelively.org
16	members.givelively.org	secure.givelively.org
16	shop.heroinsupport.org	shop.heroinsupport.org cdn.shopify.com widget-v4.tidiochat.com cdn.tabarn.app
15	js.stripe.com	secure.givelively.org js.stripe.com
13	play.google.com	www.gstatic.com
8	monorail-edge.shopifysvc.com	cdn.shopify.com
7	www.google-analytics.com	cdn.shopify.com shop.heroinsupport.org www.googletagmanager.com www.google-analytics.com www.gstatic.com
7	www.facebook.com	connect.facebook.net www.facebook.com shop.heroinsupport.org
6	secure.givelively.org	shop.heroinsupport.org secure.givelively.org members.givelively.org
6	sdk.loyaltylion.net	shop.heroinsupport.org cdn.shopify.com sdk.loyaltylion.net sdk-static.loyaltylion.net
6	fonts.gstatic.com	fonts.googleapis.com
5	www.gstatic.com	pay.google.com www.gstatic.com
5	maps.googleapis.com	secure.givelively.org maps.googleapis.com
5	sdk-static.loyaltylion.net	sdk.loyaltylion.net
5	connect.facebook.net	shop.heroinsupport.org connect.facebook.net cdn.shopify.com
5	widget-v4.tidiochat.com	shop.heroinsupport.org code.tidio.co
5	fonts.googleapis.com	shop.heroinsupport.org sdk.loyaltylion.net widget-v4.tidiochat.com
4	www.pinterest.de	s.pinimg.com shop.heroinsupport.org
4	pay.google.com	js.stripe.com pay.google.com shop.heroinsupport.org www.gstatic.com
4	m.stripe.network	js.stripe.com m.stripe.network
4	ct.pinterest.com	cdn.shopify.com shop.heroinsupport.org
4	images.givelively.org	secure.givelively.org members.givelively.org
4	use.fontawesome.com	secure.givelively.org use.fontawesome.com
3	cdn.jsdelivr.net	cdn.tabarn.app
3	discount-cache.tabarn.app	cdn.tabarn.app cdn.shopify.com
3	cdn.pushowl.com	shop.heroinsupport.org cdn.shopify.com
3	vars.hotjar.com	static.hotjar.com
3	www.googletagmanager.com	cdn.shopify.com secure.givelively.org
3	cdnjs.cloudflare.com	secure.givelively.org cdn.tabarn.app
3	script.hotjar.com	static.hotjar.com
3	static.hotjar.com	shop.heroinsupport.org www.googletagmanager.com
2	sessions.bugsnag.com	cdn.shopify.com
2	stamped.io	cdn.shopify.com
2	cdn2.hextom.com	shop.heroinsupport.org
2	cdn1.stamped.io	shop.heroinsupport.org cdn-stamped-io.azureedge.net
2	cdn.tabarn.app	shop.heroinsupport.org cdn.tabarn.app
2	upsells.boldapps.net	shop.heroinsupport.org
2	productreviews.shopifycdn.com	shop.heroinsupport.org productreviews.shopifycdn.com
2	m.stripe.com	m.stripe.network
2	heapanalytics.com	secure.givelively.org
2	www.google.de	shop.heroinsupport.org
2	www.google.com	1 redirects shop.heroinsupport.org
2	cdn.heapanalytics.com	shop.heroinsupport.org
2	api-js.datadome.co	members.givelively.org
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	js.datadome.co	members.givelively.org
2	s.pinimg.com	cdn.shopify.com s.pinimg.com
2	apis.google.com	secure.givelively.org
2	api.getvop.com	cdn.shopify.com
2	loox.io	shop.heroinsupport.org
2	cdn.getvop.com	shop.heroinsupport.org cdn.getvop.com
2	shipping-bar-cdn.shopstorm.com	shop.heroinsupport.org
2	polyfill.io	shop.heroinsupport.org
1	p.yotpo.com
1	sentry.io	members.givelively.org
1	stats.zotabox.com	cdn.shopify.com
1	fsb.hextom.com	cdn.shopify.com
1	spm.hextom.com	cdn.shopify.com
1	ajax.googleapis.com	productreviews.shopifycdn.com
1	www.pinterest.com	1 redirects
1	cdn.hextom.com	shop.heroinsupport.org
1	staticw2.yotpo.com	shop.heroinsupport.org staticw2.yotpo.com
1	cdn-stamped-io.azureedge.net	shop.heroinsupport.org
1	static.zotabox.com	shop.heroinsupport.org
1	r.stripe.com	js.stripe.com
1	in.hotjar.com	cdn.shopify.com
1	c.getvop.com	shop.heroinsupport.org
1	stats.g.doubleclick.net	cdn.shopify.com
1	www.codeblackbelt.com	cdn.shopify.com
1	shop.app	cdn.shopify.com
1	upsell-now.herokuapp.com	shop.heroinsupport.org
1	code.tidio.co	1 redirects
1	cdn.codeblackbelt.com	shop.heroinsupport.org
284	75

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.heroinsupport.org
www.tiktok.com
smile.amazon.com
offers.konversiontheme.com
www.shopify.ca
hextom.com

Subject Issuer	Validity	Valid
shop.heroinsupport.org R3	`2021-09-26` - `2021-12-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
shopstorm.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-07` - `2022-05-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.herokuapp.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
loyaltylion.net Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.givelively.org Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
monorail-edge.shopifysvc.com R3	`2021-08-06` - `2021-11-04`	3 months	crt.sh
sdk-static.loyaltylion.net R3	`2021-09-16` - `2021-12-15`	3 months	crt.sh
api.getvop.com R3	`2021-09-21` - `2021-12-20`	3 months	crt.sh
shop.app R3	`2021-09-07` - `2021-12-06`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2019-10-08` - `2021-10-21`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
heapanalytics.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 02	`2021-08-21` - `2022-08-16`	a year	crt.sh
boldapps.net Cloudflare Inc ECC CA-3	`2021-06-05` - `2022-06-04`	a year	crt.sh
*.yotpo.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-02`	a year	crt.sh
cdn1.stamped.io DigiCert TLS RSA SHA256 2020 CA1	`2021-04-24` - `2022-04-24`	a year	crt.sh
*.hextom.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
ik.imagekit.io R3	`2021-09-23` - `2021-12-22`	3 months	crt.sh
Stamped.io Sectigo RSA Domain Validation Secure Server CA	`2020-05-19` - `2022-08-21`	2 years	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh

This page contains 19 frames:

Primary Page: https://shop.heroinsupport.org/
Frame ID: 8831AFDC3CC9D4DC7E4CBE3E9C6A77F4
Requests: 140 HTTP requests in this frame

Frame: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser
Frame ID: ACC99D00F90B68621A650A12A00A6469
Requests: 29 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/share_button.php?app_id=2138978306124091&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df155df5e9f980c4%26domain%3Dshop.heroinsupport.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshop.heroinsupport.org%252Ff15654bd80aa3fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fheroinsupport&layout=button_count&locale=en_US&sdk=joey&width=200
Frame ID: F31D96AE73C184C718F5097AD1625A91
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=2138978306124091&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ad64b3751032c%26domain%3Dshop.heroinsupport.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshop.heroinsupport.org%252Ff15654bd80aa3fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fheroinsupport&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=200
Frame ID: 3E2EE6ECE923DBB92021ABC223AEE9B2
Requests: 1 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_77_0/static/js/chunk-WidgetIframe-37e3a46cca72f53ace00.js
Frame ID: B155734E5FBA4BFBEB814DFD8D4D5191
Requests: 5 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 634418E33B7058AC8FED8A23E9ADA2C3
Requests: 1 HTTP requests in this frame

Frame: https://secure.givelively.org/donate/heroin-support-inc?ref=sd_widget&widget_url=https%3A%2F%2Fshop.heroinsupport.org%2F&referrer_url=&show_donate_now_button=false
Frame ID: 790B20DE777FC5FCA5A3164EDC5720EF
Requests: 30 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 2F4A059432FF1BAF083CF8A00CC4CC7E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Frame ID: E6F137E79CD863417C872C90DE4B956B
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap
Frame ID: F9BEB52BC23534E313A8DE706A864EED
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 8A965C27D6D4D5E3236ECCD2B600FCCF
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-04e60e8da60719ecbecd629c5dfe17a5.html
Frame ID: 3AD1063F4BFAD28E4C69F3CA42014671
Requests: 19 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-9cadf1cd3fc71f0b4ce3a9edc79569af.html
Frame ID: 0BCFF46BBA7CE71008F2A3F8FF01F601
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-395bf14539c9b44d77f554015723f268.html
Frame ID: 7C1A82DCEC7D9A210C2D7E3212162969
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: C29BA86653D057EB12EBA405226816A8
Requests: 16 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 564A93CB6B62ECAB599FE2158E4305C9
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Frame ID: A614D0B34B6F0064785110BCE028912E
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D20F998287A3262D6F5936E2B8E45109
Requests: 4 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 82E7DCE109100ABC15EC4271FC3C6E31
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Heroin Support Fundraiser – HeroinSupport.org Heroin Support Fundraiser – HeroinSupport.org

Detected technologies

Loox (Widgets) Expand

Overall confidence: 100%
Detected patterns

loox\.io/widget

Shopify (Ecommerce) Expand

Overall confidence: 25%
Detected patterns

<link[^>]+=['"]//cdn\.shopify\.com

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js
googletagmanager\.com/gtm\.js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

PushOwl (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.pushowl\.com

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

284
Requests

99 %
HTTPS

57 %
IPv6

46
Domains

75
Subdomains

70
IPs

5
Countries

7827 kB
Transfer

23902 kB
Size

33
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/heroinsupport
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/heroinsupport
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/heroinsupport/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/HeroinSupport
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.heroinsupport.org/
Title: VISIT OUR WEBSITE

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@heroinsupport?lang=en
Title: Follow Us on TiKTok

Search URL Search Domain Scan URL

URL: http://www.facebook.com/HeroinSupport
Title: Donate Via Facebook

Search URL Search Domain Scan URL

URL: https://smile.amazon.com/gp/ch/list/47-1293444/ref=smi_cl_ls_llol_lol

Search URL Search Domain Scan URL

URL: http://offers.konversiontheme.com/
Title: HeroinSupport.org

Search URL Search Domain Scan URL

URL: https://www.shopify.ca/pci-compliant?utm_source=secure&utm_medium=shop

Search URL Search Domain Scan URL

URL: https://hextom.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://code.tidio.co/oj3uxtszkjlt73hcve3wqqkuq2gr7gqg.js HTTP 302
https://widget-v4.tidiochat.com/1_77_0/static/js/render.37e3a46cca72f53ace00.js

Request Chain 116

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819916235/?random=119178280&cv=9&fst=1632657837186&num=1&label=tigeCM7M784BEMvb-4YD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DHeroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&frm=0&url=https%3A%2F%2Fshop.heroinsupport.org%2F&tiba=Heroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&auid=2011839152.1632657837&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rWFQYdiJDZnH7gOhi4XwDQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/819916235/?random=119178280&cv=9&fst=1632657837186&num=1&label=tigeCM7M784BEMvb-4YD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DHeroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&frm=0&url=https%3A%2F%2Fshop.heroinsupport.org%2F&tiba=Heroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&auid=2011839152.1632657837&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rWFQYdiJDZnH7gOhi4XwDQ&cid=CAQSKQCNIrLMpxi45Q02n5xXeZRRsUe73xTlYKC7DFWdOZ3qykOfpOgORDai&random=2777918823&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/819916235/?random=119178280&cv=9&fst=1632657837186&num=1&label=tigeCM7M784BEMvb-4YD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DHeroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&frm=0&url=https%3A%2F%2Fshop.heroinsupport.org%2F&tiba=Heroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&auid=2011839152.1632657837&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rWFQYdiJDZnH7gOhi4XwDQ&cid=CAQSKQCNIrLMpxi45Q02n5xXeZRRsUe73xTlYKC7DFWdOZ3qykOfpOgORDai&random=2777918823&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hBAkqLG1f6Mkzj5WEG4SsUUmxUFZCTYGTumoKcAkcPtqmCGg4wCdjviGF0sTCPnSLwpozlIRlbX7UD2iHoT7wyY

Request Chain 237

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

284 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
shop.heroinsupport.org/ 324 KB
94 KB 172ms
149ms Document
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91ea71f6d3aa51acc45275db494f975c0946d38d537c50cdf56208de9f7a12d8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: shop.heroinsupport.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 26 Sep 2021 12:03:55 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 57
x-sorting-hat-shopid: 18295133
x-storefront-renderer-rendered: 1
set-cookie: secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:03:55 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 10 Oct 2021 12:03:55 GMT _shopify_evids=pv%3D4729030e72e01c3ead05082cf7c3cef0fba16def01e6c7b049e4793dc4a85808; path=/ _orig_referrer=; Expires=Sun, 10-Oct-21 12:03:55 GMT; Domain=heroinsupport.org; Path=/; HttpOnly; SameSite=Lax _landing_page=%2F; Expires=Sun, 10-Oct-21 12:03:55 GMT; Domain=heroinsupport.org; Path=/; HttpOnly; SameSite=Lax _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:55 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:55 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:55 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:55 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-shopify-request-trackable: true
x-alternate-cache-key: cacheable:b28af7faf51c491cf25c484959cdcb77
x-cache: hit, server
x-frame-options: DENY
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
strict-transport-security: max-age=7889238
x-shopid: 18295133
x-shardid: 57
vary: Accept
content-language: en
x-shopify-stage: production
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-request-id: 576f4462-5ae9-487f-b1f4-e06bca6fcbfb
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-download-options: noopen
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 694c5a106f3bd6ed-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 1 KB
468 B 44ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c15171fcd5929135b805d4b4dbf845248179064899580dec8a1de845da08c489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Sep 2021 12:02:43 GMT
server: ESF
date: Sun, 26 Sep 2021 12:03:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Sep 2021 12:03:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
927 B 44ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:600

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

719691ed2538c0caec57cca97f3ea15ea3e27775397b769fbf97a80827f5313b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Sep 2021 12:03:55 GMT
server: ESF
date: Sun, 26 Sep 2021 12:03:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Sep 2021 12:03:55 GMT

GET
H2 200 theme.scss.css
cdn.shopify.com/s/files/1/1829/5133/t/6/assets/ 200 KB
29 KB 41ms
8ms Stylesheet
text/css 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/theme.scss.css?v=16878488740419818580

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

cc2ff6d4fb51b6eed4c40181a00b09b841c0930ee87875901028f7828e2e84cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 28911
x-xss-protection: 1; mode=block
x-request-id: 234ebd8e105c5f1418a12f5008aa63ee11300d92d10aa7138225a2b82b5bf8eb
x-served-by: cache-lga21983-LGA, cache-fra19126-FRA
last-modified: Thu, 23 Sep 2021 11:31:33 GMT
server: cache-fra19126-FRA
x-timer: S1632657836.790246,VS0,VE1
date: Sun, 26 Sep 2021 12:03:55 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Fri, 23 Sep 2022 11:31:33 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/theme.scss.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 9 KB
3 KB 23ms
8ms Script
application/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19138-FRA /

Resource Hash

a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.heroinsupport.org/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 2777
x-xss-protection: 1; mode=block
x-request-id: c5a8ce1e8d107bb348dc00b88be01a75e5e8c947aa56e8dfc89fd1758cf0c02a
x-served-by: cache-lga21965-LGA, cache-fra19138-FRA
last-modified: Tue, 18 May 2021 19:26:10 GMT
server: cache-fra19138-FRA
x-timer: S1632657836.939579,VS0,VE0
date: Sun, 26 Sep 2021 12:03:55 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:39:00 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js>; rel="canonical"
x-cache-hits: 103498, 1214963

GET
H2 200 storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/ 49 KB
17 KB 23ms
8ms Script
application/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19138-FRA /

Resource Hash

b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.heroinsupport.org/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 17353
x-xss-protection: 1; mode=block
x-request-id: 789a2ac5a0d6214cd70baa58cd2e4e808c1a2580bec4d949d047b04730e4ea7c
x-served-by: cache-lga21930-LGA, cache-fra19138-FRA
last-modified: Mon, 01 Feb 2021 19:33:42 GMT
server: cache-fra19138-FRA
x-timer: S1632657836.939684,VS0,VE0
date: Sun, 26 Sep 2021 12:03:55 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:41:01 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js>; rel="canonical"
x-cache-hits: 914188, 541133

GET
H2 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 37 KB
12 KB 7ms
7ms Script
application/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19138-FRA /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.heroinsupport.org/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 12298
x-xss-protection: 1; mode=block
x-request-id: 9afac9a5e5286609aca2a697173afab24744c27d74b0150ced39f48507d847b6
x-served-by: cache-lga21964-LGA, cache-fra19138-FRA
last-modified: Fri, 16 Oct 2020 15:31:32 GMT
server: cache-fra19138-FRA
x-timer: S1632657836.073173,VS0,VE0
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 10 Jun 2022 05:37:37 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
x-cache-hits: 325724, 1195673

GET
H2 200 bold-upsell.css
cdn.shopify.com/s/files/1/1829/5133/t/6/assets/ 19 KB
4 KB 7ms
7ms Stylesheet
text/css 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/bold-upsell.css?v=5191588650560232271

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

0bd9f0e659d439ddbdfb4b1f7f176a307ba7a23a8fbcae43a56edc9b54ab0e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 3479
x-xss-protection: 1; mode=block
x-request-id: ae3870f678a6cbfad583a29591138abf516387a01a1d2f8f280053669a0a14f0
x-served-by: cache-lga21972-LGA, cache-fra19126-FRA
last-modified: Mon, 23 Dec 2019 19:28:30 GMT
server: cache-fra19126-FRA
x-timer: S1632657836.924934,VS0,VE0
date: Sun, 26 Sep 2021 12:03:55 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Fri, 16 Sep 2022 10:25:20 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/bold-upsell.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 404 bold-upsell-custom.css
cdn.shopify.com/s/files/1/1829/5133/t/6/assets/ 0
0 146ms
146ms Stylesheet
text/html 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/bold-upsell-custom.css?866
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
588 B 40ms
7ms Script
text/javascript 2a04:4e42:800::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1035430
detected-user-agent: Chrome/93.0.4577
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Tue, 14 Sep 2021 11:57:11 GMT
date: Sun, 26 Sep 2021 12:03:55 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/93.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 shipping-bars-v1-58b51d48a14c6b29ccba023196a193c68f9842a13cac717939c303e3b1460481.js Show response
shipping-bar-cdn.shopstorm.com/assets/app/ 106 KB
36 KB 67ms
7ms Script
application/javascript 2600:9000:21f3:7c00:1f:123e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shipping-bar-cdn.shopstorm.com/assets/app/shipping-bars-v1-58b51d48a14c6b29ccba023196a193c68f9842a13cac717939c303e3b1460481.js?shop=heroin-support.myshopify.com

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7c00:1f:123e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

58b51d48a14c6b29ccba023196a193c68f9842a13cac717939c303e3b1460481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jul 2017 22:33:53 GMT
server: Cowboy
age: 27756
date: Sun, 26 Sep 2021 04:51:58 GMT
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
content-encoding: gzip
content-length: 36697
x-amz-cf-id: nvnAnjOWcpdV00UtX8t3EMmSa7w2HFw4zldLYSMJ51JqvB_I1CEOWg==

GET
H2 200 tokshop.v3.js Show response
cdn.getvop.com/ 1 KB
1 KB 59ms
15ms Script
text/javascript 2606:4700:10::6816:21ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getvop.com/tokshop.v3.js
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8564742cdf60a4bf929217d69c74ee2ed690981d29c1edfa414ba66f79792846

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3170
x-guploader-uploadid: ABg5-UwnudgmJJVmcWkjreSapLafGR0K8-ENmYyS9EYQBoI5lPSIGrAjqAy4PCx-mTwt9re4qIOwCTIT6Zw66poH7fX3U_F_Fg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Thu, 17 Dec 2020 12:45:02 GMT
server: cloudflare
etag: W/"086ba7620d687c2a9cdcd8d5cbc293b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=WrlWiQ==, md5=CGunYg1ofCqc3NjVy8KTtQ==
x-goog-generation: 1608209102221578
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 1379
cf-ray: 694c5a13e92c4e2c-FRA
expires: Sun, 26 Sep 2021 12:11:06 GMT

GET
H2 200 shopify-secure-badge-light-shadow.png
cdn.shopify.com/s/images/badges/ 2 KB
2 KB 12ms
9ms Image
image/webp 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/images/badges/shopify-secure-badge-light-shadow.png

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

e129bfd0ccdfe0e85ff3894a24ab3746247ec2024c8f413d37e36403e5f42849

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 1572
x-xss-protection: 1; mode=block
x-request-id: 804a3ee935ccebb7e086d1cc28ff57e7b5b9f40b2a709c0f8153ebe60073b9c6
x-served-by: cache-lga21979-LGA, cache-fra19126-FRA
last-modified: Thu, 05 Aug 2021 07:05:09 GMT
server: cache-fra19126-FRA
x-timer: S1632657836.107952,VS0,VE0
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 05 Aug 2022 07:05:09 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/images/badges/shopify-secure-badge-light-shadow.png>; rel="canonical"
x-cache-hits: 4, 3

GET
H2 200 vendor.js Show response
cdn.shopify.com/s/files/1/1829/5133/t/6/assets/ 211 KB
62 KB 10ms
10ms Script
application/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/vendor.js?v=1427199353432223473

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

14a2f762fa3691ca4f808cf9ac6372709633894fcee69df1bf0841882d0cbacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 63596
x-xss-protection: 1; mode=block
x-request-id: cbc78719be9157732569b816ba24bca31a62cbf30f0a88cd40bb501498e29235
x-served-by: cache-lga21972-LGA, cache-fra19126-FRA
last-modified: Fri, 13 Dec 2019 16:31:46 GMT
server: cache-fra19126-FRA
x-timer: S1632657836.980416,VS0,VE2
date: Sun, 26 Sep 2021 12:03:55 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 23 Sep 2022 11:08:00 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/vendor.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/themes_support/ 9 KB
4 KB 7ms
7ms Script
application/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f.js

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
edge-cache-tag: mime-application/javascript,source-GcsBackend,segment2-104,segment4-26755,revision-dcc7fde3526707fd0500f2cd27f250b40a46b3d2,cdn-shopify-com-shopifycloud-shopify-assets-themes_support-option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0d
x-cache: HIT, HIT
content-length: 2748
x-xss-protection: 1; mode=block
x-request-id: 96fb0624571cad316315bbfcbbee2e51fe405e663a73a9e6f54efe52f3fc7e0c
x-served-by: cache-lga21926-LGA, cache-fra19126-FRA
last-modified: Fri, 16 Oct 2020 15:50:09 GMT
server: cache-fra19126-FRA
x-timer: S1632657836.001991,VS0,VE0
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 11 May 2022 21:58:18 GMT
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f.js>; rel="canonical"
x-cache-hits: 10748, 20934

GET
H2 200 theme.js Show response
cdn.shopify.com/s/files/1/1829/5133/t/6/assets/ 73 KB
20 KB 10ms
9ms Script
application/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/theme.js?v=10555305834456641103

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

8f292ce01da628e3a300fdf9f67b7a90f842bffd9afe2a0686d0198667624754

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 19732
x-xss-protection: 1; mode=block
x-request-id: acbca19e72a4324a4e4569f4fa33061ddab6bf7fcfeff453139215b56e056f3d
x-served-by: cache-lga21941-LGA, cache-fra19126-FRA
last-modified: Thu, 28 Jan 2021 17:20:50 GMT
server: cache-fra19126-FRA
x-timer: S1632657836.010917,VS0,VE2
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 09 Sep 2022 17:10:00 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/theme.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 main.min.js Show response
cdn.codeblackbelt.com/js/modules/shipping-rates-calculator-plus/ 235 KB
68 KB 532ms
490ms Script
application/javascript 2606:4700:3033::ac43:9cd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.codeblackbelt.com/js/modules/shipping-rates-calculator-plus/main.min.js?shop=heroin-support.myshopify.com
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9cd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10fc9972aee852e4c7d4badb5f5b0767452bafa6c2a1ebadf9aa74a7bf0f58ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 24 Sep 2021 07:21:44 GMT
server: cloudflare
etag: W/"3ad2d-5ccb899723200-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruZpsAdq349fjyvcH55tJXUnggnb%2BIjV%2Bin1XVmpYXvkwYL5V6kLbPU1k8IrnHxYGbaV8Y8s2c853Vldpc5jFM4xoPK7Unux%2FnRn%2Bi%2B%2BAY6r7snqvEYZyJ0OHYrHd5s74oZF8plIfWbWaOXhpuzyBKPZ9pM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 694c5a13ebc068e5-FRA
expires: Sun, 26 Sep 2021 13:03:56 GMT

GET
H2 200 handlebars.min.js Show response
cdn.shopify.com/s/files/1/1829/5133/t/6/assets/ 45 KB
13 KB 9ms
8ms Script
application/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/handlebars.min.js?v=7904446995236839729

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

d0f387e5f3411a35691da3e37847ccfaf180043c63e8cfd59097191158b9923d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 13216
x-xss-protection: 1; mode=block
x-request-id: a9dc8a78cd0b03a7011e48fc2cd68d09c291ee5daf5e71c9f9bad0e35572e598
x-served-by: cache-lga21944-LGA, cache-fra19126-FRA
last-modified: Fri, 13 Dec 2019 16:31:18 GMT
server: cache-fra19126-FRA
x-timer: S1632657836.023699,VS0,VE1
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 23 Sep 2022 11:31:33 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/handlebars.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 ajax-cart.js Show response
cdn.shopify.com/s/files/1/1829/5133/t/6/assets/ 15 KB
5 KB 9ms
9ms Script
application/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/ajax-cart.js?v=12284659985494660211

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

f3275ef137c8d178daa5c1c0881087e75879e162e7d7e1543b5ab3a487059c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 4228
x-xss-protection: 1; mode=block
x-request-id: 73db57704f0b405f4ab80150f96eb487b406d041c7a86b35cab69b13614f537c
x-served-by: cache-lga21951-LGA, cache-fra19126-FRA
last-modified: Fri, 13 Dec 2019 19:32:24 GMT
server: cache-fra19126-FRA
x-timer: S1632657836.037660,VS0,VE1
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 23 Sep 2022 11:31:33 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/ajax-cart.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2

200

render.37e3a46cca72f53ace00.js Show response
widget-v4.tidiochat.com/1_77_0/static/js/
Redirect Chain

https://code.tidio.co/oj3uxtszkjlt73hcve3wqqkuq2gr7gqg.js
https://widget-v4.tidiochat.com/1_77_0/static/js/render.37e3a46cca72f53ace00.js

17 KB
6 KB

37ms
16ms

Script
application/javascript

2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_77_0/static/js/render.37e3a46cca72f53ace00.js
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5730b5cda06e0b6d7a3e954013e065c8db99ab4a1d4cb537523e6e0e291ac88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Sep 2021 12:54:02 GMT
server: cloudflare
age: 3975
etag: W/"61433e6a-4308"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cbFXDIOY9TddRlRO%2BEBOTUMXlEqi4JxhWevoHTLPEZJ1p1ni3WZWESBTZNaympD7rYIAZkeCdn%2BLknN8XxlOZbsRnNpMaE7X4VZm0nLCIgkdf%2FAeQ0zt8Tzry2p6i%2B4LaOmkJhjsxwkeIR9V5%2Bd8AF%2F%2BGQ9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 694c5a1478e94aaa-FRA

Redirect headers

date: Sun, 26 Sep 2021 12:03:56 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyM1GjYL%2FzhQFQYPYGCFxnmQ8z%2BUmhV%2BO%2FAkKhBUl2rA%2FcClOn%2BY%2FfSU7IBMSkM73TYmXFzYzRSirLa7JvBQ4l5YL518SKlcW4nA4H%2B7NTmrpcJjtOBduM2m8uFtHf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://widget-v4.tidiochat.com/1_77_0/static/js/render.37e3a46cca72f53ace00.js
cache-control: private, no-cache, no-store, must-revalidate
cf-ray: 694c5a13ca544e49-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 27ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f5aeb7e0748cabfd8bf5701db0d1304a405e7482fdd16be77d7c431c1d5549e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://shop.heroinsupport.org/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: nY7ZIvc0a7CQyMs7RA+qZg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: a06db6aFPTpUibltbg40+eY4b3gWvukZKqNeOkWjm9aDZ3u5MpBR5mmFfMG98o9zdRt2m44D+zueGfsAscPjZA==
x-fb-trip-id: 686109401
x-fb-content-md5: 85932577ee90b1a71c059ffe0044d240
x-frame-options: DENY
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "eee8e8324199e5d77f8456316864fdae"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 26 Sep 2021 12:14:44 GMT

GET
H2 200 loox.1548877982446.js Show response
loox.io/widget/41WyTkej7L/ 24 KB
11 KB 62ms
28ms Script
application/javascript 2606:4700:20::ac43:498a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loox.io/widget/41WyTkej7L/loox.1548877982446.js?shop=heroin-support.myshopify.com
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:498a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: aed0b9a65b8d5279476552f4fd56e97b4af722cde229a849ef40da6ff5055eb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Sep 2021 03:44:46 GMT
server: cloudflare
age: 81223
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXLPnE0qIrO6AsKzDvNCYNNJTZEr4UqwODhHvEAHKhj%2BKslI2O4ED0OfPEJF%2BDzwGr1sZxYFOg3PQGpB5dQLfEmVbHc3b4rXWFR%2FRj4%2Bo2NY5evGLDgF96d3H2EOg8g9ou2zknI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=129600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 694c5a13da806919-FRA
expires: Sat, 25 Sep 2021 15:44:46 GMT

GET
H/1.1 200
OK javascript Show response
upsell-now.herokuapp.com/widget/ 69 KB
19 KB 437ms
114ms Script
text/javascript 54.146.248.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://upsell-now.herokuapp.com/widget/javascript?shop=heroin-support.myshopify.com

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.146.248.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-146-248-82.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

0a82438b2cf140e255e0b15311c920d5321f451e5808b88a735ccfac357ea6d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 12:03:55 GMT
Access-Control-Request-Method: *
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
P3p: CP="Not used"
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding, Origin
X-Xss-Protection: 1; mode=block
X-Request-Id: baf1d45f-5b7e-4de4-9ab5-547a12d3d0fd
X-Runtime: 0.009309
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
Etag: W/"0a82438b2cf140e255e0b15311c920d5"
X-Download-Options: noopen
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Content-Type: text/javascript; charset=utf-8
Via: 1.1 vegur
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:11:30 GMT
x-content-type-options: nosniff
age: 507146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 15:11:30 GMT

GET
H2 200 loader.js Show response
sdk.loyaltylion.net/static/2/ 107 KB
30 KB 45ms
8ms Script
application/javascript 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.loyaltylion.net/static/2/loader.js?t=2021826
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da1c287941508f498be1e1e5bf496c33903f50d6957601d2916d3eee7193f150

Request headers

Referer: https://shop.heroinsupport.org/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:00:08 GMT
content-encoding: br
vary: Access-Control-Request-Headers,Access-Control-Request-Method
age: 229
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 30539
access-control-allow-origin: *
last-modified: Thu, 23 Sep 2021 10:59:06 GMT
server: AmazonS3
etag: "5b3d76bf384395530a772277dd282cfb"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: max-age=1200, s-maxage=300, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: Y3ucTsmfN1MMJb_vcywO_S_n4xxzvX93RfIpyCPw7L83D8y0W9KmWg==

GET
H2 200 10ae7214d54e1b979cb9cd71007778b1.js Show response
sdk.loyaltylion.net/sdk/start/ 738 B
1 KB 73ms
36ms Script
text/javascript 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.loyaltylion.net/sdk/start/10ae7214d54e1b979cb9cd71007778b1.js?t=202182612
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: nginx/1.17.10 /
Resource Hash: c818f6481b35791f79fb6da8dcf6512072ffe6348288cb81ea751d2afbcbd0c9

Request headers

Referer: https://shop.heroinsupport.org/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-edge-origin-shield-skipped: 0
etag: W/"2e2-QM16io8GFWYK+CtIB5Y77wS1gy4"
x-cache-status: STALE
x-dns-prefetch-control: off
x-cache: RefreshHit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=60, must-revalidate
x-amz-cf-pop: FRA2-C1
content-length: 738
x-amz-cf-id: js_9cdVpozv53dCNp02D1-ibxI2zU2XDr02GICvLyc3ul_GpyC3FlA==

GET
H2 200 hotjar-1386773.js Show response
static.hotjar.com/c/ 4 KB
2 KB 60ms
37ms Script
application/javascript 13.225.78.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1386773.js?sv=6

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-103.fra2.r.cloudfront.net

Software

Resource Hash

29be6d58cf6508078cb4f19205d49b11c933f94113097ea1478b6b405d8c732c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-edge-origin-shield-skipped: 0
etag: W/2fee899218e8ea9196581641e694a2a6
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA2-C2
content-length: 1892
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
x-amz-cf-id: OX6GCVhnlUT4kzBpTbSfe_5wf4lv1XlWiT_l0-A8i0MWSIl9g2fg2Q==

GET
H2 200 trekkie.storefront.7850eecc9b14960c103b685bb9e219861b94e38c.min.js Show response
cdn.shopify.com/s/ 77 KB
16 KB 12ms
11ms Script
application/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.7850eecc9b14960c103b685bb9e219861b94e38c.min.js

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

c8ccd698ffa33f43b86a2996de1c7248e15d740752669ae6b489ca49f3193e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 15898
x-xss-protection: 1; mode=block
x-request-id: cd6f9deade95b0f51c7e147efeb0761b3efd539cfb2af4c8a37929937fdd806e
x-served-by: cache-lga21923-LGA, cache-fra19126-FRA
last-modified: Fri, 24 Sep 2021 12:22:22 GMT
server: cache-fra19126-FRA
x-timer: S1632657836.107994,VS0,VE0
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 24 Sep 2022 12:23:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.7850eecc9b14960c103b685bb9e219861b94e38c.min.js>; rel="canonical"
x-cache-hits: 1, 96900

GET
H2 200 shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 8 KB
3 KB 11ms
11ms Script
application/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 2598
x-xss-protection: 1; mode=block
x-request-id: 294e4b48991eb830a2fdf0e273977131b81823e590670d3084c7fab152aaca50
x-served-by: cache-lga21976-LGA, cache-fra19126-FRA
server: cache-fra19126-FRA
x-timer: S1632657836.108061,VS0,VE0
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js>; rel="canonical"
x-cache-hits: 1, 107693

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f5aeb7e0748cabfd8bf5701db0d1304a405e7482fdd16be77d7c431c1d5549e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: nY7ZIvc0a7CQyMs7RA+qZg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: a06db6aFPTpUibltbg40+eY4b3gWvukZKqNeOkWjm9aDZ3u5MpBR5mmFfMG98o9zdRt2m44D+zueGfsAscPjZA==
x-fb-trip-id: 686109401
x-fb-content-md5: 85932577ee90b1a71c059ffe0044d240
x-frame-options: DENY
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "eee8e8324199e5d77f8456316864fdae"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 26 Sep 2021 12:14:44 GMT

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cd3a1579ab234f0c391ea71a582bbad4c1195ad475844a0a42d813670745c27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 20ms
15ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 08:57:05 GMT
x-content-type-options: nosniff
age: 356811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 08:57:05 GMT

GET
H2 200 icons.woff
cdn.shopify.com/s/files/1/1829/5133/t/6/assets/ 11 KB
12 KB 11ms
10ms Font
font/woff2 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/icons.woff?v=1400463814289820741

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/theme.scss.css?v=16878488740419818580

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19138-FRA /

Resource Hash

4f5c6f22e373fd36a53ddf9cc3b80cb17a524dc6cd6053cd7090f835bd02acec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/theme.scss.css?v=16878488740419818580
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: proxied_with_processing
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
content-length: 11120
x-xss-protection: 1; mode=block
x-request-id: 5c25fe8fa70fc6ae84f91af51c4db77b13b800f6e65fff4a1b980bc7579b6a19
x-served-by: cache-lga21950-LGA, cache-fra19138-FRA
last-modified: Thu, 16 Sep 2021 07:33:04 GMT
server: cache-fra19138-FRA
x-timer: S1632657836.112140,VS0,VE1
date: Sun, 26 Sep 2021 12:03:56 GMT
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: font/woff2
access-control-allow-origin: *
expires: Fri, 16 Sep 2022 07:33:04 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/icons.woff>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8Jpg.woff2
fonts.gstatic.com/s/worksans/v11/ 18 KB
18 KB 24ms
19ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v11/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8Jpg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1973c565452586f0755b4195cbb55355daea22cec3549dbc41460a4452802ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 07:12:20 GMT
x-content-type-options: nosniff
age: 535896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18568
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 17:41:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 07:12:20 GMT

GET
H2 200 polyfill.min.js
polyfill.io/v3/ 101 B
167 B 27ms
27ms Other
text/javascript 2a04:4e42:800::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1035430
detected-user-agent: Chrome/93.0.4577
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Tue, 14 Sep 2021 11:57:11 GMT
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/93.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 heroin-support-fundraiser Show response
secure.givelively.org/donations/heroin-support-inc/ Frame ACC9 11 KB
4 KB 441ms
391ms Document
text/html 13.225.78.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-56.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

7078a079d289c7f5883a665801735c880d24b9dc344b071f130ce9c562d26e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: secure.givelively.org
:scheme: https
:path: /donations/heroin-support-inc/heroin-support-fundraiser
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shop.heroinsupport.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/

Response headers

content-type: text/html; charset=utf-8
server: Cowboy
date: Sun, 26 Sep 2021 12:03:56 GMT
referrer-policy: origin-when-cross-origin
etag: W/"7078a079d289c7f5883a665801735c88"
cache-control: max-age=0, private, must-revalidate
set-cookie: _give-lively_session=3Du9GMSPLMS00utt%2Bd4MdGGgDsfyEkmHPplTu5rU99KcQ3FhwwVy3LmrAYnSgRvUoXIsggXR2wH6rHTB9Hjx5s5DGYJalk3mIR3PgtS71jVUDEbWPaScbYZleyhoGKRUxMd11RIVfxQ8qz5uw2eHBAoj%2B%2BM3iAlHnXeVyOrdzj5AW6UKa9F4iSTAtSZt%2Bt7ebxpeaz5egcMQUl8%2FQjlcaHrbRrr26dAafozZrsKyXuJ1KewlLpx%2FplAplCDc9Khkl%2FCK7Q5xNX%2B%2FIhJMrLAWckCKYw1e6KquakQ6wA%3D%3D--UUoIf0zU%2F19%2BvZMd--8yku4jezTKSg38f2wXp3Kw%3D%3D; domain=.givelively.org; path=/; secure; HttpOnly
x-request-id: 4e3f60ad-be59-44fd-bac9-d0ebb2406667
vary: Accept-Encoding, Origin
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: fRSfdWaqZ74SF-yZfn7YKG83p0nuBf88HZAGLZGjhC1VqJpJz8cZcQ==

GET
H2 200 heroin-support-inc.js Show response
secure.givelively.org/widgets/branded_donation/ 117 KB
38 KB 483ms
453ms Script
text/javascript 13.225.78.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.givelively.org/widgets/branded_donation/heroin-support-inc.js

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-56.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

d27775eeff3a9b98f619819b8e0399e69a408034c4534bd5baf573506fe75c6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:55 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin
server: Cowboy
x-edge-origin-shield-skipped: 0
etag: W/"d27775eeff3a9b98f619819b8e0399e6"
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 vegur, 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-pop: FRA2-C2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: KoirroQAF-I_bCPVwEwV2AbUJHOvgRyLJfOQ_2XiFggQ56rgHFXHSg==
x-request-id: 3bb0908b-fefb-4683-bbb6-92772845f65a

GET
H2 200 /
shop.heroinsupport.org/ 57 KB
57 KB 143ms
142ms Image
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shop.heroinsupport.org/

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /
pragma: no-cache
cookie: secure_customer_sig=; cart_currency=USD; _shopify_evids=pv%3D4729030e72e01c3ead05082cf7c3cef0fba16def01e6c7b049e4793dc4a85808; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding: br
vary: Accept
x-permitted-cross-domain-policies: none
x-shopify-request-trackable: false
content-type: text/html; charset=utf-8
x-alternate-cache-key: cacheable:b28af7faf51c491cf25c484959cdcb77
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
x-shopid: 18295133
x-frame-options: DENY
content-language: en
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
date: Sun, 26 Sep 2021 12:03:56 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-cache: hit, server
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 887f132b-1d38-43ad-a1bb-021a8044e64f
x-shopify-stage: production
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-download-options: noopen
set-cookie: secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:03:56 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 10 Oct 2021 12:03:56 GMT _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:56 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:56 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:56 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:56 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
cf-ray: 694c5a140bfcd6ed-FRA
x-sorting-hat-podid: 57

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 268 KB
76 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1aa14843285ba4059f31a6429255e205

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1dc230248c5c46df04bdfc573de5bb6f98a91da775902040c2049de3303abee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://shop.heroinsupport.org/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BQEL4neEW+f7883iMm+58w==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 77574
x-fb-rlafr: 0
x-fb-debug: 35dFAkBV62E+gt0Sw7BxZ5jGDfidX7Bw/84bbjlSHKy07WC7bIWcZEL7AilVg9p3mwfeqnuOtTjRuwzKEAhRZg==
x-fb-trip-id: 686109401
x-fb-content-md5: a8d22bcb51fa161f2a3cfa444b0a9448
x-frame-options: DENY
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ecb04202d53a558fa54fa3831b115553"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 26 Sep 2022 11:45:21 GMT

GET
H2 200 embed.js Show response
cdn.getvop.com/embed/scripts/ 524 KB
152 KB 21ms
21ms Script
application/javascript 2606:4700:10::6816:21ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getvop.com/embed/scripts/embed.js
Requested by: Host: cdn.getvop.com
URL: https://cdn.getvop.com/tokshop.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c256819cffea08483c47f1421d2437f3c61529d73a1893388b50e9db68f9534

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1614739209
age: 2397
x-guploader-uploadid: ABg5-UyTkCX4pUECdOOnBmy1HBGdCx9jRd1mvi7ZnjqQUV4QjvO052yYpGTbm34LXJoQV8Dbf_OBRJvzKJdoiPxowAo
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 03 Mar 2021 02:40:50 GMT
server: cloudflare
etag: W/"c3ef70722e6f4c0e43f601d624ef2cc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=2FHeiQ==, md5=w+9wci5vTA5D9gHWJO8swQ==
x-goog-generation: 1614739249926637
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 536189
cf-ray: 694c5a1429a24e2c-FRA
expires: Sun, 26 Sep 2021 12:23:59 GMT

GET
H2 200 modules.5fe2f4f38cf4833026a9.js Show response
script.hotjar.com/ 221 KB
59 KB 28ms
8ms Script
application/javascript 13.224.193.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1386773.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-38.fra2.r.cloudfront.net

Software

Resource Hash

33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1486130
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59626
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 07:14:26 GMT
etag: "e8c5ca8d148a212696c04c37e713b2a1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: _HSZ0aXXVa5_yrdmSLDaQq-tXDUFXDnB5MrIf2qnsLAKDJ0EwUG4nQ==

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
481 B 429ms
112ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.7850eecc9b14960c103b685bb9e219861b94e38c.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://shop.heroinsupport.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 99c75508-b151-4e0a-a8ae-5e5269828535

OPTIONS
H2 200 10ae7214d54e1b979cb9cd71007778b1
sdk.loyaltylion.net/sdk/config/ Frame 0
0 40ms
40ms Preflight
text/plain 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.loyaltylion.net/sdk/config/10ae7214d54e1b979cb9cd71007778b1?build=12711&t=2021092612
Protocol: H2
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: nginx/1.17.10 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sdk-version
Origin: https://shop.heroinsupport.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/plain; charset=utf-8
content-length: 2
date: Sun, 26 Sep 2021 12:03:56 GMT
server: nginx/1.17.10
x-dns-prefetch-control: off
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-headers: Content-Type,X-Auth-Packet,X-Site-Token,X-SDK-Version
access-control-max-age: 86400
x-edge-origin-shield-skipped: 0
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-cache: Miss from cloudfront
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ADIuF0WRGqRxRpzqwbu_xUeqn5WpPN5enFT8EbIS0jXncqTRBE1MwA==

GET
H2 200 509-b143124.js Show response
sdk-static.loyaltylion.net/static/2/ 244 KB
65 KB 91ms
12ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-static.loyaltylion.net/static/2/509-b143124.js
Requested by: Host: sdk.loyaltylion.net
URL: https://sdk.loyaltylion.net/static/2/loader.js?t=2021826
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b9116b9f9aac9236cf66d2a187a8b0cd5a84e4828f06f5f9d55a7d939a6ec2fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 2151067
x-cache: Hit from cloudfront
content-length: 66437
access-control-allow-origin: *
last-modified: Wed, 01 Sep 2021 14:24:24 GMT
server: nginx
etag: "b04c9c10a356c0f63886da9f2fa39c1e"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: public, max-age=31536000, immutable
cache: HIT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-cached-since: 2021-09-26T11:57:45+00:00
x-amz-cf-id: aMmTFLNq4JtyAR4s1iHUM3o09O0tGvmustpqYmfc8VqR5H8l-x_-Ug==

GET
H2 200 239-40b14e5.js Show response
sdk-static.loyaltylion.net/static/2/ 201 KB
37 KB 99ms
20ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-static.loyaltylion.net/static/2/239-40b14e5.js
Requested by: Host: sdk.loyaltylion.net
URL: https://sdk.loyaltylion.net/static/2/loader.js?t=2021826
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0191364dfecae2fea3d891eda93691591e5fd626b7a50c64485af794ecac174d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 262706
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 37445
access-control-allow-origin: *
last-modified: Thu, 23 Sep 2021 10:56:43 GMT
server: nginx
etag: "a029f425169eb3f7ab4fb179ec85b77b"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: public, max-age=31536000, immutable
cache: HIT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-cached-since: 2021-09-26T11:57:44+00:00
x-amz-cf-id: NYMD_yFZ-U4EPF3zVNXBpDPtBreww54LIJ8EG4nmbL1T_6k7wZoUjw==

GET
H2 200 lion-core-76b5517.js Show response
sdk-static.loyaltylion.net/static/2/ 75 KB
19 KB 99ms
21ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-static.loyaltylion.net/static/2/lion-core-76b5517.js
Requested by: Host: sdk.loyaltylion.net
URL: https://sdk.loyaltylion.net/static/2/loader.js?t=2021826
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3d9695ce2f003681148b50cb5582955ae841ebb7e724f2337e078ab7114bd335

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 2228475
x-cache: Hit from cloudfront
content-length: 19593
access-control-allow-origin: *
last-modified: Tue, 31 Aug 2021 16:54:57 GMT
server: nginx
etag: "67dbd2c798ca54ddc2b33d28a739d512"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: public, max-age=31536000, immutable
cache: HIT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-cached-since: 2021-09-26T11:57:45+00:00
x-amz-cf-id: 2sZRYU0WhZK2lLwmVdCjpYIlGjL-gsgvMcjpLXCwquPhVcaOIDKI3A==

GET
H2 200 898-7bd107b.js Show response
sdk-static.loyaltylion.net/static/2/ 14 KB
5 KB 88ms
10ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-static.loyaltylion.net/static/2/898-7bd107b.js
Requested by: Host: sdk.loyaltylion.net
URL: https://sdk.loyaltylion.net/static/2/loader.js?t=2021826
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2f5104528e4c6516c726ba68a329645049260e71d4d17934f865c64c82f12027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 19885695
x-cache: Hit from cloudfront
content-length: 4365
access-control-allow-origin: *
last-modified: Wed, 03 Feb 2021 10:15:41 GMT
server: nginx
etag: "746818cd10a9fc6f129cdb5653b95404"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: public, max-age=31536000, immutable
cache: HIT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-cached-since: 2021-09-26T11:57:45+00:00
x-amz-cf-id: vd_Kw83VpGEgB1AezFc2OQ_2XeYBYL7NElVTs7UAiV4_7PZ4_rgxJg==

GET
H2 200 lion-app-integrated-9c68c53.js Show response
sdk-static.loyaltylion.net/static/2/ 206 KB
38 KB 98ms
20ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-static.loyaltylion.net/static/2/lion-app-integrated-9c68c53.js
Requested by: Host: sdk.loyaltylion.net
URL: https://sdk.loyaltylion.net/static/2/loader.js?t=2021826
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0b325af4971224bbc65f588b5d98e6995d83b5eee22cf171aca438225f95eca5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 262706
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 38472
access-control-allow-origin: *
last-modified: Thu, 23 Sep 2021 10:57:24 GMT
server: nginx
etag: "6c8de0e93951f9745cb8532101bda2a0"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
cache-control: public, max-age=31536000, immutable
cache: HIT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-cached-since: 2021-09-26T11:57:44+00:00
x-amz-cf-id: HXorn45S3aw5wB7pLTJTZo8BUALYgwThguFfpdpOPY9dGRlaNoZt5g==

GET
H2 200 10ae7214d54e1b979cb9cd71007778b1 Show response
sdk.loyaltylion.net/sdk/config/ 37 KB
10 KB 100ms
99ms Fetch
application/json 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.loyaltylion.net/sdk/config/10ae7214d54e1b979cb9cd71007778b1?build=12711&t=2021092612
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: nginx/1.17.10 /
Resource Hash: 08667d9358a79eb51311832d60b702b5a9587d136479439053ff027001ad9b06

Request headers

Referer: https://shop.heroinsupport.org/
X-SDK-Version: 2021-04
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: gzip
server: nginx/1.17.10
x-edge-origin-shield-skipped: 0
etag: W/"9550-PWz6tbABU2KyMf1ZmJ+Db8NqPCc"
x-cache-status: MISS
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=60, must-revalidate
x-amz-cf-pop: FRA2-C1
x-dns-prefetch-control: off
x-amz-cf-id: HRgZpvEnlQFIM1YI_yazeBjEgi8U_qSs7wD76LTB50KggwvOOXfLfw==
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)

GET
H2 200 legacy-793c586-b26c75b.css
sdk.loyaltylion.net/sdk/css/10ae7214d54e1b979cb9cd71007778b1/ 124 KB
44 KB 28ms
10ms Stylesheet
text/css 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.loyaltylion.net/sdk/css/10ae7214d54e1b979cb9cd71007778b1/legacy-793c586-b26c75b.css
Requested by: Host: sdk.loyaltylion.net
URL: https://sdk.loyaltylion.net/static/2/loader.js?t=2021826
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: nginx/1.17.10 /
Resource Hash: b813ada0501b32e29202af62613bfce2cf7c34f4381d6b45592ba5678fdd481d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 13:30:14 GMT
content-encoding: gzip
server: nginx/1.17.10
age: 81222
etag: W/"1f151-lxtaqn0AwN+npa3H3ifAxnySMJI"
x-cache-status: MISS
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: J9bfp-e28Yh50iDOxC9lZNbTaTf4HAmx1zMZ7ELg5a5buWW58DTZSw==
via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)

GET
H2 200 css
fonts.googleapis.com/ 6 KB
791 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700

Requested by

Host: sdk.loyaltylion.net
URL: https://sdk.loyaltylion.net/static/2/loader.js?t=2021826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae62dd075f4359b389158ec0ce732971da832938b5d630a24eb2e89111b00e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Sep 2021 10:12:33 GMT
server: ESF
date: Sun, 26 Sep 2021 12:03:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Sep 2021 12:03:56 GMT

OPTIONS
H/1.1 204
No Content 5322
api.getvop.com/embed/feed/ Frame 0
0 341ms
99ms Preflight 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getvop.com/embed/feed/5322?limit=10&page=1
Protocol: HTTP/1.1
Server: 54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-91-188.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://shop.heroinsupport.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Content-Length: 0
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin: https://shop.heroinsupport.org
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE,PATCH
Access-Control-Allow-Headers: content-type
Date: Sun, 26 Sep 2021 12:03:56 GMT
Via: 1.1 vegur

GET
H/1.1 200
OK 5322 Show response
api.getvop.com/embed/feed/ 2 KB
1 KB 335ms
134ms Fetch
application/json 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getvop.com/embed/feed/5322?limit=10&page=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-91-188.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

dc2f384245b27deef54568cd1558d9e28f51d9c12f921539753c9406d3dc2d75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 vegur
X-Dns-Prefetch-Control: off
Connection: keep-alive
Vary: Origin, Accept-Encoding
X-Xss-Protection: 1; mode=block
Server: Cowboy
Date: Sun, 26 Sep 2021 12:03:56 GMT
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://shop.heroinsupport.org
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true

POST
H2 200 track
sdk.loyaltylion.net/analytics/ 2 B
307 B 89ms
89ms Ping
text/plain 13.224.193.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.loyaltylion.net/analytics/track
Requested by: Host: sdk-static.loyaltylion.net
URL: https://sdk-static.loyaltylion.net/static/2/239-40b14e5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-78.fra2.r.cloudfront.net
Software: nginx/1.17.10 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
server: nginx/1.17.10
x-amz-cf-pop: FRA2-C1
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
content-length: 2
x-amz-cf-id: lNXMGfm-y85seTR7e3AVkSul1ixgiFwdq8y6v9XEEPxiqDKyqSprKA==

GET
H2 200 consent-tracking-api.js Show response
cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/ 4 KB
2 KB 6ms
6ms Script
application/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19138-FRA /

Resource Hash

895a9abb219fd2af30ad07d7ed904c321249fa5d6a7cf966e69586443ff2ebca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shop.heroinsupport.org/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 1475
x-xss-protection: 1; mode=block
x-request-id: 674b3c3d9c5f8d52bc176280672e212fcb34173af8c04f9ae6d104122b727764
x-served-by: cache-lga21957-LGA, cache-fra19138-FRA
server: cache-fra19138-FRA
x-timer: S1632657837.589769,VS0,VE0
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-cache-hits: 4, 557

GET
H2 200 session Show response
shop.app/pay/ 18 B
1 KB 200ms
157ms Fetch
application/json 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gke
p3p: CP="Not used"
content-type: application/json; charset=utf-8
access-control-allow-methods: GET, OPTIONS
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5ed68575-364b-4562-a06d-14f00a5cc823
x-runtime: 0.003257
x-robots-tag: noindex
server: cloudflare
x-frame-options: DENY
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-download-options: noopen
access-control-allow-origin: https://shop.heroinsupport.org
vary: Accept-Encoding, Accept, Origin
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 694c5a170d6d4a5b-FRA
x-sorting-hat-podid: -1
access-control-expose-headers

GET
H2 200 stylesheets-afd7172b.css
members.givelively.org/packs/css/ Frame ACC9 0
343 B 58ms
11ms Stylesheet
text/css 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/packs/css/stylesheets-afd7172b.css

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 18:37:14 GMT
server: Cowboy
age: 2355
date: Sun, 26 Sep 2021 11:24:40 GMT
x-edge-origin-shield-skipped: 0
content-type: text/css
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-length: 0
x-amz-cf-id: mgRD_WYlxF2ubWVIo-LfnMWKrWBUCGwNJBvItJ1U5G5wqxDHiKX_qA==

GET
H2 200 smart-donations-bundle-5af6bf2f.css
members.givelively.org/packs/css/ Frame ACC9 2 KB
1 KB 58ms
12ms Stylesheet
text/css 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/packs/css/smart-donations-bundle-5af6bf2f.css

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

6387fe6324a49eb8eacc7d2b71c721b70fb0cb96c5d33feed02ffbaeda9477ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 18:37:14 GMT
server: Cowboy
age: 62244
date: Sat, 25 Sep 2021 18:46:32 GMT
x-edge-origin-shield-skipped: 0
content-type: text/css
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
content-length: 733
x-amz-cf-id: GGq1getrfSA_dCFmESWT-vYa5-rkzCt2w_DvFbnp2LeW7bQJVqAlMA==

GET
H2 200 application-e96f019f1fed3806fc432b4d16ac9f53b37e205c5218b352b79393e73fda1fcf.css
members.givelively.org/assets/v2/ Frame ACC9 233 KB
35 KB 131ms
85ms Stylesheet
text/css 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/assets/v2/application-e96f019f1fed3806fc432b4d16ac9f53b37e205c5218b352b79393e73fda1fcf.css

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

366bf8696392da0b36fb41af9058184b7d11b5f53ba8856f0db16d25766c35c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Wed, 22 Sep 2021 14:59:55 GMT
server: Cowboy
age: 75267
date: Sat, 25 Sep 2021 15:09:29 GMT
x-edge-origin-shield-skipped: 0
content-type: text/css
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
content-length: 35727
x-amz-cf-id: Q3fpaLrjLyzy_eh_4Vf_WrMcyyHujDUgDD8Xct3KQDNfa8LweDd4SQ==

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame ACC9 50 KB
12 KB 42ms
22ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7055792
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: H4F50H89ZD6Z1ZKK
x-amz-id-2: GWfeT/PHLkHEdVjLRISUlBGTgwZCGautQeXGx3zkh+hlUIZ14JgwBT68pYjBBJEvt3jYNQK5to0=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QKPVVtpAEXK78A4f3JAQtYW4EaBLP3saN56aR4%2B7TzN2vhc%2BeMLTtaZoZIHjYBlF7Aw%2BnEZMq7TNidjz1KajPpYoYFvf7fE3CCYyRzpTR7cRZW5v%2BM41Dhg%2B5u4zUjCBwXjgjaddTWdL11jO9CiJ6OU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 694c5a1728fac28b-FRA

GET
H2 200 application-5c925f302c5403c68a06dceded4277a3c759eefebdfc0d6d4931889f0b3662e4.js Show response
members.givelively.org/assets/v2/ Frame ACC9 272 KB
82 KB 60ms
15ms Script
application/javascript 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/assets/v2/application-5c925f302c5403c68a06dceded4277a3c759eefebdfc0d6d4931889f0b3662e4.js

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

239a4e5173d8dee5871385d097646cfbf3527dfa09e1f363d5c1562597d895c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Thu, 02 Sep 2021 17:43:22 GMT
server: Cowboy
age: 49785
date: Sat, 25 Sep 2021 22:14:10 GMT
x-edge-origin-shield-skipped: 0
content-type: application/javascript
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
content-length: 83214
x-amz-cf-id: vkCAqisbmSD9Pya7OOMMeYhU6gSRIfqirtCeu792yQMJv4MV5CK22w==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame ACC9 254 KB
62 KB 42ms
9ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b4422b66257bf657c8f5953fc86f2a71b17882cbd8d4c73e07fdaaa9ae12f449

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
vary: Accept-Encoding
age: 83
via: 1.1 varnish
x-cache: HIT
content-length: 62554
x-amz-id-2: Yu4Z+zVK+IBJj4eSuqHsNX1DS7jgR+Ni5hi39JWJ2An1KJxReclT9Qf6LuLdnhtqfeRyptGl4zA=
x-served-by: cache-fra19156-FRA
timing-allow-origin: *
last-modified: Fri, 24 Sep 2021 20:37:45 GMT
server: AmazonS3
etag: "018f131da445b41aef11843c6f0c597f"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 79R6WA4T2MHGAEK2
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 15

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.6.3/ Frame ACC9 14 KB
5 KB 32ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.6.3/iframeResizer.contentWindow.min.js

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c45fbfc905237f16fa3644bae78d607fc6e6f6e1f62d37ea696d4cf7c1dcfeae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5755499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4677
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-3830"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2h%2FjdLYvlpzVA0OjTAvH%2F3oOMsSS32K0AZf%2BqbXt68txPBRZpMtiwqR%2FnETfISMty65iUx5XCinUSEogFAedb75v6Q4LqAkQUFMfwBGMFpTNLBmtbyrPyEkwEyRGmzmVpJrU5tAnBN23e9VBtz7AxQk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 694c5a19cc0d05b7-FRA
expires: Fri, 16 Sep 2022 12:03:57 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame ACC9 146 KB
48 KB 62ms
40ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDn7Z0DbkWJFqEs5NdeekLXvZ6a-JDGCsY&libraries=places

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

0da4d013c46f950570b4c3abae8406515e1ee17a48385094d7a4e78fc78bffd6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48658
x-xss-protection: 0
expires: Sun, 26 Sep 2021 12:33:56 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame ACC9 52 KB
21 KB 58ms
36ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f2XnTCqEZWQMuqlL5FZJ1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "640a4d1ff2f547a81ed97fb67488ed83"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-f2XnTCqEZWQMuqlL5FZJ1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Sun, 26 Sep 2021 12:03:57 GMT

GET
H2 200 smart-donations-bundle-98409d480af01fb774d7.js Show response
members.givelively.org/packs/js/ Frame ACC9 2 MB
378 KB 73ms
28ms Script
application/javascript 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/packs/js/smart-donations-bundle-98409d480af01fb774d7.js

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

4ee54ff917c539b264537d0d6f62c78484457762a6fd64ace831385744b98c9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 18:37:14 GMT
server: Cowboy
age: 62244
date: Sat, 25 Sep 2021 18:46:31 GMT
x-edge-origin-shield-skipped: 0
content-type: application/javascript
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
content-length: 385833
x-amz-cf-id: U_ppJh0pkou5_Z4_uPAWzYu23cEJc0dixAcyDf-44g1esWX7PdODpw==

GET
H2 200 application-6f4995215eabbc61ab62.js Show response
members.givelively.org/packs/js/ Frame ACC9 316 KB
86 KB 134ms
90ms Script
application/javascript 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/packs/js/application-6f4995215eabbc61ab62.js

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

9ad0dcb0dcb9d15db88513d9f0c0ca1622f34ac1ae390baa97e7edb245531bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 15:12:09 GMT
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 18:37:14 GMT
server: Cowboy
age: 75106
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-length: 87311
x-amz-cf-id: r_k6Oc8H_ITs5JhMaPduwieQWZOUMt_07kr_ICHgOPZvegAx6uqgQA==

GET
H2 200 react_rails-a502b9de2fc26da458d6.js Show response
members.givelively.org/packs/js/ Frame ACC9 1 MB
330 KB 97ms
52ms Script
application/javascript 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/packs/js/react_rails-a502b9de2fc26da458d6.js

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

9d15f5889b901db2d243c8632b5864c62577d894122903a5831cebfd3d4514bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 18:37:14 GMT
server: Cowboy
age: 62244
date: Sat, 25 Sep 2021 18:46:32 GMT
x-edge-origin-shield-skipped: 0
content-type: application/javascript
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
content-length: 337252
x-amz-cf-id: yiVLd_PrC-_KWA9dRtvXpQT_1hItMSjBnULL680-UhLriJpOviI_gA==

GET
H2 200 LiveView-98a379c4521cf97f19c1.js Show response
members.givelively.org/packs/js/sentry/ Frame ACC9 32 KB
10 KB 344ms
300ms Script
application/javascript 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/packs/js/sentry/LiveView-98a379c4521cf97f19c1.js

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

4e801382789700cb72b82146fa8947a5dc30eaed330a81b8c61756a240f28d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 18:37:14 GMT
server: Cowboy
x-edge-origin-shield-skipped: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-length: 9357
x-amz-cf-id: Zq3wdB-5LVqGYoMUayvKMAko4JyhGCjWldAj6HLzJkNvQGMX1a-qaw==

GET
H2 200 heroin-support-inc_processed_906751899988bda790b2e2754627849de23bec8dba036e6e0fa249845321235d_logo.png
images.givelively.org/nonprofits/acb73907-c7f4-452b-8067-91ffff5b0d31/logos/ Frame ACC9 79 KB
80 KB 533ms
452ms Image
image/png 13.224.193.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.givelively.org/nonprofits/acb73907-c7f4-452b-8067-91ffff5b0d31/logos/heroin-support-inc_processed_906751899988bda790b2e2754627849de23bec8dba036e6e0fa249845321235d_logo.png
Requested by: Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fad217b28b3e4434cde68e1912cd8f882ba64b29702b7b2881ae6c9a77909bb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Wed, 13 Nov 2019 21:06:24 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: "e2efeb288832c35c5e9e97530289b18c"
x-cache: Miss from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 81018
x-amz-cf-id: Thm1ys2r7IkefwD-4co05brLTv8eq6rMy2MT42NziuaFC-09RkUtxw==

GET
H3 200 cart.js Show response
shop.heroinsupport.org/ 283 B
1 KB 162ms
162ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/cart.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0035b63fc5b34bfac32f49487ad09ae908071d9cddbe3886cb54c459c75ba1d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1
:path: /cart.js
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.heroinsupport.org/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-shopid: 18295133
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:03:56 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 10 Oct 2021 12:03:56 GMT _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:56 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:56 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:56 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:56 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
x-request-id: 247db2f3-3003-422d-94d5-7cf820ca9736
cf-ray: 694c5a177d936973-FRA
x-sorting-hat-podid: 57
x-cartjs-updatedat: 0

GET
H2 200 share_button.php Show response
www.facebook.com/v5.0/plugins/ Frame F31D 43 KB
13 KB 378ms
343ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/share_button.php?app_id=2138978306124091&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df155df5e9f980c4%26domain%3Dshop.heroinsupport.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshop.heroinsupport.org%252Ff15654bd80aa3fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fheroinsupport&layout=button_count&locale=en_US&sdk=joey&width=200

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1aa14843285ba4059f31a6429255e205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

449232f007b4a1ff43a4d373f64e02d7751043f75e2840255a199e97b19ba137

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v5.0/plugins/share_button.php?app_id=2138978306124091&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df155df5e9f980c4%26domain%3Dshop.heroinsupport.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshop.heroinsupport.org%252Ff15654bd80aa3fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fheroinsupport&layout=button_count&locale=en_US&sdk=joey&width=200
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shop.heroinsupport.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v5.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: z9k2Yz+ChKaB/ahsP2lGvgZvyFlPX+eGN+BkgeyxyDG10+12SIZswEM6yhSt4zG/pgPih/yv3mkFqnUeqQc0aQ==
date: Sun, 26 Sep 2021 12:03:57 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/v5.0/plugins/ Frame 3E2E 0
2 KB 56ms
28ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/like.php?action=like&app_id=2138978306124091&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ad64b3751032c%26domain%3Dshop.heroinsupport.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshop.heroinsupport.org%252Ff15654bd80aa3fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fheroinsupport&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=200

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1aa14843285ba4059f31a6429255e205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v5.0/plugins/like.php?action=like&app_id=2138978306124091&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ad64b3751032c%26domain%3Dshop.heroinsupport.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshop.heroinsupport.org%252Ff15654bd80aa3fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fheroinsupport&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=200
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shop.heroinsupport.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: EA/2rbMmlZtQE2WkCFmR65zlp5+3RnHmsfGROMu+kh40OvStvy0YZj77HQrBI+yxoGNnJZ1IjA+XqK0doCpRyQ==
content-length: 0
date: Sun, 26 Sep 2021 12:03:56 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3 200 cart.js Show response
shop.heroinsupport.org/ 283 B
1 KB 151ms
151ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/cart.js?_tmp=610020754219

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

951ff965496e99c06f1008bff464db635507aca6331c539f5e3157acbc03b5dc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /cart.js?_tmp=610020754219
pragma: no-cache
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-shopid: 18295133
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:03:56 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 10 Oct 2021 12:03:56 GMT _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:56 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:56 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:56 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:56 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
x-request-id: d7d90b65-e4a5-49ae-abd0-7d890ca6a355
cf-ray: 694c5a17ce636973-FRA
x-sorting-hat-podid: 57
x-cartjs-updatedat: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.7850eecc9b14960c103b685bb9e219861b94e38c.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: wCGH8kHe7nHWO9C/jprlMR7my8xM/snZiTF0xv/ET88A2ayme1UdpjEYgg7S0Vjhy8URkUJRyZIkOvmcxxEIUg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 26 Sep 2021 12:03:56 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 45ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.7850eecc9b14960c103b685bb9e219861b94e38c.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4316
date: Sun, 26 Sep 2021 10:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 26 Sep 2021 12:52:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
831 B 166ms
115ms Script
application/javascript 2a02:26f0:6c00:28f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.7850eecc9b14960c103b685bb9e219861b94e38c.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9d0435f3f104dce3eff274120f3ebca0377cb5141c0f284d310ddd01b7886d86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "348fca81ce53c499dbe0d4b8a7a54ae9"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 4ba0d80f-2.16.186.213
accept-ranges: bytes
content-length: 584
access-control-expose-headers: X-CDN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 68ms
31ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-819916235

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.7850eecc9b14960c103b685bb9e219861b94e38c.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c637f0c8062fe1c86cac3c5993e7d16bb1ecba387172c226db10b12f90c2ace8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39082
x-xss-protection: 0
expires: Sun, 26 Sep 2021 12:03:56 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 01:22:16 GMT
x-content-type-options: nosniff
age: 470500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 01:22:16 GMT

GET
H2 200 LogoNew_1024x.png
cdn.shopify.com/s/files/1/1829/5133/files/ 30 KB
31 KB 92ms
90ms Image
image/webp 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1829/5133/files/LogoNew_1024x.png?v=1576264958

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

7c836c93602924dfacf07700127739a53276fc8990f8f249dae2fd58a8614ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
content-length: 30664
x-xss-protection: 1; mode=block
x-request-id: b61ced8f2b14a7f515351a3819158952b0ed1143b566f518217b75e1c43ebf30
x-served-by: cache-lga21933-LGA, cache-fra19126-FRA
last-modified: Fri, 17 Sep 2021 16:42:39 GMT
server: cache-fra19126-FRA
x-timer: S1632657837.802383,VS0,VE82
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 17 Sep 2022 16:42:39 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1829/5133/files/LogoNew_1024x.png>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 wristStigma.jpg
cdn.shopify.com/s/files/1/1829/5133/collections/ 88 KB
89 KB 106ms
104ms Image
image/webp 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1829/5133/collections/wristStigma.jpg?v=1512151240

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

6276641b212758687bcb0c80c79dd665f1fb4542019d757ca034bfd711f2df91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: header_generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
content-length: 90328
x-xss-protection: 1; mode=block
x-request-id: bafd18904253de7361d205bcb0a18f20522ef53aeb91472209261ba3f4095018
x-served-by: cache-lga21924-LGA, cache-fra19126-FRA
last-modified: Thu, 09 Sep 2021 08:15:50 GMT
server: cache-fra19126-FRA
x-timer: S1632657837.803578,VS0,VE96
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 09 Sep 2022 08:15:50 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1829/5133/collections/wristStigma.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 2019-12-19_21.34.31-1440x1080-1024x768-640x480.jpg
cdn.shopify.com/s/files/1/1829/5133/products/ 72 KB
73 KB 99ms
96ms Image
image/webp 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1829/5133/products/2019-12-19_21.34.31-1440x1080-1024x768-640x480.jpg?v=1590163140

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

4058e2480cac6a0509fb74a0e6557ba24d5de55d4de1914d5be0f5d382f25402

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: header_generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
content-length: 73792
x-xss-protection: 1; mode=block
x-request-id: c9c2d4f4aea659aa8090f4879747fc9adeff1eccc3d1178254135edf68005684
x-served-by: cache-lga21963-LGA, cache-fra19126-FRA
last-modified: Sat, 18 Sep 2021 08:43:17 GMT
server: cache-fra19126-FRA
x-timer: S1632657837.804455,VS0,VE88
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 18 Sep 2022 08:43:17 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1829/5133/products/2019-12-19_21.34.31-1440x1080-1024x768-640x480.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 giftLarosa.jpg
cdn.shopify.com/s/files/1/1829/5133/collections/ 17 KB
18 KB 94ms
90ms Image
image/jpeg 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1829/5133/collections/giftLarosa.jpg?v=1511105780

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

11ba4ab958e245b5c72c2da95f5c81a8fd305094e627f51211a9e7a88f665e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: header_generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
content-length: 17780
x-xss-protection: 1; mode=block
x-request-id: 25551a947a8cd7565da925729aa7f02422191c735a9508fe097620ff0d5f828f
x-served-by: cache-lga21930-LGA, cache-fra19126-FRA
last-modified: Thu, 16 Sep 2021 23:34:27 GMT
server: cache-fra19126-FRA
x-timer: S1632657837.805203,VS0,VE81
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 16 Sep 2022 23:34:27 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1829/5133/collections/giftLarosa.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 10931.eternalflamestai_med_0.jpg
cdn.shopify.com/s/files/1/1829/5133/collections/ 6 KB
6 KB 95ms
92ms Image
image/webp 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1829/5133/collections/10931.eternalflamestai_med_0.jpg?v=1534883083

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

1c850bc198d33f7b0ec794d98eb3557fc5b3a46d3db1e5da56cbb9face202100

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: header_generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
content-length: 6260
x-xss-protection: 1; mode=block
x-request-id: 5c081bb00dde315180c3de756cd52fb59cc44a90f24513e23cabb5dec227572d
x-served-by: cache-lga21968-LGA, cache-fra19126-FRA
last-modified: Thu, 09 Sep 2021 10:13:55 GMT
server: cache-fra19126-FRA
x-timer: S1632657837.805278,VS0,VE82
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 09 Sep 2022 10:13:55 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1829/5133/collections/10931.eternalflamestai_med_0.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 shipping-rates-calculator-plus.json Show response
www.codeblackbelt.com/json/preferences/ 29 KB
10 KB 414ms
377ms XHR
application/json 2606:4700:3037::6815:20ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.codeblackbelt.com/json/preferences/shipping-rates-calculator-plus.json?shop=heroin-support.myshopify.com&activeCurrencyCode=USD&path=%2F
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:20ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dfe40731128c59d8869e69daf0ba5fa855a14fb61c5594f4121123bb6f6f903

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdcZwQ%2B13c9cRBWQRAwlkNaqUMOx1ouRbS8yZVWUUJXjOoFla0xChoWGGqS3PwKf%2Fo5S5MOc1%2Berkbgltm7FkX9znye%2Bp%2BThcBhpb%2FQUC5tFpJdZFIs70m9ohszFk95%2F1RXeIp9zrRqyuHMqE%2FeZDzKOkdw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=150
cf-ray: 694c5a1848561766-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 26 Sep 2021 12:06:26 GMT

GET
H2 200 chunk-WidgetIframe-37e3a46cca72f53ace00.js Show response
widget-v4.tidiochat.com/1_77_0/static/js/ Frame B155 343 KB
87 KB 29ms
28ms Script
application/javascript 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_77_0/static/js/chunk-WidgetIframe-37e3a46cca72f53ace00.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/oj3uxtszkjlt73hcve3wqqkuq2gr7gqg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70451f9e2fd63c36dd9534e636401b78fdcebd8e3ec240c2018499c9eadadf9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Sep 2021 12:54:45 GMT
server: cloudflare
age: 3975
etag: W/"61433e95-55aab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxhKHk54BqrCD%2Bw1Ikzvs%2F2j1u%2FgZGFVlUatzG2VbRxPBewgSOcJaKzrcO%2FNRG7pqwj3qbhcc2qIFxWOErmODnVrCh1AC%2FwBIbKN%2BDkixJVQabCDW1l1n3BxQKaFqbuZ6SgLbgJSUoEI4J7oDkg9jJ%2B7TQ7w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 694c5a182f844aaa-FRA

GET
H2 200 box-dfc01efbdc94bb0936d9a35a502b0b64.html Show response
vars.hotjar.com/ Frame 6344 2 KB
1 KB 27ms
8ms Document
text/html 13.224.193.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1386773.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-116.fra2.r.cloudfront.net
Software: /
Resource Hash: 88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shop.heroinsupport.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/

Response headers

content-type: text/html
content-length: 1044
date: Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "10714b84569172431728622d7c8098e4"
last-modified: Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: EPa6T91nNBG65lKyxFFdfWwkZCIiZAm7woOllHrFgJ2s4pVtBaqEqw==
age: 5871531

GET
H2 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 58 KB
17 KB 8ms
8ms Script
application/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

886430890562cc216ae31a8047f07542f8df8c11f9465f9b08a8dd2da529ac9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
content-length: 17388
x-xss-protection: 1; mode=block
x-request-id: 183a6c47aa2bf7f20b5acc6044990c13c6c0dc35eed5fa128362ed60aa25bc62
x-served-by: cache-lga21968-LGA, cache-fra19126-FRA
last-modified: Thu, 12 Aug 2021 17:22:53 GMT
server: cache-fra19126-FRA
x-timer: S1632657837.832091,VS0,VE0
date: Sun, 26 Sep 2021 12:03:56 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 26 Aug 2022 05:06:12 GMT
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-cache-hits: 482744, 99963

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
480 B 114ms
113ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.7850eecc9b14960c103b685bb9e219861b94e38c.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://shop.heroinsupport.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 5b8b1e7e-37ac-41fb-941a-36bfa5483226

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
480 B 115ms
114ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.7850eecc9b14960c103b685bb9e219861b94e38c.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://shop.heroinsupport.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 8363e35e-d60b-4581-a4c6-6f60c2c3de33

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
480 B 122ms
121ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.7850eecc9b14960c103b685bb9e219861b94e38c.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://shop.heroinsupport.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: b36fba02-bd5d-48c7-84be-8b28312aa305

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame B155 7 KB
7 KB 29ms
29ms Media
audio/mpeg 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1695880
Content-Range: bytes 0-7223/7224
Content-Length: 7224
pragma: public
last-modified: Thu, 26 Aug 2021 10:25:18 GMT
server: cloudflare
etag: "61276c0e-1c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqVmUppXfVxvqMu7mmnX2pQ%2Fs49SW66vSsBLbNHRpNcdcZ3aHG2HBMpQCc02q%2BozwoTULdc6%2BhWzBpm8WNIHMUBoFvq%2BZLg9eOdLtaceMnC5GKto5%2BnMcnVPk%2Bs4x0%2FnXtBIWl0FKaqVm9uDi4P6KLj6o1MB"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 694c5a18680b4aaa-FRA
expires: Mon, 20 Sep 2021 20:59:16 GMT

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
480 B 112ms
112ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.7850eecc9b14960c103b685bb9e219861b94e38c.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Sep 2021 12:03:56 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://shop.heroinsupport.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: ba66f11f-b724-4db1-bd23-f0412a9aae05

GET
H2 200 277108160136518 Show response
connect.facebook.net/signals/config/ 490 KB
144 KB 221ms
221ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/277108160136518?v=2.9.46&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef2d7b8029a2b1be7f1fb9a2ba721a823a1925749a372c18e3dc3e52000b9fc3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: I/p7Taft5DbPjBW3+WduvlO9dqq+xiwzGCr5ZZHKa0ymW3rI4RE+C3qTmeLaM044B6LohRSTPUJsDwct3BZnhA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 26 Sep 2021 12:03:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
465 B 44ms
15ms XHR
text/plain 2a00:1450:400c:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-164538769-1&cid=851805355.1632657837&jid=1918184236&gjid=1423534195&_gid=1978352179.1632657837&_u=YGBAgEABBAAAAE~&z=1541202682

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 26 Sep 2021 12:03:56 GMT
content-type: text/plain
access-control-allow-origin: https://shop.heroinsupport.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=522556080&t=pageview&_s=1&dl=https%3A%2F%2Fshop.heroinsupport.org%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Heroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABB~&jid=1918184236&gjid=1423534195&cid=851805355.1632657837&tid=UA-164538769-1&_gid=1978352179.1632657837&did=BwiEti&z=288319789

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Sep 2021 14:26:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77821
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame ACC9 149 KB
54 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMD42PZ&l=gl_dataLayer

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3391f1b5dee3c8caf3535a67139b89d390ab073b6829f11e435db89abf732092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55412
x-xss-protection: 0
expires: Sun, 26 Sep 2021 12:03:57 GMT

GET
H2 200 tags.js Show response
js.datadome.co/ Frame ACC9 233 KB
35 KB 47ms
8ms Script
text/javascript 13.225.78.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Host: members.givelively.org
URL: https://members.givelively.org/packs/js/smart-donations-bundle-98409d480af01fb774d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-46.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

dec5e5786208beaa10be7849ea723c2e1cf022781092424e6debad5690bfeb1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 11:08:36 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3321
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 35628
access-control-allow-origin: *
last-modified: Wed, 22 Sep 2021 09:08:00 GMT
server: Apache
etag: "3a29d-5cc91d9d602fc-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: Zfuoe4k1-Z5iSlflX7PegRJBDYaC92yY8foxs6OUS44uuJWIsrqFUQ==
expires: Sun, 26 Sep 2021 12:08:36 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 56ms
35ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-819916235

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

3b843d8505c200af17cdbf0a534faf3a5e6d41e67068387787984470ea717c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14160
x-xss-protection: 0
server: cafe
etag: 14207842493151788310
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Sep 2021 12:03:57 GMT

GET
H2 200 main.0fd4729b.js Show response
s.pinimg.com/ct/lib/ 54 KB
19 KB 110ms
110ms Script
application/javascript 2a02:26f0:6c00:28f::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.0fd4729b.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c86fb1ebfd671cf1a8505ef2e5fab24ff0ead66b7837f28df2076ce8ec53db64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "82bd0d21fcbdb22cebadf34c43664b62"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 4ba0da05-2.16.186.213
accept-ranges: bytes
content-length: 18904
access-control-expose-headers: X-CDN

GET
H2 200 6922843087962131717
c.getvop.com/cover_dev/ 71 KB
71 KB 420ms
402ms Image
image/jpeg 2606:4700:10::6816:21ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.getvop.com/cover_dev/6922843087962131717
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc75e668166dc38d4155d90aa3322948f7cdc419e969d1f49c98617c570907d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdudwOuA5Gom5oH5wsYSX7UvBljJ9Y9c0VCXUK_egZ-NQomKclALg8lDyxtzju5KnTTL7H-YLJSOl0asfZlJ_uw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 72411
last-modified: Thu, 28 Jan 2021 16:55:17 GMT
server: cloudflare
etag: "8e77df156b7de18a854810b2d96c005f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Hy+txg==, md5=jnffFWt94YqFSBCy2WwAXw==
x-goog-generation: 1611852917197064
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 72411
accept-ranges: bytes
cf-ray: 694c5a1a1d284e2c-FRA
expires: Sun, 26 Sep 2021 13:03:57 GMT

GET
H2 200 heroin-support-inc Show response
secure.givelively.org/donate/ Frame 790B 30 KB
8 KB 460ms
460ms Document
text/html 13.225.78.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.givelively.org/donate/heroin-support-inc?ref=sd_widget&widget_url=https%3A%2F%2Fshop.heroinsupport.org%2F&referrer_url=&show_donate_now_button=false

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/widgets/branded_donation/heroin-support-inc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-56.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

99f6935cf72f1ef19eb4e9cbfdb2863ca1d972b7a283f8bddf930b5d152d2dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: secure.givelively.org
:scheme: https
:path: /donate/heroin-support-inc?ref=sd_widget&widget_url=https%3A%2F%2Fshop.heroinsupport.org%2F&referrer_url=&show_donate_now_button=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shop.heroinsupport.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/

Response headers

content-type: text/html; charset=utf-8
server: Cowboy
date: Sun, 26 Sep 2021 12:03:56 GMT
referrer-policy: origin-when-cross-origin
etag: W/"99f6935cf72f1ef19eb4e9cbfdb2863c"
cache-control: max-age=0, private, must-revalidate
set-cookie: _give-lively_session=4SusLM43lfcEHKYTk0Xl4x1BzmW9%2FBSk03%2F%2FeKKCBklFgQQ1CqtTJncPYBFAHSh%2FIxLuRHKzeN1kW2LjZFstQNjpHmFwVdf83eZ2tuLJFvG8eTXPw1dWkIMXI1C3Xe%2FU2JtaArVR7oJSPb7amBHwzxg3CGDl7RPX859%2F1gD10Qo2qmXZNjeF%2FOEFaEGTR8lyYluwvx3GjqelPoJoGVLUsQXKbcNfGxn679ipkv1A%2FKj6iCAU5W1bQkQ%2FoOt7L4Oxv7nh%2FMi2f2oHab9huSNW7OXu6UlgFjbhvYoy5Q%3D%3D--VeTZkS%2F1rbcVDGrC--MU4V%2FKVtKRQbp2h3N0hFfg%3D%3D; domain=.givelively.org; path=/; secure; HttpOnly
x-request-id: a2576372-4859-4b8e-b810-13bab9cc62bb
vary: Accept-Encoding, Origin
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: DEs1nIRXgBtKqUnnQrqRrkrI4WZWLZPFE0zLrKxe_D8o06IVG5lgdw==

GET
H2 200 spinner.gif
secure.givelively.org/ 5 KB
5 KB 10ms
9ms Image
image/gif 13.225.78.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.givelively.org/spinner.gif
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-56.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b860f153027662f049f2b3c85112e8f94baf10132a9d72b8ac998cfad4e03d54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 06:18:29 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
last-modified: Wed, 07 Oct 2020 21:59:43 GMT
server: AmazonS3
age: 20729
etag: "560c7fd7b91c5e5507137a54f1fdbfe8"
x-edge-origin-shield-skipped: 0
content-type: image/gif
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 4918
x-amz-cf-id: GzKCJbpWI2-IhOFR4X_8SAym2PB6-gwHuQB7aAyIMWGlyF9DZD90VQ==

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1386773/ 146 B
323 B 122ms
40ms XHR
application/json 54.78.108.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1386773/visit-data?sv=6
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.108.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-108-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36

Request headers

Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/819916235/ 2 KB
1 KB 37ms
20ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/819916235/?random=1632657837186&cv=9&fst=1632657837186&num=1&label=tigeCM7M784BEMvb-4YD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DHeroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&frm=0&url=https%3A%2F%2Fshop.heroinsupport.org%2F&tiba=Heroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&auid=2011839152.1632657837&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

abf9893e86a6c646b870d1385a92fd8301c531dbfdeb6d8f9fcee1793c1b43cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1207
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/819916235/ 2 KB
2 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819916235/?random=1632657837190&cv=9&fst=1632657837190&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fshop.heroinsupport.org%2F&tiba=Heroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0aeb10cae9de65aab4cb92668b92779341a9092b0c4b251226236dfadc78a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1069
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zSKZHMh8mXU.png
www.facebook.com/rsrc.php/v3/yr/r/ Frame F31D 388 B
1 KB 7ms
6ms Image
image/png 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v5.0/plugins/share_button.php?app_id=2138978306124091&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df155df5e9f980c4%26domain%3Dshop.heroinsupport.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshop.heroinsupport.org%252Ff15654bd80aa3fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fheroinsupport&layout=button_count&locale=en_US&sdk=joey&width=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v5.0/plugins/share_button.php?app_id=2138978306124091&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df155df5e9f980c4%26domain%3Dshop.heroinsupport.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshop.heroinsupport.org%252Ff15654bd80aa3fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fheroinsupport&layout=button_count&locale=en_US&sdk=joey&width=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fb-debug: KZ+MhqJKv0XSM3VPTkDzHW4Bx/ygsEHnrC+/XTS3dmoSMzEjWcz+XTTPDF/jz1K1Rs0pd2DFsXTJ1K5n6pJNkA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
date: Wed, 22 Sep 2021 15:43:29 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 388
x-fb-rlafr: 0
expires: Thu, 22 Sep 2022 15:43:29 GMT

GET
H2 200 YGaqfkEc5AD.js Show response
www.facebook.com/rsrc.php/v3iEpO4/ys/l/en_US/ Frame F31D 513 KB
135 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/ys/l/en_US/YGaqfkEc5AD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a7eb4b0961dc2a57594a3dc38e67d916c0030a27956007ab24f06016b2e8296

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v5.0/plugins/share_button.php?app_id=2138978306124091&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df155df5e9f980c4%26domain%3Dshop.heroinsupport.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshop.heroinsupport.org%252Ff15654bd80aa3fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fheroinsupport&layout=button_count&locale=en_US&sdk=joey&width=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fb-debug: GlAW6dqfPBnKNk5gz1zMO66PBI6Vu0lb2TEu3PIDjhfsUs7f0NpnKslv6gysg010Pv+T1hFcGiBNzdlgdE33Cg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Nwv9lItgQ6CGDrZwHMsEKg==
date: Sat, 25 Sep 2021 01:26:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 137498
x-fb-rlafr: 0
expires: Sun, 25 Sep 2022 01:26:52 GMT

POST
H2 200 / Show response
api-js.datadome.co/js/ Frame ACC9 213 B
391 B 86ms
10ms XHR
application/json 18.159.15.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: members.givelively.org
URL: https://members.givelively.org/packs/js/smart-donations-bundle-98409d480af01fb774d7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.15.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-15-241.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 077f27ecf229e754258d45c5bcbf5792c4213f6418f9c60e4503fbd171b3231d

Request headers

Referer: https://secure.givelively.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:57 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 213
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
197 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=277108160136518&ev=PageView&dl=https%3A%2F%2Fshop.heroinsupport.org%2F&rl=&if=false&ts=1632657837278&sw=1600&sh=1200&v=2.9.46&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1632657837277.141929649&it=1632657836913&coo=false&eid=21fd9015-E087-472A-BF24-98817761DCCF&exp=p0&rqm=GET

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 26 Sep 2021 12:03:57 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 510 B
849 B 79ms
36ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613327200024&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1632657837282

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

ac3465c45e99cdf5cc23676b0c67fce49c648e6e3c90f30c64722367eaaf21ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.8b6656b8.1632657837.7c728f3
x-envoy-upstream-service-time: 4
x-pinterest-rid: 1435075749015057
pin-unauth: dWlkPU5UTmtOak5tTVRBdE9XTTNNaTAwTmpSakxXSmtaamd0WlRJNE1XTXpOVGxsWVdGaA
access-control-allow-origin: https://shop.heroinsupport.org
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 362
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 76ms
34ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613327200024&pd=%7B%22np%22%3A%22shopify%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fshop.heroinsupport.org%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%220fd4729b%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1632657837283

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:57 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.8b6656b8.1632657837.7c728f6
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 6042407274239207
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
576 B 79ms
37ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%7D&tid=2613327200024&pd=%7B%22np%22%3A%22shopify%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fshop.heroinsupport.org%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%220fd4729b%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1632657837284

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:57 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.8b6656b8.1632657837.7c72902
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 6265865636722149
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 cart.js Show response
shop.heroinsupport.org/ 283 B
1 KB 164ms
164ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/cart.js?_=1632657836663

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2acf06c1c75ef98f232ea8f3ce537f21e042fae2c6c0d51a65a5dca5ec5be112

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1; _shopify_sa_t=2021-09-26T12%3A03%3A56.823Z; _shopify_sa_p=; shopify_pay_redirect=pending; _ga=GA1.2.851805355.1632657837; _gid=GA1.2.1978352179.1632657837; _gat=1; _gcl_au=1.1.2011839152.1632657837; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; _fbp=fb.1.1632657837277.141929649
:path: /cart.js?_=1632657836663
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.heroinsupport.org/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-shopid: 18295133
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:03:57 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 10 Oct 2021 12:03:57 GMT _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:57 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:57 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:57 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:57 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
x-request-id: ce3f60dc-ed9e-4da0-93d3-01970fd3756c
cf-ray: 694c5a1b1f366973-FRA
x-sorting-hat-podid: 57
x-cartjs-updatedat: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame ACC9 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMD42PZ&l=gl_dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4317
date: Sun, 26 Sep 2021 10:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 26 Sep 2021 12:52:00 GMT

GET
H2 200 hotjar-1561839.js Show response
static.hotjar.com/c/ Frame ACC9 4 KB
2 KB 39ms
38ms Script
application/javascript 13.225.78.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1561839.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMD42PZ&l=gl_dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-103.fra2.r.cloudfront.net

Software

Resource Hash

65f1553074d779f5d748a0d0216f14a78f89b0bd5dc69b0e5562910950110d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-edge-origin-shield-skipped: 0
etag: W/3cb7ac1ecd22b8191448554835056030
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA2-C2
content-length: 1950
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
x-amz-cf-id: YgPGeAczCXqBER6in5ixqKBC-6xPgJgZUcaGl4S7lv7mkZg-QnfQbQ==

GET
H2 200 heap-1405745704.js Show response
cdn.heapanalytics.com/js/ Frame ACC9 102 KB
40 KB 82ms
18ms Script
application/javascript 13.225.78.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1405745704.js

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-67.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d4b2ca6ed32b07e113be48cecee742c5be39fa8354c67a542c72e463d1007336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:02:21 GMT
content-encoding: gzip
server: nginx
age: 96
etag: W/"1979f-xoNdpk0uBorANEpFpBFh4Q"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 1, 0
content-type: application/javascript; charset=utf-8
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: 4vIkCeVzbNEEY8vAh3Fuxmru3mZFUVjcAyQUzS1ezx_-0T6ZqCKvUw==

GET
H2

200

/
www.google.de/pagead/1p-conversion/819916235/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819916235/?random=119178280&cv=9&fst=1632657837186&num=1&label=tigeCM7M784BEMvb-4YD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200...
https://www.google.com/pagead/1p-conversion/819916235/?random=119178280&cv=9&fst=1632657837186&num=1&label=tigeCM7M784BEMvb-4YD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.de/pagead/1p-conversion/819916235/?random=119178280&cv=9&fst=1632657837186&num=1&label=tigeCM7M784BEMvb-4YD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...

42 B
108 B

40ms
40ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/819916235/?random=119178280&cv=9&fst=1632657837186&num=1&label=tigeCM7M784BEMvb-4YD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DHeroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&frm=0&url=https%3A%2F%2Fshop.heroinsupport.org%2F&tiba=Heroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&auid=2011839152.1632657837&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rWFQYdiJDZnH7gOhi4XwDQ&cid=CAQSKQCNIrLMpxi45Q02n5xXeZRRsUe73xTlYKC7DFWdOZ3qykOfpOgORDai&random=2777918823&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hBAkqLG1f6Mkzj5WEG4SsUUmxUFZCTYGTumoKcAkcPtqmCGg4wCdjviGF0sTCPnSLwpozlIRlbX7UD2iHoT7wyY

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/819916235/?random=119178280&cv=9&fst=1632657837186&num=1&label=tigeCM7M784BEMvb-4YD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DHeroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&frm=0&url=https%3A%2F%2Fshop.heroinsupport.org%2F&tiba=Heroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&auid=2011839152.1632657837&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=rWFQYdiJDZnH7gOhi4XwDQ&cid=CAQSKQCNIrLMpxi45Q02n5xXeZRRsUe73xTlYKC7DFWdOZ3qykOfpOgORDai&random=2777918823&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hBAkqLG1f6Mkzj5WEG4SsUUmxUFZCTYGTumoKcAkcPtqmCGg4wCdjviGF0sTCPnSLwpozlIRlbX7UD2iHoT7wyY
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/819916235/ 42 B
108 B 90ms
67ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/819916235/?random=1632657837190&cv=9&fst=1632657600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fshop.heroinsupport.org%2F&tiba=Heroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&async=1&fmt=3&is_vtc=1&random=3697897534&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/819916235/ 42 B
569 B 43ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/819916235/?random=1632657837190&cv=9&fst=1632657600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9m0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fshop.heroinsupport.org%2F&tiba=Heroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&async=1&fmt=3&is_vtc=1&random=3697897534&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame F31D 67 B
693 B 40ms
40ms Image
image/png 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1632657837199&t_start=1632657837200&t_domcontent=1632657837293&t_layout=1632657837345&t_onload=1632657837345&t_paint=1632657837345&t_creport=1632657837345&t_tti=1632657837293&lid=7012212017504091952-0

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v5.0/plugins/share_button.php?app_id=2138978306124091&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df155df5e9f980c4%26domain%3Dshop.heroinsupport.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fshop.heroinsupport.org%252Ff15654bd80aa3fc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fheroinsupport&layout=button_count&locale=en_US&sdk=joey&width=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: z+1kpEMquZMsb1LdiHzY1jbWOd3v98Sy0o7WJAe4X1Qt6XelavuuXrFtWF8x2Y/aELoR1KYI1RF8bYXcTR2tyg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 26 Sep 2021 12:03:57 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame ACC9 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 11:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 26 Sep 2021 12:33:30 GMT

GET
H2 200 widget.37e3a46cca72f53ace00.js Show response
widget-v4.tidiochat.com//1_77_0/static/js/ Frame B155 505 KB
157 KB 34ms
34ms Script
application/javascript 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//1_77_0/static/js/widget.37e3a46cca72f53ace00.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/oj3uxtszkjlt73hcve3wqqkuq2gr7gqg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16859ca0c3c2396324e5be9a2c319d322febc9f41d2742bcfe11724f05868a9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Sep 2021 12:53:41 GMT
server: cloudflare
age: 3976
etag: W/"61433e55-7e53d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fu5WQmwYm8qy%2BjC%2BPPhbHBUOmOAql9o47qjcr%2FZpUUcnYQwGG2886xKoO5NAj8%2FTRV64YFwfUzhvopqtuK2L%2Fgl4Yb%2BGuzx8EpjmRFdCnNHaZFpIKLMXd3rBKQgVBvhDhy%2BGtAZTvO5nh4V2qHD3NTk%2F01GQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 694c5a1b8deb4aaa-FRA

GET
H2 200 modules.5fe2f4f38cf4833026a9.js Show response
script.hotjar.com/ Frame ACC9 221 KB
59 KB 10ms
9ms Script
application/javascript 13.224.193.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1561839.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-38.fra2.r.cloudfront.net

Software

Resource Hash

33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1486131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59626
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 07:14:26 GMT
etag: "e8c5ca8d148a212696c04c37e713b2a1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: QCT1FwlD1G_bmgByb2WSMZ4pygnCr_Zd3__g2WOC-m_H_pmd08ATMg==

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
274 B 59ms
38ms XHR
text/plain 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:57 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.8b6656b8.1632657837.7c729e5
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1773527211244964
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 box-dfc01efbdc94bb0936d9a35a502b0b64.html Show response
vars.hotjar.com/ Frame 2F4A 2 KB
1 KB 10ms
10ms Document
text/html 13.224.193.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1561839.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-116.fra2.r.cloudfront.net
Software: /
Resource Hash: 88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.givelively.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/

Response headers

content-type: text/html
content-length: 1044
date: Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "10714b84569172431728622d7c8098e4"
last-modified: Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: FlUPf4CeWvdu9xykR_w-n0u1BXJaEgQUWMl0hNNrA5l6kYeEgPyb3A==
age: 5871532

GET
H2 200 h
heapanalytics.com/ Frame ACC9 37 B
259 B 328ms
99ms Image
image/gif 3.87.166.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1405745704&u=6131469246994859&v=7939786846690452&s=358853410209598&b=web&tv=4.0&z=0&h=%2Fdonations%2Fheroin-support-inc%2Fheroin-support-fundraiser&d=secure.givelively.org&t=Donate%20Now%20%7C%20Heroin%20Support%20Fundraiser%20by%20Heroin%20Support%20Inc%20-%20501(c)3%20Nonprofit&r=https%3A%2F%2Fshop.heroinsupport.org%2F&ts=1632657837442&st=1632657837443

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.87.166.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-87-166-65.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:57 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame B155 7 KB
7 KB 20ms
20ms Media
audio/mpeg 2606:4700:20::ac43:4703
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4703 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1695881
Content-Range: bytes 0-7223/7224
Content-Length: 7224
pragma: public
last-modified: Thu, 26 Aug 2021 10:25:18 GMT
server: cloudflare
etag: "61276c0e-1c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HASIVF%2F4e4WA8%2FQqy%2Bsx%2FgaIUma42sgtOyFKpoAbNOQ7hG%2BhU430S9nC%2BtRIpg5hFNryUZ7OHAVTt3tKeW5ocDLIq5IIls7H7Ehg0%2BIdCGCf48OB34gn3daDe3%2FmHUQrtuEC2ttFUntg1nJT69PkBALVbfed"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 694c5a1c5f744aaa-FRA
expires: Mon, 20 Sep 2021 20:59:16 GMT

GET
H2 200 stylesheets-afd7172b.css
members.givelively.org/packs/css/ Frame 790B 0
341 B 12ms
12ms Stylesheet
text/css 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/packs/css/stylesheets-afd7172b.css

Requested by

Host: secure.givelively.org
URL: https://secure.givelively.org/donate/heroin-support-inc?ref=sd_widget&widget_url=https%3A%2F%2Fshop.heroinsupport.org%2F&referrer_url=&show_donate_now_button=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 18:37:14 GMT
server: Cowboy
age: 2356
date: Sun, 26 Sep 2021 11:24:40 GMT
x-edge-origin-shield-skipped: 0
content-type: text/css
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-length: 0
x-amz-cf-id: wupGMjPPV2yXhwKzg5_ckTdlcAx6P092sqryr6Gvi8ua7E1a1fmcoQ==

GET
H2 200 smart-donations-bundle-5af6bf2f.css
members.givelively.org/packs/css/ Frame 790B 2 KB
1 KB 14ms
13ms Stylesheet
text/css 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/packs/css/smart-donations-bundle-5af6bf2f.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

6387fe6324a49eb8eacc7d2b71c721b70fb0cb96c5d33feed02ffbaeda9477ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 18:37:14 GMT
server: Cowboy
age: 62245
date: Sat, 25 Sep 2021 18:46:32 GMT
x-edge-origin-shield-skipped: 0
content-type: text/css
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
content-length: 733
x-amz-cf-id: ClsbHSXQ__2JGduQW9hIs2uS7tERT-fwl_qpWcAVmpm4eOXgQ1TASQ==

GET
H2 200 application-e96f019f1fed3806fc432b4d16ac9f53b37e205c5218b352b79393e73fda1fcf.css
members.givelively.org/assets/v2/ Frame 790B 233 KB
35 KB 12ms
10ms Stylesheet
text/css 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/assets/v2/application-e96f019f1fed3806fc432b4d16ac9f53b37e205c5218b352b79393e73fda1fcf.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

366bf8696392da0b36fb41af9058184b7d11b5f53ba8856f0db16d25766c35c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Wed, 22 Sep 2021 14:59:55 GMT
server: Cowboy
age: 75268
date: Sat, 25 Sep 2021 15:09:29 GMT
x-edge-origin-shield-skipped: 0
content-type: text/css
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
content-length: 35727
x-amz-cf-id: 7Dm5TLaD9FbDm5SXwBwfxALOIOuKQQKFc_bATiqR3THDhHUONV0gAA==

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame 790B 50 KB
11 KB 324ms
23ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: secure.givelively.org
URL: https://secure.givelively.org/donate/heroin-support-inc?ref=sd_widget&widget_url=https%3A%2F%2Fshop.heroinsupport.org%2F&referrer_url=&show_donate_now_button=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7055793
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: H4F50H89ZD6Z1ZKK
x-amz-id-2: GWfeT/PHLkHEdVjLRISUlBGTgwZCGautQeXGx3zkh+hlUIZ14JgwBT68pYjBBJEvt3jYNQK5to0=
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
server: cloudflare
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QA9%2FSSxFvuKCI2Kud%2BZ8r7e9gINMAZ7Nbv96HduEmBpoh9X6OzIdrAJgmnOeODPNwQQmjFQ8QIeDh7FIWlWBjl%2FYkFyTIcq0KZCiMmL3KkzWv%2FXpPFFyxFW%2FCiHqMbCRamCVDr8YYR1Up3xXi414kWT8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 694c5a1f0baec28b-FRA

GET
H2 200 application-5c925f302c5403c68a06dceded4277a3c759eefebdfc0d6d4931889f0b3662e4.js Show response
members.givelively.org/assets/v2/ Frame 790B 272 KB
82 KB 16ms
15ms Script
application/javascript 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/assets/v2/application-5c925f302c5403c68a06dceded4277a3c759eefebdfc0d6d4931889f0b3662e4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

239a4e5173d8dee5871385d097646cfbf3527dfa09e1f363d5c1562597d895c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Thu, 02 Sep 2021 17:43:22 GMT
server: Cowboy
age: 49786
date: Sat, 25 Sep 2021 22:14:10 GMT
x-edge-origin-shield-skipped: 0
content-type: application/javascript
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
content-length: 83214
x-amz-cf-id: VnbgKoCttDVJ_9_dUQpgmyks04keVFChEK8LgX7PMD39dAW8hnJoRg==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 790B 254 KB
61 KB 8ms
8ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b4422b66257bf657c8f5953fc86f2a71b17882cbd8d4c73e07fdaaa9ae12f449

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: br
vary: Accept-Encoding
age: 198
via: 1.1 varnish
x-cache: HIT
content-length: 62554
x-amz-id-2: OPS+Gga8l7w6DQVAcJNpDf/Nzm+I7eSVeIONW0YSN2B9nCaELmG6Mcs+0uL54BUiUdPtnUgy/FI=
x-served-by: cache-fra19156-FRA
timing-allow-origin: *
last-modified: Fri, 24 Sep 2021 20:44:08 GMT
server: AmazonS3
etag: "018f131da445b41aef11843c6f0c597f"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: DK6X212RHM4SGP2A
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 99

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.6.3/ Frame 790B 14 KB
5 KB 18ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/3.6.3/iframeResizer.contentWindow.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c45fbfc905237f16fa3644bae78d607fc6e6f6e1f62d37ea696d4cf7c1dcfeae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5755499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4677
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-3830"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZzmV2bvgBMrlx%2BniDf19OpddDlt%2FYhVtLXllvSMWXzyUTtATqZYAF8zpSzH6i0s9EtlxiVoeXw8%2BFSRPLuB%2Bj%2FW0LFTehI%2F9MK2VPa1Ob7CIz1580i9JYkAfH8J%2FOncP3yHBpSeUSpG9Jw6hmAO5DDR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 694c5a1e3c2805b7-FRA
expires: Fri, 16 Sep 2022 12:03:57 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 790B 146 KB
48 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDn7Z0DbkWJFqEs5NdeekLXvZ6a-JDGCsY&libraries=places

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

0da4d013c46f950570b4c3abae8406515e1ee17a48385094d7a4e78fc78bffd6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48658
x-xss-protection: 0
expires: Sun, 26 Sep 2021 12:33:57 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 790B 52 KB
20 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ceoJvf7wDo0+hBxKpebp2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "640a4d1ff2f547a81ed97fb67488ed83"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-ceoJvf7wDo0+hBxKpebp2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Sun, 26 Sep 2021 12:03:57 GMT

GET
H2 200 smart-donations-bundle-98409d480af01fb774d7.js Show response
members.givelively.org/packs/js/ Frame 790B 2 MB
378 KB 15ms
15ms Script
application/javascript 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/packs/js/smart-donations-bundle-98409d480af01fb774d7.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

4ee54ff917c539b264537d0d6f62c78484457762a6fd64ace831385744b98c9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 18:37:14 GMT
server: Cowboy
age: 62245
date: Sat, 25 Sep 2021 18:46:31 GMT
x-edge-origin-shield-skipped: 0
content-type: application/javascript
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
content-length: 385833
x-amz-cf-id: fapZggkn1esRh0yDAjJBSJLuDqfHYeARb7gsAyxn8oOOLnvgdzQ1Gg==

GET
H2 200 application-6f4995215eabbc61ab62.js Show response
members.givelively.org/packs/js/ Frame 790B 316 KB
86 KB 16ms
15ms Script
application/javascript 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/packs/js/application-6f4995215eabbc61ab62.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

9ad0dcb0dcb9d15db88513d9f0c0ca1622f34ac1ae390baa97e7edb245531bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 15:12:09 GMT
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 18:37:14 GMT
server: Cowboy
age: 75107
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-length: 87311
x-amz-cf-id: sZ2nVjoOobAXl5MDY9738zfVyuDE8Avzvh2dQRocFffXHvFSEmXeRQ==

GET
H2 200 react_rails-a502b9de2fc26da458d6.js Show response
members.givelively.org/packs/js/ Frame 790B 1 MB
330 KB 23ms
22ms Script
application/javascript 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/packs/js/react_rails-a502b9de2fc26da458d6.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

9d15f5889b901db2d243c8632b5864c62577d894122903a5831cebfd3d4514bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 18:37:14 GMT
server: Cowboy
age: 62245
date: Sat, 25 Sep 2021 18:46:32 GMT
x-edge-origin-shield-skipped: 0
content-type: application/javascript
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-encoding: gzip
content-length: 337252
x-amz-cf-id: X1tVYeJ6Asf-WwSTK_-kIHWwIeJ3--eXApIixTLzs9Q67UO84E_BWA==

GET
H2 200 DefaultTemplateView-cdb8d4ea9ee97175b1ef.js Show response
members.givelively.org/packs/js/sentry/ Frame 790B 32 KB
10 KB 13ms
12ms Script
application/javascript 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://members.givelively.org/packs/js/sentry/DefaultTemplateView-cdb8d4ea9ee97175b1ef.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-11.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

e33b783381cdecd157540c271d33c592ee1b4197ba286b4f6b30e68fbb4eeaf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 15:29:05 GMT
via: 1.1 vegur, 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 24 Sep 2021 18:37:14 GMT
server: Cowboy
age: 74092
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-length: 9360
x-amz-cf-id: JhOjXQPK8k13Um4udO07kW6_dxdBMCmgYhKtU8jhxg4GBYu4eOS6Iw==

GET
H2 200 heroin-support-inc_processed_787a16d230d8088a0269e0e46f1b027a9d40ec093484e025e20d7d14ea5c8b14_background_image.png
images.givelively.org/nonprofits/acb73907-c7f4-452b-8067-91ffff5b0d31/background_image/ Frame 790B 845 KB
847 KB 456ms
456ms Image
image/png 13.224.193.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.givelively.org/nonprofits/acb73907-c7f4-452b-8067-91ffff5b0d31/background_image/heroin-support-inc_processed_787a16d230d8088a0269e0e46f1b027a9d40ec093484e025e20d7d14ea5c8b14_background_image.png
Requested by: Host: secure.givelively.org
URL: https://secure.givelively.org/donate/heroin-support-inc?ref=sd_widget&widget_url=https%3A%2F%2Fshop.heroinsupport.org%2F&referrer_url=&show_donate_now_button=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 56c63a60f91f569ef23a1cbc7ffcd518b19168e39ae54937cefe1f29fb3adeae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Mon, 10 Aug 2020 18:02:50 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: "5b1e97d096d8812774b6e8284ab6dfcf"
x-cache: Miss from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 865344
x-amz-cf-id: uPWYhwjkTMfsT2zrCcOh6YJ9rOVG6sP5PVX9h_zP-DPBjtMFPpmZcQ==

GET
H2 200 powered-by-give-lively@2x.png
images.givelively.org/logos/ Frame 790B 14 KB
14 KB 9ms
9ms Image
image/png 13.224.193.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.givelively.org/logos/powered-by-give-lively@2x.png
Requested by: Host: secure.givelively.org
URL: https://secure.givelively.org/donate/heroin-support-inc?ref=sd_widget&widget_url=https%3A%2F%2Fshop.heroinsupport.org%2F&referrer_url=&show_donate_now_button=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 840ee62c133c553ff018a6b00f5b5d6836c37a0205f1be2f82b12d4f02b9cb01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 07:36:39 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Thu, 17 Sep 2020 21:22:11 GMT
server: AmazonS3
age: 16039
etag: "40a4ae9699fe72179a146fccb5133aef"
x-edge-origin-shield-skipped: 0
content-type: image/png
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 13947
x-amz-cf-id: bZx-3VcmDETqfBn5FEl6mZEyLUjH8utPXz6VWl-TCVTKGWGAEHhq7w==

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=277108160136518&ev=Microdata&dl=https%3A%2F%2Fshop.heroinsupport.org%2F&rl=&if=false&ts=1632657837797&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20Heroin%20Support%20Fundraiser%5Cn%20%20%20%20%5Cn%20%20%20%20%5Cn%20%20%20%20%5Cn%20%20%20%20%20%20%E2%80%93%20HeroinSupport.org%5Cn%20%20%20%20%5Cn%20%20%22%2C%22meta%3Adescription%22%3A%22Purchase%20heroin%20wristbands%2C%20window%20decals%20and%20more%20from%20our%20nonprofit.%20We%20hope%20to%20be%20adding%20other%20items%20like%20shirts%20in%20the%20near%20future.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Heroin%20Support%20Fundraiser%22%2C%22og%3Adescription%22%3A%22Purchase%20heroin%20wristbands%2C%20window%20decals%20and%20more%20from%20our%20nonprofit.%20We%20hope%20to%20be%20adding%20other%20items%20like%20shirts%20in%20the%20near%20future.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fshop.heroinsupport.org%2F%22%2C%22og%3Asite_name%22%3A%22HeroinSupport.org%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1829%2F5133%2Ffiles%2FLogoNew.png%3Fheight%3D628%26pad_color%3Dfff%26v%3D1576264958%26width%3D1200%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F1829%2F5133%2Ffiles%2FLogoNew.png%3Fheight%3D628%26pad_color%3Dfff%26v%3D1576264958%26width%3D1200%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22628%22%2C%22og%3Aimage%3Aalt%22%3A%22Heroin%20Support%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A55%2C%22w%22%3A55%7D%2C%22properties%22%3A%7B%22logo%22%3A%22data%3Aimage%2Fpng%3Bbase64%2CiVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mPYvufQfwAHmAM12jbOLQAAAABJRU5ErkJggg%3D%3D%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.46&r=stable&a=shopify&ec=1&o=30&fbp=fb.1.1632657837277.141929649&it=1632657836913&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 26 Sep 2021 12:03:57 GMT

GET
H2 200 m-outer-9475bd26486e6119b23924eebd3d561a.html Show response
js.stripe.com/v3/ Frame E6F1 215 B
511 B 6ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.givelively.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/

Response headers

x-amz-id-2: gPzuI6NuzaSS+Qs3/TOghK2lRJUXJBFTKniT83Rb2lJizKfesuGd/iunUrE9+rRDCu4W0R2v7Yo=
x-amz-request-id: 9QK8ZBDCCRATBKJB
last-modified: Wed, 01 Sep 2021 21:34:43 GMT
etag: "9475bd26486e6119b23924eebd3d561a"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Sun, 26 Sep 2021 12:03:57 GMT
via: 1.1 varnish
age: 240
x-served-by: cache-fra19156-FRA
x-cache: HIT
x-cache-hits: 225
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 130

GET
H3 200 cart.js Show response
shop.heroinsupport.org/ Frame B155 283 B
1 KB 153ms
153ms Fetch
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/cart.js

Requested by

Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com//1_77_0/static/js/widget.37e3a46cca72f53ace00.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db86b4d18017697578628cf41791dda2c2e627a71f670aa0a069e4b070523ac0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /cart.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
content-type: application/json
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: shop.heroinsupport.org
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1; _shopify_sa_t=2021-09-26T12%3A03%3A56.823Z; _shopify_sa_p=; shopify_pay_redirect=pending; _ga=GA1.2.851805355.1632657837; _gid=GA1.2.1978352179.1632657837; _gat=1; _gcl_au=1.1.2011839152.1632657837; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; _fbp=fb.1.1632657837277.141929649; _pin_unauth=dWlkPU5UTmtOak5tTVRBdE9XTTNNaTAwTmpSakxXSmtaamd0WlRJNE1XTXpOVGxsWVdGaA
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-shopid: 18295133
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:03:57 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 10 Oct 2021 12:03:57 GMT _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:58 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:58 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:58 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:58 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
x-request-id: 212c0d1d-a12b-4111-aad6-c82428be3284
cf-ray: 694c5a1ee87b6973-FRA
x-sorting-hat-podid: 57
x-cartjs-updatedat: 0

GET
H2 200 m-outer-f045e3b6b64aa0e635a6cabefc84daae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E6F1 1 KB
864 B 7ms
7ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: br
vary: Accept-Encoding
age: 240
via: 1.1 varnish
x-cache: HIT
content-length: 637
x-amz-id-2: EmmNVdn5O+sd5hyS1zrC0Zhn8A2rwTVDfUzQdasw6PMfMrDlagRddcDtVFjJWgB3fweXBe6xkeI=
x-served-by: cache-fra19156-FRA
timing-allow-origin: *
last-modified: Wed, 01 Sep 2021 21:34:46 GMT
server: AmazonS3
etag: "01f873d478053c6a0368329ea08f7a10"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 9QK689RQM2PPT73W
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 231

GET
H2 200 css2
fonts.googleapis.com/ Frame F9BE 3 KB
646 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap

Requested by

Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com//1_77_0/static/js/widget.37e3a46cca72f53ace00.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b24da0c6d2f25d86882b64b5b180c298afd02c3222dbfd415d179767e67823f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Sep 2021 10:20:25 GMT
server: ESF
date: Sun, 26 Sep 2021 12:03:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Sep 2021 12:03:57 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ Frame F9BE 27 KB
27 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 08:27:00 GMT
x-content-type-options: nosniff
age: 99418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 16:57:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Sep 2022 08:27:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 8A96 932 B
1 KB 35ms
10ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=300, public
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
accept-ranges: bytes
date: Sun, 26 Sep 2021 12:03:58 GMT
via: 1.1 varnish
age: 93
x-served-by: cache-fra19156-FRA
x-cache: HIT
x-cache-hits: 62
x-timer: S1632657838.034775,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 932

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 790B 149 KB
54 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMD42PZ&l=gl_dataLayer

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf275debca5a4df45158e1c43cbb122499c3801e67b7933af32a76bbe3c660da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55410
x-xss-protection: 0
expires: Sun, 26 Sep 2021 12:03:58 GMT

GET
H2 200 tags.js Show response
js.datadome.co/ Frame 790B 233 KB
35 KB 8ms
8ms Script
text/javascript 13.225.78.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Host: members.givelively.org
URL: https://members.givelively.org/packs/js/smart-donations-bundle-98409d480af01fb774d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-46.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

dec5e5786208beaa10be7849ea723c2e1cf022781092424e6debad5690bfeb1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 11:08:36 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3322
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 35628
access-control-allow-origin: *
last-modified: Wed, 22 Sep 2021 09:08:00 GMT
server: Apache
etag: "3a29d-5cc91d9d602fc-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: EU88HvqLP4iH907i0dluu-bQ_NYJ3zCWtPgIOU7YiMhehSYXrJdTjA==
expires: Sun, 26 Sep 2021 12:08:36 GMT

GET
H2 200 heroin-support-inc_processed_906751899988bda790b2e2754627849de23bec8dba036e6e0fa249845321235d_logo.png
images.givelively.org/nonprofits/acb73907-c7f4-452b-8067-91ffff5b0d31/logos/ Frame 790B 79 KB
80 KB 20ms
20ms Image
image/png 13.224.193.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.givelively.org/nonprofits/acb73907-c7f4-452b-8067-91ffff5b0d31/logos/heroin-support-inc_processed_906751899988bda790b2e2754627849de23bec8dba036e6e0fa249845321235d_logo.png
Requested by: Host: members.givelively.org
URL: https://members.givelively.org/packs/js/react_rails-a502b9de2fc26da458d6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fad217b28b3e4434cde68e1912cd8f882ba64b29702b7b2881ae6c9a77909bb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Wed, 13 Nov 2019 21:06:24 GMT
server: AmazonS3
age: 1
etag: "e2efeb288832c35c5e9e97530289b18c"
x-edge-origin-shield-skipped: 0
content-type: image/png
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 81018
x-amz-cf-id: 7OoTFasZLhwbXv_O1hI8C9MVvC3DUfCPTj7jTzW67XFlE6kkZU5UWQ==

GET
H2 403 acb73907-c7f4-452b-8067-91ffff5b0d31 Show response
secure.givelively.org/double_the_donation_api_key/ Frame 790B 463 B
1 KB 44ms
44ms Fetch
text/html 13.225.78.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.givelively.org/double_the_donation_api_key/acb73907-c7f4-452b-8067-91ffff5b0d31
Requested by: Host: members.givelively.org
URL: https://members.givelively.org/packs/js/smart-donations-bundle-98409d480af01fb774d7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-56.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: efa5b8e3ec9445cc2c30784a8277aee98074b003e8c34bc97671d340cd460402

Request headers

Referer: https://secure.givelively.org/donate/heroin-support-inc?ref=sd_widget&widget_url=https%3A%2F%2Fshop.heroinsupport.org%2F&referrer_url=&show_donate_now_button=false
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sentry-trace: 0d8b5f3eb045410daaddece70766f0e1-b79fcbc097175ff0-0

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:58 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
x-datadome-cid: AHrlqAAAAAMAD5TR8kUWVWkATi_QGg==
x-datadome: protected
x-edge-origin-shield-skipped: 0
x-cache: LambdaGeneratedResponse from cloudfront
content-type: text/html;charset=utf-8
charset: utf-8
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
x-amz-cf-pop: FRA2-C2
content-length: 463
x-amz-cf-id: yXB_uDIpLOOxJeAGnQtmDuufJTSfEIQ71SAA5YDRi8YqueGOZJgwpw==
server: CloudFront

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame 790B 68 KB
69 KB 30ms
15ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c

Request headers

Referer: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin: https://secure.givelively.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5635666
cf-ray: 694c5a2058416945-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 69608
x-amz-id-2: jbI0v0eTOfA7727OgZzpgvuKAbKsYAg7WXzdTzoIvgugKRIevrQWb+i1G1GevQFD0aZPImaNXaI=
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
server: cloudflare
etag: "659c4d58b00226541ef95c3a76e169c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvxUFCZNE8152xq58GUFmRt4tuGO%2FU4ZmCCsX0ZQHFD2MNV8u%2Fj4wgY7DU7k8RrCWmtK4hCpgYW5hH0n6Z7PYs0unEZprF6K2xNf3dbSjhGO7GvwbqmxmdZQ9AmqokU80pkc6ygYSJGl4%2BKMfvZYbvv%2F"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: JMMEDSJRYDM3NJAS
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame 790B 72 KB
73 KB 37ms
22ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin: https://secure.givelively.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4058037
cf-ray: 694c5a2058466945-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 73852
x-amz-id-2: jq4/YJXfdU4sYqzdzeU0Z8FzJJnbpDudUtECfarm7hKCSjPXhVm/PZfCf0/f1cbC6OPwRlPrH20=
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
server: cloudflare
etag: "fb493903265cad425ccdf8e04fc2de61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFMapsrhFJFnZCF3oKEbgZzsI1CyoyxpEEb3mJ2y9%2F3rJC6gAL46yUXfrc08RRCfKN%2FBD64ZuMQ8e7OwReO8DQsf6MGAjtTdqEkyK8x5Nr6kLacHhLzNw9lTZH4ziviqLCYSwvBX8xylRm8ihdp25vXs"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 73B6MHYPB79BFJ6V
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 controller-04e60e8da60719ecbecd629c5dfe17a5.html Show response
js.stripe.com/v3/ Frame 3AD1 299 B
571 B 19ms
18ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-04e60e8da60719ecbecd629c5dfe17a5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ab5d95b55a41f726aa1c90ef3dfd7af61e9e1f688360a16a96ec631bf61eebaf

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-04e60e8da60719ecbecd629c5dfe17a5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.givelively.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/

Response headers

x-amz-id-2: M8yfZCFVqx4N2oRMT0BxpiQmcWa8zuMBl+QjLd1v/zk9Yh7OXjKMJssRzV5arUSaFr3g+rDIHTY=
x-amz-request-id: K9WMV88KAFQ63ZYA
last-modified: Fri, 24 Sep 2021 20:15:33 GMT
etag: "04e60e8da60719ecbecd629c5dfe17a5"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Sun, 26 Sep 2021 12:03:58 GMT
via: 1.1 varnish
age: 171
x-served-by: cache-fra19156-FRA
x-cache: HIT
x-cache-hits: 24
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 157

GET
H2 200 payment-request-inner-google-pay-9cadf1cd3fc71f0b4ce3a9edc79569af.html Show response
js.stripe.com/v3/ Frame 0BCF 384 B
565 B 16ms
15ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-9cadf1cd3fc71f0b4ce3a9edc79569af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13eea62a61518ed68dd0ffcd7fec169f0538b8f44f2802136eef509cdb4a0f55

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://google.com/pay https://pay.google.com; default-src 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-google-pay-9cadf1cd3fc71f0b4ce3a9edc79569af.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.givelively.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/

Response headers

x-amz-id-2: iyfYtMGHMbxKQbHONyQ2oLN5OeNFUEKGF4+N5v6QTQT0FnPhK3iW+Sxl69TxKx64CJGF/WV4EsQ=
x-amz-request-id: RSCWTY7ZT6YGGTV1
last-modified: Fri, 24 Sep 2021 20:15:33 GMT
etag: "9cadf1cd3fc71f0b4ce3a9edc79569af"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Sun, 26 Sep 2021 12:03:58 GMT
via: 1.1 varnish
age: 156
x-served-by: cache-fra19156-FRA
x-cache: HIT
x-cache-hits: 4
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://google.com/pay https://pay.google.com; default-src 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 184

GET
H2 200 payment-request-inner-browser-395bf14539c9b44d77f554015723f268.html Show response
js.stripe.com/v3/ Frame 7C1A 320 B
684 B 14ms
14ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-395bf14539c9b44d77f554015723f268.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d61b7cac2f6bf0482a24d1b4437e14c1e1033419aa50d67df92275b8fade5f26

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/payment-request-inner-browser-395bf14539c9b44d77f554015723f268.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.givelively.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/

Response headers

x-amz-id-2: 46KECZ0X0Lp6t/R/lKzWd+vrW76YfupXWsPssAnqYjSeGXMSOp3m6JlO3pAUZbmlqAGfPGASgMQ=
x-amz-request-id: 3R4GB0JGGDP7MHJ6
last-modified: Fri, 24 Sep 2021 20:15:33 GMT
etag: "395bf14539c9b44d77f554015723f268"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Sun, 26 Sep 2021 12:03:58 GMT
via: 1.1 varnish
age: 194
x-served-by: cache-fra19156-FRA
x-cache: HIT
x-cache-hits: 12
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 166

POST
H2 200 csp-report
q.stripe.com/ Frame 8A96 0
121 B 523ms
178ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ Frame F9BE 27 KB
27 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shop.heroinsupport.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 08:27:00 GMT
x-content-type-options: nosniff
age: 99418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 16:57:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Sep 2022 08:27:00 GMT

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame 8A96 85 KB
85 KB 8ms
8ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
via: 1.1 varnish
x-content-type-options: nosniff
server: Fastly
age: 11
date: Sun, 26 Sep 2021 12:03:58 GMT
x-served-by: cache-fra19156-FRA
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: application/javascript
cache-control: max-age=300, public
accept-ranges: bytes
x-timer: S1632657838.229808,VS0,VE0
content-length: 87228
x-cache-hits: 7

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 790B 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMD42PZ&l=gl_dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4318
date: Sun, 26 Sep 2021 10:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 26 Sep 2021 12:52:00 GMT

GET
H2 200 hotjar-1561839.js Show response
static.hotjar.com/c/ Frame 790B 4 KB
2 KB 11ms
11ms Script
application/javascript 13.225.78.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1561839.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMD42PZ&l=gl_dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-103.fra2.r.cloudfront.net

Software

Resource Hash

65f1553074d779f5d748a0d0216f14a78f89b0bd5dc69b0e5562910950110d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 1950
access-control-allow-origin: *
x-cache-hit: 1
etag: W/3cb7ac1ecd22b8191448554835056030
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: h-45mHyJI3GSimUk1rLhOnNP-HsS90ZpFNQ061ZxEIG-tLsdpOs4YQ==

GET
H2 200 heap-1405745704.js Show response
cdn.heapanalytics.com/js/ Frame 790B 102 KB
40 KB 13ms
13ms Script
application/javascript 13.225.78.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1405745704.js

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-67.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d4b2ca6ed32b07e113be48cecee742c5be39fa8354c67a542c72e463d1007336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:02:21 GMT
content-encoding: gzip
server: nginx
age: 97
etag: W/"1979f-xoNdpk0uBorANEpFpBFh4Q"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 1, 0
content-type: application/javascript; charset=utf-8
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: jB3B4DkYB8tKHapvAYlLbf1zbwjEDjPWMMLr76OzrFab64W4RYn2Tg==

GET
H2 200 shared-c2bfa137e723a355a05ceda55e97b515.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7C1A 180 KB
46 KB 9ms
8ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-c2bfa137e723a355a05ceda55e97b515.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-395bf14539c9b44d77f554015723f268.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c5f00380b0c154454af53416372a7169a2815c5de015a888fca57aad2fac11c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-395bf14539c9b44d77f554015723f268.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 199
via: 1.1 varnish
x-cache: HIT
content-length: 46230
x-amz-id-2: vfBamxynS4a9mCKp4Kg8YR3IOLhbBkfQzkTjTpiQsPj7E+TV9afAhv6Wn0mJ9e4Jw55LUQaQ0NE=
x-served-by: cache-fra19156-FRA
timing-allow-origin: *
last-modified: Fri, 24 Sep 2021 20:15:40 GMT
server: AmazonS3
etag: "2c8e80d6b26d5892a2b5ce39bb9b5449"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: K3SF3H2VNH802E34
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 47

GET
H2 200 payment-request-inner-browser-87bbf35b205f89a192aa3a76d034616f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7C1A 11 KB
4 KB 8ms
8ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-87bbf35b205f89a192aa3a76d034616f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-395bf14539c9b44d77f554015723f268.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bbaf8796714d189a9ae5febc6847742dbc296b5f76acc14b68a54a7250d948b1

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-395bf14539c9b44d77f554015723f268.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 253
via: 1.1 varnish
x-cache: HIT
content-length: 4050
x-amz-id-2: in+UuOvZ7XGeMbLJhf5ZOIuNRT4+wntnJ6toDrVksEVnAnsQjjUPeHPESQMx2yRF5tQVWJcs7Mo=
x-served-by: cache-fra19156-FRA
timing-allow-origin: *
last-modified: Fri, 24 Sep 2021 20:15:35 GMT
server: AmazonS3
etag: "ad57495aef46b66d8b3558db41f8ec48"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 47PBT1KWSS2J3240
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 15

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 0BCF 95 KB
31 KB 131ms
73ms Script
application/javascript 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-9cadf1cd3fc71f0b4ce3a9edc79569af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1080db8f515dadc3e1b1cee70fc8cee36fefeb0803c252185e731c5f97bcff6d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wouShs9xHIuFOhSwNEk2Bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-wouShs9xHIuFOhSwNEk2Bg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-wouShs9xHIuFOhSwNEk2Bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-wouShs9xHIuFOhSwNEk2Bg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 26 Sep 2021 12:03:58 GMT

GET
H2 200 shared-c2bfa137e723a355a05ceda55e97b515.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0BCF 180 KB
45 KB 14ms
14ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-c2bfa137e723a355a05ceda55e97b515.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-9cadf1cd3fc71f0b4ce3a9edc79569af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c5f00380b0c154454af53416372a7169a2815c5de015a888fca57aad2fac11c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-9cadf1cd3fc71f0b4ce3a9edc79569af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 199
via: 1.1 varnish
x-cache: HIT
content-length: 46230
x-amz-id-2: vfBamxynS4a9mCKp4Kg8YR3IOLhbBkfQzkTjTpiQsPj7E+TV9afAhv6Wn0mJ9e4Jw55LUQaQ0NE=
x-served-by: cache-fra19156-FRA
timing-allow-origin: *
last-modified: Fri, 24 Sep 2021 20:15:40 GMT
server: AmazonS3
etag: "2c8e80d6b26d5892a2b5ce39bb9b5449"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: K3SF3H2VNH802E34
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 48

GET
H2 200 payment-request-inner-google-pay-bc686b7cbefd655b4d24f4f93cb81531.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0BCF 13 KB
4 KB 18ms
18ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-bc686b7cbefd655b4d24f4f93cb81531.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-9cadf1cd3fc71f0b4ce3a9edc79569af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dabbfc02e2dd0545367b8d536848807d8b7c019f24434ceac3a2aeee641686c0

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-9cadf1cd3fc71f0b4ce3a9edc79569af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 193
via: 1.1 varnish
x-cache: HIT
content-length: 4334
x-amz-id-2: rEeQASAypGEY45sGzo1KiUEnEun65/66rd0ohyl/MSYp9/KpzsgdhfAwdj9BO3tud4t5EYUl/ck=
x-served-by: cache-fra19156-FRA
timing-allow-origin: *
last-modified: Fri, 24 Sep 2021 20:15:35 GMT
server: AmazonS3
etag: "68025ae7acd6e554258a583e3a1d39fd"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 9YFDXQ469YT4G2GQ
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 5

GET
H2 200 shared-c2bfa137e723a355a05ceda55e97b515.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3AD1 180 KB
45 KB 19ms
19ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-c2bfa137e723a355a05ceda55e97b515.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-04e60e8da60719ecbecd629c5dfe17a5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5c5f00380b0c154454af53416372a7169a2815c5de015a888fca57aad2fac11c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-04e60e8da60719ecbecd629c5dfe17a5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 199
via: 1.1 varnish
x-cache: HIT
content-length: 46230
x-amz-id-2: vfBamxynS4a9mCKp4Kg8YR3IOLhbBkfQzkTjTpiQsPj7E+TV9afAhv6Wn0mJ9e4Jw55LUQaQ0NE=
x-served-by: cache-fra19156-FRA
timing-allow-origin: *
last-modified: Fri, 24 Sep 2021 20:15:40 GMT
server: AmazonS3
etag: "2c8e80d6b26d5892a2b5ce39bb9b5449"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: K3SF3H2VNH802E34
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 49

GET
H2 200 controller-54fa1217ee1084eeee65eabf741b1ede.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3AD1 264 KB
68 KB 23ms
23ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-54fa1217ee1084eeee65eabf741b1ede.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-04e60e8da60719ecbecd629c5dfe17a5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

93e2f58e310618040282e647d99e4fb3ffe7089f1d51ea9a01350cc6d06dc06d

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-04e60e8da60719ecbecd629c5dfe17a5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 181
via: 1.1 varnish
x-cache: HIT
content-length: 69439
x-amz-id-2: +WhGx1xFC6Wd5wWjOQqpDBOyji6mAnlyH9936qnVf1u47QguIw61NBDV6i+uFqkBuE3flneoX8Q=
x-served-by: cache-fra19156-FRA
timing-allow-origin: *
last-modified: Fri, 24 Sep 2021 20:15:34 GMT
server: AmazonS3
etag: "591ef36c4afdb0e47899f50a72eb90ec"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: K3S8B444ZHGMHVVV
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 25

POST
H2 200 / Show response
api-js.datadome.co/js/ Frame 790B 213 B
390 B 10ms
10ms XHR
application/json 18.159.15.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: members.givelively.org
URL: https://members.givelively.org/packs/js/smart-donations-bundle-98409d480af01fb774d7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.15.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-15-241.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 14b07d6b4dd41536f9deb40dc3eb7eef42c1e1bc2a3c73b171c0e5d20418504c

Request headers

Referer: https://secure.givelively.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:58 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 213
expires: 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame 790B 2 KB
924 B 7ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 11:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 26 Sep 2021 12:33:30 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 3AD1 0
214 B 516ms
164ms XHR
application/octet-stream 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-c2bfa137e723a355a05ceda55e97b515.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 0

GET
H2 200 modules.5fe2f4f38cf4833026a9.js Show response
script.hotjar.com/ Frame 790B 221 KB
59 KB 9ms
9ms Script
application/javascript 13.224.193.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1561839.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-38.fra2.r.cloudfront.net

Software

Resource Hash

33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1486132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59626
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 07:14:26 GMT
etag: "e8c5ca8d148a212696c04c37e713b2a1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: FPmw8bMUZOa_bHAE8aC4PYbtuDjDmmJT1bYpq3rAbumBS1oCoGOVnA==

POST
H2 200 6 Show response
m.stripe.com/ Frame 8A96 156 B
517 B 496ms
168ms XHR
text/plain 54.186.42.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.42.192 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-42-192.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3ea5b522e36cb1e8e2bf7e3f77935b251cba8245dba24fe083b3260fd2703046

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H2 200 h
heapanalytics.com/ Frame 790B 37 B
258 B 100ms
100ms Image
image/gif 3.87.166.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1405745704&u=8339215256066608&v=8834472457445542&s=1116562886594316&b=web&tv=4.0&z=0&h=%2Fdonate%2Fheroin-support-inc&q=%3Fref%3Dsd_widget%26widget_url%3Dhttps%253A%252F%252Fshop.heroinsupport.org%252F%26referrer_url%3D%26show_donate_now_button%3Dfalse&d=secure.givelively.org&t=Donate%20Now%20%7C%20Heroin%20Support%20Inc%20-%20501(c)3%20Nonprofit&r=https%3A%2F%2Fshop.heroinsupport.org%2F&ts=1632657838439&st=1632657838439

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.87.166.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-87-166-65.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:58 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame C29B 17 KB
7 KB 377ms
75ms Document
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83f987eef2dcf5df9067b2fb033a8313cc7046627a7818d2e43473a3b9c8aafb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NbxK2YWln/SaJeY4trH0oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-NbxK2YWln/SaJeY4trH0oA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pay.google.com
:scheme: https
:path: /gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=vH2pDCmqiNgcrhZfj1KYnioPucw7_TZ_2Dy1NDVj6_Op-MKoNuJAEXmZ_thj19C2LnsD2A3QhsqKj3Z7q-ni4AJs8w1Vuk1YwU7iXvtCpzkTWPjnh_4lo7zvWPNVm46peg1RaANWKLe1TYO1Bx5KbO88hs4DGEkWEJGFf-v_uD4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Sun, 26 Sep 2021 12:03:58 GMT
date: Sun, 26 Sep 2021 12:03:58 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin
content-security-policy: script-src 'report-sample' 'nonce-NbxK2YWln/SaJeY4trH0oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-NbxK2YWln/SaJeY4trH0oA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
286 B 484ms
160ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=2&timestamp=1632657838453&event_id=3f89d474-b38a-4295-beba-45de6dc3b839&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=unknown&es_module=false&frame_width=530

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 488ms
165ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.register_wrapper.update&event_count=3&timestamp=1632657838454&event_id=8aead720-3164-4845-8842-b13448fa9538&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 488ms
165ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.options&event_count=4&timestamp=1632657838454&event_id=3a5b831f-f430-40e2-b30c-b2a8d4495b39&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530&options-country=US&options-currency=usd&options-requestPayerEmail=true&options-requestPayerName=true&usesButtonElement=false

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 488ms
166ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.query_strategy&event_count=5&timestamp=1632657838455&event_id=c37e123d-2eb5-443f-a2a5-9e7fc1b29968&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530&queryStrategy=GOOGLE_PAY+BROWSER&usesButtonElement=false

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 482ms
161ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=6&timestamp=1632657838455&event_id=20a34465-7c91-4fe8-bd35-5e011fd30485&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 482ms
161ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=7&timestamp=1632657838456&event_id=14827f83-748e-49ed-bbc5-5316a8e6bcb9&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 162ms
161ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.can_make_payment&event_count=8&timestamp=1632657838456&event_id=15fa68a9-a5a0-437d-b9d4-dd0b6745e68f&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530&usesButtonElement=false

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 162ms
162ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=9&timestamp=1632657838457&event_id=3bd60ef0-c5ce-4617-9f0b-89d10c9d7737&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530&element=ControllerApp&dom_loading=37&dom_interactive=229&dom_complete=229&since_sjs_load=236&since_stripe_create=236&since_create=236&mount_duration=229&since_fetch=227&load_count=1&match_frame=true&resource_timings-shared.js-transfer_size=46530&resource_timings-shared.js-duration=23&resource_timings-controller.js-transfer_size=69739&resource_timings-controller.js-duration=29

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 181ms
180ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.cross_frame_access&event_count=10&timestamp=1632657838458&event_id=473e3456-3a5b-4e70-b358-a8a79a5eb76f&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530&available=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 box-dfc01efbdc94bb0936d9a35a502b0b64.html Show response
vars.hotjar.com/ Frame 564A 2 KB
1 KB 8ms
8ms Document
text/html 13.224.193.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1561839.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-116.fra2.r.cloudfront.net
Software: /
Resource Hash: 88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.givelively.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/

Response headers

content-type: text/html
content-length: 1044
date: Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "10714b84569172431728622d7c8098e4"
last-modified: Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: KPLK_iTtetctd0sX0fNL6-dvHrJsMOHZg8hzMGrp0GhkwFza2S5jWw==
age: 5871533

POST
H2 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame C29B 2 KB
2 KB 16ms
16ms Other
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 26 Sep 2021 12:03:58 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMi... Frame C29B 147 KB
52 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriA1rYFpEi9gnNZRWEVx29Ii0cPjQ/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

259d13726619f9589930734713651e8c2de59ce474a3c1c7b92422dd960cf6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52505
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 03:22:48 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Sat, 24 Sep 2022 16:34:20 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.UIN... Frame C29B 36 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.UINXJzP9G1E.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjt9HJx8cGF1u0djfsrOl_DtEcBuw/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriA1rYFpEi9gnNZRWEVx29Ii0cPjQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d0d434a492d9ef486bf5a02ccfa239495cb035e23df6e62adf49cb9047fd763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13480
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 04:23:42 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Sat, 24 Sep 2022 16:34:24 GMT

GET
H2 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.UIN... Frame C29B 72 KB
26 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.UINXJzP9G1E.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjt9HJx8cGF1u0djfsrOl_DtEcBuw/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriA1rYFpEi9gnNZRWEVx29Ii0cPjQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d79b8b4e0935251ea3a809db93328be7aaf0fed1600048d59afac3970d43996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26806
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 04:23:42 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Sat, 24 Sep 2022 16:34:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C29B 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.UINXJzP9G1E.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjt9HJx8cGF1u0djfsrOl_DtEcBuw/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4318
date: Sun, 26 Sep 2021 10:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 26 Sep 2021 12:52:00 GMT

GET
H2 200 pay Show response
pay.google.com/gp/p/ui/ Frame C29B 1 MB
347 KB 73ms
73ms XHR
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriA1rYFpEi9gnNZRWEVx29Ii0cPjQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d92ae911efa5999c08f1e12d577339ad668e9ecf7deaec81af7bfcfe4d288aaa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sN0pRpbt3FlJhaoQ5fEaEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-sN0pRpbt3FlJhaoQ5fEaEQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Sun, 26 Sep 2021 12:03:58 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: script-src 'report-sample' 'nonce-sN0pRpbt3FlJhaoQ5fEaEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-sN0pRpbt3FlJhaoQ5fEaEQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Sun, 26 Sep 2021 12:03:58 GMT

GET
H2 200 m-outer-9475bd26486e6119b23924eebd3d561a.html Show response
js.stripe.com/v3/ Frame A614 215 B
535 B 6ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.givelively.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/

Response headers

x-amz-id-2: gPzuI6NuzaSS+Qs3/TOghK2lRJUXJBFTKniT83Rb2lJizKfesuGd/iunUrE9+rRDCu4W0R2v7Yo=
x-amz-request-id: 9QK8ZBDCCRATBKJB
last-modified: Wed, 01 Sep 2021 21:34:43 GMT
etag: "9475bd26486e6119b23924eebd3d561a"
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Sun, 26 Sep 2021 12:03:58 GMT
via: 1.1 varnish
age: 241
x-served-by: cache-fra19156-FRA
x-cache: HIT
x-cache-hits: 227
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control: max-age=60
content-length: 130

POST
H2 200 log Show response
play.google.com/ Frame C29B 131 B
273 B 318ms
16ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriA1rYFpEi9gnNZRWEVx29Ii0cPjQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 26 Sep 2021 12:03:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 36ms
13ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 26 Sep 2021 12:03:58 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 26 Sep 2021 12:03:58 GMT
cache-control: private

POST
H2 200 log Show response
play.google.com/ Frame C29B 131 B
273 B 316ms
17ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriA1rYFpEi9gnNZRWEVx29Ii0cPjQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 26 Sep 2021 12:03:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 32ms
15ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 26 Sep 2021 12:03:58 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 26 Sep 2021 12:03:58 GMT
cache-control: private

POST
H2 200 log Show response
play.google.com/ Frame C29B 131 B
273 B 316ms
16ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriA1rYFpEi9gnNZRWEVx29Ii0cPjQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 26 Sep 2021 12:03:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 28ms
15ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 26 Sep 2021 12:03:58 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 26 Sep 2021 12:03:58 GMT
cache-control: private

POST
H2 200 log Show response
play.google.com/ Frame C29B 131 B
273 B 321ms
22ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriA1rYFpEi9gnNZRWEVx29Ii0cPjQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 26 Sep 2021 12:03:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 22ms
15ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 26 Sep 2021 12:03:58 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 26 Sep 2021 12:03:58 GMT
cache-control: private

POST
H2 200 log Show response
play.google.com/ Frame C29B 131 B
273 B 317ms
15ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriA1rYFpEi9gnNZRWEVx29Ii0cPjQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 26 Sep 2021 12:03:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 14ms
13ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 26 Sep 2021 12:03:58 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 26 Sep 2021 12:03:58 GMT
cache-control: private

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 159ms
159ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=11&timestamp=1632657838969&event_id=a32be3f1-0ee5-48dd-b6a3-07c63cbc6a3d&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530&element=outer&dom_loading=463&dom_interactive=913&dom_complete=1788&since_fetch=1014&load_count=1&load_before_dom_content_loaded=false&load_ready_state=interactive&first_create_ready_state=interactive&first_mount_readyState=interactive&until_first_create=2&until_first_mount=9&until_first_load=270&resource_timings-stripe.js-transfer_size=62854&resource_timings-stripe.js-duration=144&resource_timings-controller.html-transfer_size=457&resource_timings-controller.html-duration=20&resource_timings-payment-request-inner-google-pay.html-transfer_size=484&resource_timings-payment-request-inner-google-pay.html-duration=17&resource_timings-payment-request-inner-browser.html-transfer_size=466&resource_timings-payment-request-inner-browser.html-duration=16

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 m=Wt6vjf,_latency,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.UIN... Frame C29B 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.UINXJzP9G1E.L.B1.O/am=AoA/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjt9HJx8cGF1u0djfsrOl_DtEcBuw/m=Wt6vjf,_latency,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriA1rYFpEi9gnNZRWEVx29Ii0cPjQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8f750f67250588f252240cf102438d92d681b20f35bfa37a7bc3266e056f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7303
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 04:23:42 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Sat, 24 Sep 2022 16:34:26 GMT

GET
H2 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.UIN... Frame C29B 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.UINXJzP9G1E.L.B1.O/am=AoA/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_latency,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjt9HJx8cGF1u0djfsrOl_DtEcBuw/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriA1rYFpEi9gnNZRWEVx29Ii0cPjQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

247c313ca1e5ee9f9248cdfdf25cb6723974c6fad0daee91827fb85a6d1938dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3317
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 04:23:42 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Sat, 24 Sep 2022 16:34:27 GMT

POST
H2 200 log Show response
play.google.com/ Frame C29B 131 B
273 B 36ms
16ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriA1rYFpEi9gnNZRWEVx29Ii0cPjQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 26 Sep 2021 12:03:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 13ms
13ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 26 Sep 2021 12:03:58 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 26 Sep 2021 12:03:58 GMT
cache-control: private

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 160ms
159ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.google_pay.activity_mode&event_count=12&timestamp=1632657838988&event_id=ae88e8ff-462d-4f77-971d-1c32c2bd086b&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530&activityModeName=POPUP&activityMode=2&backingLibrary=GOOGLE_PAY

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 162ms
162ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.google_pay.can_make_payment_native_response&event_count=13&timestamp=1632657838988&event_id=007ffb99-c80f-49c8-8887-351767aeb290&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530&available=false&backingLibrary=GOOGLE_PAY

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 m-outer-f045e3b6b64aa0e635a6cabefc84daae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A614 1 KB
1 KB 25ms
25ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: br
vary: Accept-Encoding
age: 241
via: 1.1 varnish
x-cache: HIT
content-length: 637
x-amz-id-2: EmmNVdn5O+sd5hyS1zrC0Zhn8A2rwTVDfUzQdasw6PMfMrDlagRddcDtVFjJWgB3fweXBe6xkeI=
x-served-by: cache-fra19156-FRA
timing-allow-origin: *
last-modified: Wed, 01 Sep 2021 21:34:46 GMT
server: AmazonS3
etag: "01f873d478053c6a0368329ea08f7a10"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 9QK689RQM2PPT73W
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 234

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 160ms
159ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.error.pr.browser.can_make_payment_rate_limited&event_count=14&timestamp=1632657838992&event_id=29a93533-a998-4841-a9ef-d36de409b5e6&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530&error-stack=Error%3A+Failed+to+execute+%27hasEnrolledInstrument%27+on+%27PaymentRequest%27%3A+Cannot+query+payment+request%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fpayment-request-inner-browser-87bbf35b205f89a192aa3a76d034616f.js%3A1%3A10013%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-c2bfa137e723a355a05ceda55e97b515.js%3A1%3A75863%0A++++at+Array.forEach+(%3Canonymous%3E)%0A++++at+t._emit+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-c2bfa137e723a355a05ceda55e97b515.js%3A1%3A75840)%0A++++at+e.value+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-c2bfa137e723a355a05ceda55e97b515.js%3A1%3A54606)%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-c2bfa137e723a355a05ceda55e97b515.js%3A1%3A82732%0A++++at+https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-c2bfa137e723a355a05ceda55e97b515.js%3A1%3A78217%0A++++at+new+Promise+(%3Canonymous%3E)%0A++++at+t.n._respondUsingPromise+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-c2bfa137e723a355a05ceda55e97b515.js%3A1%3A78189)%0A++++at+t.value+(https%3A%2F%2Fjs.stripe.com%2Fv3%2Ffingerprinted%2Fjs%2Fshared-c2bfa137e723a355a05ceda55e97b515.js%3A1%3A82656)&backingLibrary=BROWSER

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 167ms
167ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.error.payreq.can_make_payment_rate_limited&event_count=15&timestamp=1632657838993&event_id=d8b5c832-d04e-4ceb-8afb-97b9a1a6e7be&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530&message=Failed+to+execute+%27hasEnrolledInstrument%27+on+%27PaymentRequest%27%3A+Cannot+query+payment+request&impl=prapi

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
DATA 200
OK truncated
/ Frame 790B 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 log Show response
play.google.com/ Frame C29B 131 B
692 B 23ms
16ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.NwozfuC2_Fs.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfriA1rYFpEi9gnNZRWEVx29Ii0cPjQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sun, 26 Sep 2021 12:03:59 GMT

GET
H2 200 /
q.stripe.com/ Frame 3AD1 43 B
285 B 162ms
162ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.pr.can_make_payment_response&event_count=16&timestamp=1632657839017&event_id=a2fa7cb0-95f0-4dbd-935a-9fa1410d84ba&os=Windows&browserFamily=Chrome&version=9084512c7&key=pk_live_GWQnyoQBA8QSySDV4tPMyOgI&referrer=https%3A%2F%2Fsecure.givelively.org&stripe_js_id=55d649b5-910a-4d76-bbd1-28552ff1b53d&controller_load_time=1632657838397&wrapper=react-stripe-elements&es_module=false&frame_width=530&response-applePay=false&response-googlePay=false&cached=false&duration=818&activeBackingLibrary=BROWSER&usesButtonElement=false

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame D20F 932 B
1 KB 6ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=300, public
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
accept-ranges: bytes
date: Sun, 26 Sep 2021 12:03:59 GMT
via: 1.1 varnish
age: 94
x-served-by: cache-fra19156-FRA
x-cache: HIT
x-cache-hits: 63
x-timer: S1632657839.029604,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 932

POST
H2 200 csp-report
q.stripe.com/ Frame D20F 0
120 B 172ms
172ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
x-envoy-upstream-service-time: 1
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame D20F 85 KB
85 KB 8ms
8ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
via: 1.1 varnish
x-content-type-options: nosniff
server: Fastly
age: 12
date: Sun, 26 Sep 2021 12:03:59 GMT
x-served-by: cache-fra19156-FRA
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: application/javascript
cache-control: max-age=300, public
accept-ranges: bytes
x-timer: S1632657839.042957,VS0,VE0
content-length: 87228
x-cache-hits: 8

POST
H2 200 6 Show response
m.stripe.com/ Frame D20F 156 B
514 B 170ms
169ms XHR
text/plain 54.186.42.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.42.192 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-42-192.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8e0ba33e5efcee204636a6ac4133704636441262045aa95051b550163699c4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H2 200 spr.js Show response
productreviews.shopifycdn.com/assets/v4/ 8 KB
3 KB 25ms
7ms Script
application/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://productreviews.shopifycdn.com/assets/v4/spr.js?shop=heroin-support.myshopify.com

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b110428c2cf2bb0bab8390f3e58b7961de970b7da528b93cafddf5378bb7cf65

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1
age: 3041999
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
server-timing: processing;dur=0, socket_queue;dur=1.926
content-length: 2910
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5171-BWI, cache-fra19126-FRA
referrer-policy: origin-when-cross-origin
last-modified: Thu, 19 Aug 2021 19:05:53 GMT
x-timer: S1632657839.097422,VS0,VE0
date: Sun, 26 Sep 2021 12:03:59 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-security-policy: default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
accept-ranges: bytes
x-cache-hits: 1, 22081

GET
H2 200 widgets.js Show response
static.zotabox.com/a/1/a12020d76cb47684ec45e1c406d0c73c/ 107 KB
30 KB 356ms
317ms Script
application/javascript 2606:4700:10::6816:36d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.zotabox.com/a/1/a12020d76cb47684ec45e1c406d0c73c/widgets.js?shop=heroin-support.myshopify.com
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 108b1dcb4850efb013c2484f9fc90c5fc0aa950771ca38f2ebd5f5470f0ac1ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Sun, 26 Sep 2021 05:25:21 GMT
server: cloudflare
etag: W/"61500441-1aba8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public, max-age=3600
cf-ray: 694c5a267ff92b95-FRA
expires: Sun, 26 Sep 2021 13:03:59 GMT

GET
H2 200 widget.min.js Show response
cdn-stamped-io.azureedge.net/files/ 87 KB
25 KB 103ms
12ms Script
text/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-stamped-io.azureedge.net/files/widget.min.js?shop=heroin-support.myshopify.com
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e87b507dcf1026babc8bd24deabc7118cc941fbe032ba9369307a3f1207b9fbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 26 Sep 2021 12:03:58 GMT
content-encoding: br
last-modified: Tue, 21 Sep 2021 01:48:16 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97CA1E1CC67DC
x-azure-ref: 0r2FQYQAAAAC1ASzasARWS4UadJ0lygQHRlJBRURHRTEwMjIAMmU1YmQ0MWUtZDQxZC00ZWI5LWFlMzMtZmI1ZDBlNWI5NzRj
x-cache: TCP_HIT
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 4b740514-901e-0099-243a-af1aad000000
cache-control: max-age=1209600
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0cNxKYQAAAAB3LqzQG8PbSJc3qi025ghPTE9OMjFFREdFMDExOAAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=

GET
H2 200 shipping-bars-v1-58b51d48a14c6b29ccba023196a193c68f9842a13cac717939c303e3b1460481.js Show response
shipping-bar-cdn.shopstorm.com/assets/app/ 106 KB
36 KB 12ms
9ms Script
application/javascript 2600:9000:21f3:7c00:1f:123e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shipping-bar-cdn.shopstorm.com/assets/app/shipping-bars-v1-58b51d48a14c6b29ccba023196a193c68f9842a13cac717939c303e3b1460481.js?shop=heroin-support.myshopify.com

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7c00:1f:123e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

58b51d48a14c6b29ccba023196a193c68f9842a13cac717939c303e3b1460481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jul 2017 22:33:53 GMT
server: Cowboy
age: 27759
date: Sun, 26 Sep 2021 04:51:58 GMT
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
content-encoding: gzip
content-length: 36697
x-amz-cf-id: QKWg9gJuPJZZuYaYriXxGMYpFAiBqpWlLpIpdmVW1BziVOevl59Zog==

GET
H2 200 UpsellTracker.js Show response
upsells.boldapps.net/v2_ui/js/ 149 KB
37 KB 72ms
28ms Script
application/javascript 2606:4700::6810:6d12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upsells.boldapps.net/v2_ui/js/UpsellTracker.js?shop=heroin-support.myshopify.com

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6d12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df870e6ec42abc29c776c7144bfceec6e31d4ba9dfdd3b94d49ae607209dbe82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 81225
content-length: 36795
last-modified: Fri, 10 Sep 2021 17:17:58 GMT
server: cloudflare
etag: "25328-5cba74bf6dd80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 694c5a2689e46910-FRA
expires: Tue, 28 Sep 2021 12:03:59 GMT

GET
H2 200 upsell.js Show response
upsells.boldapps.net/v2_ui/js/ 307 KB
77 KB 78ms
35ms Script
application/javascript 2606:4700::6810:6d12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://upsells.boldapps.net/v2_ui/js/upsell.js?shop=heroin-support.myshopify.com

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6d12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e61b8d9fae3bf7e8dc6a117f45ea71454b348ce7ea966289ab63dd8072fff03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 10 Sep 2021 17:17:58 GMT
server: cloudflare
age: 81225
etag: "4ca81-5cba74bf6dd80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=172800
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 694c5a2689e56910-FRA
expires: Tue, 28 Sep 2021 12:03:59 GMT

GET
H2 200 loox.1548877982446.js Show response
loox.io/widget/41WyTkej7L/ 24 KB
10 KB 18ms
16ms Script
application/javascript 2606:4700:20::ac43:498a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loox.io/widget/41WyTkej7L/loox.1548877982446.js?shop=heroin-support.myshopify.com
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:498a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: aed0b9a65b8d5279476552f4fd56e97b4af722cde229a849ef40da6ff5055eb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Sep 2021 03:44:46 GMT
server: cloudflare
age: 81226
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=301nk0FPpB6e42%2FhyQjIvlKlEhzrzNWynKkC2KumbP1Xnt%2B1kFE4iu7fIg0dP8JGOy2kU78KG891Z2PIyHhj1nyoHYHc4PxyrYS9QChKUPGxtUOtYa360QXqRrfRx77COFTMMqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=129600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 694c5a264c346919-FRA
expires: Sat, 25 Sep 2021 15:44:46 GMT

GET
H2 200 wallsh_dp.min.js Show response
cdn.tabarn.app/cdn/automatic-discount/ 345 KB
105 KB 76ms
34ms Script
application/javascript 2606:4700:20::681a:643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tabarn.app/cdn/automatic-discount/wallsh_dp.min.js?shop=heroin-support.myshopify.com
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ec0134d926fbbe46e912c369e68edada913447a49201bb58d397a85ad9f9859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1386369
x-cache: Hit from cloudfront
content-encoding: br
last-modified: Fri, 10 Sep 2021 10:56:55 GMT
server: cloudflare
etag: W/"89beca8d4e24809fc75115c00164f7fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5fAP5LGlm1EzII6DID%2F4%2FoF8Hu51NJMPlCMXZrJE4u4ZTfqvtdCE1f9A3dDQ0FJeQkjaCiYOsOyOIalqpUKm29G7r8JesTNs5J5d09vMWU5FbNVlpHbnk24hzGC02FNa7tnp7vHVykzGrkw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
cf-ray: 694c5a268d06176e-FRA
x-amz-cf-id: sSWzj1JK-ieNexlmeXtkVpMZj2iQmGw-DJwSa68R-N3eDteW5EcmbQ==

GET
H2 200 widget.js Show response
staticw2.yotpo.com/aLN4Ll32fV6Z9NBLnbyPvfdAxFBdat1o8Sa974nX/ 443 KB
120 KB 724ms
639ms Script
text/javascript 2a02:26f0:6c00:294::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/aLN4Ll32fV6Z9NBLnbyPvfdAxFBdat1o8Sa974nX/widget.js?shop=heroin-support.myshopify.com

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.1 /

Resource Hash

f38bc3f11fd2acc0096935138b41b023a7fe512563423b3423198118ad689313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=MISS, edge; dur=524, origin; dur=104
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: d7a3cd7073db2276fec5d6536d1efaca
x-runtime: 0.016279
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"70eebbe9105e4a66cb1327ba04b39f36"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10765
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 widget.min.js Show response
cdn1.stamped.io/files/ 87 KB
25 KB 112ms
10ms Script
text/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/widget.min.js?shop=heroin-support.myshopify.com
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e87b507dcf1026babc8bd24deabc7118cc941fbe032ba9369307a3f1207b9fbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 26 Sep 2021 12:03:58 GMT
content-encoding: br
last-modified: Tue, 21 Sep 2021 01:48:16 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D97CA1E1CC67DC
x-azure-ref: 0r2FQYQAAAAB76/jg79teR4EFX1a8i6s+RlJBRURHRTEwMTQAMmU1YmQ0MWUtZDQxZC00ZWI5LWFlMzMtZmI1ZDBlNWI5NzRj
x-cache: TCP_HIT
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 395c5272-d01e-0052-1c53-b1889d000000
cache-control: max-age=1209600
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0IRxOYQAAAABUrf25EvQHTqfBj6ADmO1nTE9OMjFFREdFMDEyMgAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=

GET
H2 200 apple_message_button_v2.js Show response
cdn.shopify.com/shopifycloud/apple_business_chat_commerce/assets/storefront/ 31 KB
10 KB 126ms
125ms Script
text/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/apple_business_chat_commerce/assets/storefront/apple_message_button_v2.js?businessId=85d380a1-d112-4a33-849a-04eed2c6a915&format=large&position=bottom_center&shop=heroin-support.myshopify.com

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

f6dd77d82ef7485d0ebd87e63ecd31fc0ae4f9a0bc85b071492b6ed791a0ce48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: MISS, MISS
content-disposition: inline
content-length: 10155
x-xss-protection: 1; mode=block
x-request-id: 9f1c527368c955e5feea1b4130cffdfcfdc32c7ea23535aa3403472ee1089f07
x-served-by: cache-lga21929-LGA, cache-fra19126-FRA
server: cache-fra19126-FRA
x-timer: S1632657839.082900,VS0,VE117
date: Sun, 26 Sep 2021 12:03:59 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=360
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/apple_business_chat_commerce/assets/storefront/apple_message_button_v2.js>; rel="canonical"
x-cache-hits: 0, 0

GET
H2 200 freeshippingbar.js Show response
cdn.hextom.com/js/ 44 KB
12 KB 61ms
9ms Script
application/javascript 2600:9000:20eb:f600:1:427b:a440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hextom.com/js/freeshippingbar.js?shop=heroin-support.myshopify.com
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:f600:1:427b:a440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7532da32524c4974ee8b5903a06323d54dfac84c23aedda76e9d5b93971084d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 16:49:06 GMT
content-encoding: gzip
last-modified: Fri, 24 Sep 2021 16:48:43 GMT
server: AmazonS3
age: 69293
etag: "a58ac2a6344807bf0bcb45b3a9b83c77"
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 12243
x-amz-cf-id: XdIOWk5oas-sLLae0NdG1COo6WDDs7A4ePuwoIUhuwxAhiCpWUFcCg==

GET
H2 200 smartpushmarketing.js Show response
cdn2.hextom.com/js/ 188 KB
66 KB 57ms
8ms Script
application/javascript 2600:9000:20eb:2a00:c:cd6:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hextom.com/js/smartpushmarketing.js?shop=heroin-support.myshopify.com
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2a00:c:cd6:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bf3370d23bca4b5df1a3bb2a16481bb4fca70a5f0cac95b1eb7efff1bdd7ccc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 00:27:50 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 15:27:12 GMT
server: AmazonS3
age: 41787
etag: "03d8eda73fc80d1eea30216bc37d87cd"
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 66964
x-amz-cf-id: HKHZSAjidaPECMrnyjr2WbMoqxa3yki5crPwOAt9wYr0W_oVLkES-g==

GET
H2 200 shopifyChatV1.js Show response
cdn.shopify.com/shopifycloud/shopify_chat/storefront/ 476 KB
133 KB 150ms
149ms Script
text/javascript 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify_chat/storefront/shopifyChatV1.js?api_env=production&button_color=%23e35614&button_style=icon&p=bottom_right&shop_id=bFprPoedNCLmjoES8SIskMBPzvUnl-k_P4nShYchdh4&shop=heroin-support.myshopify.com

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19126-FRA /

Resource Hash

1e4316066121d4fe181e0bbdd328ee45e9514a585bbee3f5878f159f6acd05fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: MISS, MISS
content-disposition: inline
content-length: 136029
x-xss-protection: 1; mode=block
x-request-id: ef3232142f6260c1c826e303e43da88fdd953632022b5941928bad4734407fad
x-served-by: cache-lga21948-LGA, cache-fra19126-FRA
server: cache-fra19126-FRA
x-timer: S1632657839.082968,VS0,VE141
date: Sun, 26 Sep 2021 12:03:59 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=360
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify_chat/storefront/shopifyChatV1.js>; rel="canonical"
x-cache-hits: 0, 0

GET
H2 200 pushowl-shopify.js Show response
cdn.pushowl.com/latest/sdks/ 145 KB
35 KB 917ms
710ms Script
application/javascript 13.225.78.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/latest/sdks/pushowl-shopify.js?subdomain=heroin-support&environment=production&guid=fe38a29f-ac4b-42ab-b7b4-495ff100fe29&shop=heroin-support.myshopify.com
Requested by: Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-51.fra2.r.cloudfront.net
Software: /
Resource Hash: a23000c21d0ef59bb032e686cf346ed77d83fac27d7048205ded1a6e20460648

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: br
x-edge-origin-shield-skipped: 0
etag: W/"24586-ja25G46QL9zChbfE/vNm7A"
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
x-server: ImageKit.io
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: oLMAodhk7GDvjLaElhYqUrdIXbJQruOhIyx6alkncOoZ_XZz75UpZw==
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame 82E7
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

423 B
4 KB

206ms
205ms

Document
text/html

151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.0fd4729b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1731fb3688d8c61a7311bf0b1562e852fb9ac7d2985df4ab134159fe2475c44b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-1d9317083edf8bc237d677c9ff0ca09b' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com; media-src 'self' .pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=9923711489143428; frame-ancestors *
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.pinterest.de
:scheme: https
:path: /ct.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shop.heroinsupport.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
set-cookie: csrftoken=29111898944d2bac95752eca178c4aee; path=/; expires=Mon, 26 Sep 2022 12:03:59 GMT; samesite=lax; secure _pinterest_sess=TWc9PSY2LzA4anlBckdYZmV6TVB1RjMzVS93T1B2Sk15dlJoRWNhQWpWclM0L3VDcll0V1d6YUJmZytCZVJvSmpIdXVGSjl2T1Q5d3ZvRG55Tkw4dDFDM1d5bFRndTNJYjRHK3dPTWo1Tkl0a1FEbFlSenlhNHR4R2lqZldvbldxdUJsRSZOeE5icytUeUpJbjF5cURJdDNyUENSR3U3QUE9; path=/; expires=Wed, 21 Sep 2022 12:03:59 GMT; samesite=none; secure; httponly _auth=0; path=/; expires=Wed, 21 Sep 2022 12:03:59 GMT; secure; httponly _pinterest_referrer=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.pinterest.com _routing_id="bed7db63-9989-47de-be7e-fbf67940d2d0"; Max-Age=86400; Path=/; HttpOnly
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-1d9317083edf8bc237d677c9ff0ca09b' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=9923711489143428; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-1d9317083edf8bc237d677c9ff0ca09b' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
x-envoy-upstream-service-time: 105
content-encoding: gzip
referrer-policy: origin
x-pinterest-rid: 9923711489143428
date: Sun, 26 Sep 2021 12:03:59 GMT
vary: User-Agent, Accept-Encoding
x-cdn: fastly
pinterest-generated-by: coreapp-webapp-prod-0a03ba3f
pinterest-version: ac21edf

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
x-envoy-upstream-service-time: 105
content-encoding: gzip
referrer-policy: origin
set-cookie: _routing_id="c7958cbf-0271-4ecb-a8c1-14d9507402fe"; Max-Age=86400; Path=/; HttpOnly
x-pinterest-rid: 8288795500518898
date: Sun, 26 Sep 2021 12:03:59 GMT
vary: User-Agent, Accept-Encoding
x-cdn: fastly
pinterest-generated-by: coreapp-webapp-prod-0a011d72
pinterest-version: ac21edf

GET
H3 200 cart.js Show response
shop.heroinsupport.org/ 283 B
1 KB 157ms
156ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/cart.js?_=1632657836664

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83c1195e56dee82db7c5da22495df951938a87803f60ac0cd6a69fdcd7b1901f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1; _shopify_sa_t=2021-09-26T12%3A03%3A56.823Z; _shopify_sa_p=; shopify_pay_redirect=pending; _ga=GA1.2.851805355.1632657837; _gid=GA1.2.1978352179.1632657837; _gat=1; _gcl_au=1.1.2011839152.1632657837; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; _fbp=fb.1.1632657837277.141929649; _pin_unauth=dWlkPU5UTmtOak5tTVRBdE9XTTNNaTAwTmpSakxXSmtaamd0WlRJNE1XTXpOVGxsWVdGaA
:path: /cart.js?_=1632657836664
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.heroinsupport.org/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-shopid: 18295133
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:03:59 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 10 Oct 2021 12:03:59 GMT _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
x-request-id: ed3b63a0-cc67-428c-90fb-5b8b56bca576
cf-ray: 694c5a264cc56973-FRA
x-sorting-hat-podid: 57
x-cartjs-updatedat: 0

GET
H2 200 spr-2b44f6fc4993950d95c16d866d5effd0f42c22884d8f9ec5ef347045675aed11.css
productreviews.shopifycdn.com/assets/v4/ 17 KB
8 KB 8ms
7ms Stylesheet
text/css 2a04:4e42:800::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://productreviews.shopifycdn.com/assets/v4/spr-2b44f6fc4993950d95c16d866d5effd0f42c22884d8f9ec5ef347045675aed11.css

Requested by

Host: productreviews.shopifycdn.com
URL: https://productreviews.shopifycdn.com/assets/v4/spr.js?shop=heroin-support.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2b44f6fc4993950d95c16d866d5effd0f42c22884d8f9ec5ef347045675aed11

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1
age: 3034702
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
server-timing: processing;dur=0, socket_queue;dur=1.529
content-length: 8243
x-xss-protection: 1; mode=block
x-served-by: cache-bwi5138-BWI, cache-fra19126-FRA
referrer-policy: origin-when-cross-origin
last-modified: Thu, 19 Aug 2021 19:01:04 GMT
x-timer: S1632657839.122798,VS0,VE0
date: Sun, 26 Sep 2021 12:03:59 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-security-policy: default-src https: 'self'; font-src https: data: 'self'; frame-ancestors https: *.myshopify.com; img-src https: data: 'self'; object-src 'none'; script-src https: 'unsafe-eval' 'strict-dynamic'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
accept-ranges: bytes
x-cache-hits: 1, 21957

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 39ms
10ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: productreviews.shopifycdn.com
URL: https://productreviews.shopifycdn.com/assets/v4/spr.js?shop=heroin-support.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 14:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sun, 25 Sep 2022 14:23:41 GMT

POST
H2 200 produce
monorail-edge.shopifysvc.com/v1/ 0
480 B 136ms
136ms Ping
text/plain 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://shop.heroinsupport.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 4ab9bd58-ed5e-4b03-8fb8-afe0dc051f7e

GET
H/1.1 200
OK spm_load_config Show response
spm.hextom.com/ 885 B
825 B 466ms
134ms XHR
application/json 52.54.234.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://spm.hextom.com/spm_load_config?shop=heroin-support.myshopify.com
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.234.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-234-247.compute-1.amazonaws.com
Software: Apache/2.4.48 (Amazon) mod_wsgi/3.5 Python/3.6.12 /
Resource Hash: 583d91b997a39d3a6a6c76a18b9026cdcd74d3bb3aea6c8ceb0165c2cbbbf7f0

Request headers

Accept: application/json, text/plain, */*
Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 12:03:59 GMT
Content-Encoding: gzip
Server: Apache/2.4.48 (Amazon) mod_wsgi/3.5 Python/3.6.12
Vary: Accept-Encoding,Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://shop.heroinsupport.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 478

GET
H2 200 wallsh_extra.min.css
cdn.tabarn.app/cdn/automatic-discount/ 17 KB
4 KB 20ms
19ms Stylesheet
text/css 2606:4700:20::681a:643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tabarn.app/cdn/automatic-discount/wallsh_extra.min.css
Requested by: Host: cdn.tabarn.app
URL: https://cdn.tabarn.app/cdn/automatic-discount/wallsh_dp.min.js?shop=heroin-support.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c70d10f9de343b6df84f553f4417bd59cc965520141df9f8efc5965517382aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1386368
x-cache: Hit from cloudfront
content-encoding: br
last-modified: Fri, 10 Sep 2021 10:56:53 GMT
server: cloudflare
etag: W/"d22806f99696ba74a1984f063a5f555a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUSIS%2FIYGCvilnXNg8YjmN61154RzGatgiTwU3MhNCnFIdn4gwitej3RuLZPwhCrln5hiDgruenT3r5uK71OWz4uUsK5eaKZ2GDOekWvLxQ6RpNi0BH4xLFWOMkHjY0ro%2BaoO91iLv2KNMse"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
cf-ray: 694c5a273e2b176e-FRA
x-amz-cf-id: C1qw0t36tvxIifDgHcpuIXq28gfx0Pf_qsFpP3WyQp2SqtVjK9HNmQ==

GET
H2 200 widget.min.css
cdn1.stamped.io/files/ 111 KB
17 KB 9ms
9ms Stylesheet
text/css 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/widget.min.css
Requested by: Host: cdn-stamped-io.azureedge.net
URL: https://cdn-stamped-io.azureedge.net/files/widget.min.js?shop=heroin-support.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5810a31d0e0905e74e45920f55f97157d5be09282d03cdd7e1f0dc2785a5b6ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sun, 26 Sep 2021 12:03:58 GMT
content-encoding: br
last-modified: Wed, 01 Sep 2021 04:03:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D96CFD84F7D86D
x-azure-ref: 0r2FQYQAAAABe4rGrE4ToRYk8uF1jCghSRlJBRURHRTEwMTQAMmU1YmQ0MWUtZDQxZC00ZWI5LWFlMzMtZmI1ZDBlNWI5NzRj
x-cache: TCP_HIT
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: dc10fedc-e01e-00d2-491e-b02b37000000
cache-control: max-age=1209600
x-ms-version: 2009-09-19
x-azure-ref-originshield: 09txMYQAAAACinRTYEOrkToBsuWqP8n2TTE9OMjFFREdFMDEyMQAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=

GET
H2 200 getappkey Show response
stamped.io/api/ 85 B
354 B 510ms
163ms XHR
application/json 44.241.220.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stamped.io/api/getappkey?shopShopifyDomain=heroin-support.myshopify.com
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.220.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-220-182.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 43584589af625ff1cdd99c3268505d56bbe887300252cc9c6cb508daab82421e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:03:59 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-stackifyid: V1|85e0efa4-3914-4155-bc76-7d4560aeff72|C59064|CD1|
stamped: S2
content-length: 85
cache-control: no-cache
expires: -1

GET
H/1.1 200
OK fsb_get_bars Show response
fsb.hextom.com/ 105 B
412 B 413ms
99ms XHR
application/json 3.216.159.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fsb.hextom.com/fsb_get_bars?shop=heroin-support.myshopify.com
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.159.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-159-230.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) mod_wsgi/3.5 Python/3.6.12 /
Resource Hash: 1bbe85d71066c62cec39541db03448ef2c620c4a9c0653e8f2472e8102a2778e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 12:03:59 GMT
Server: Apache/2.4.46 (Amazon) mod_wsgi/3.5 Python/3.6.12
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://shop.heroinsupport.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 105

GET
H3 200 cart.js Show response
shop.heroinsupport.org/ 283 B
1 KB 148ms
148ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/cart.js?_=1632657836665

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0cc4893a88acbd261347947311c13d085e0fb3909b71bb8b14d4f58214c2add

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1; _shopify_sa_t=2021-09-26T12%3A03%3A56.823Z; _shopify_sa_p=; shopify_pay_redirect=pending; _ga=GA1.2.851805355.1632657837; _gid=GA1.2.1978352179.1632657837; _gat=1; _gcl_au=1.1.2011839152.1632657837; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; _fbp=fb.1.1632657837277.141929649; _pin_unauth=dWlkPU5UTmtOak5tTVRBdE9XTTNNaTAwTmpSakxXSmtaamd0WlRJNE1XTXpOVGxsWVdGaA; fsb_previous_pathname=/
:path: /cart.js?_=1632657836665
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.heroinsupport.org/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-shopid: 18295133
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:03:59 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 10 Oct 2021 12:03:59 GMT _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
x-request-id: 6c7f269d-7a8b-46cb-97eb-dd4ff4835bf4
cf-ray: 694c5a275f626973-FRA
x-sorting-hat-podid: 57
x-cartjs-updatedat: 0

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
141 B 150ms
150ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://shop.heroinsupport.org/
Bugsnag-Sent-At: 2021-09-26T12:03:59.285Z
Accept-Language: de-DE,de;q=0.9
Bugsnag-Api-Key: cf9e026218b227cf314a23f755ea6b87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sun, 26 Sep 2021 12:03:59 GMT
via: 1.1 google
bugsnag-session-uuid: 277d513d-87a3-435f-a531-bd735d596eef
alt-svc: clear
content-length: 21
content-type: application/json

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 181ms
149ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://shop.heroinsupport.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Sun, 26 Sep 2021 12:03:59 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

OPTIONS
H2 200 produce
monorail-edge.shopifysvc.com/v1/ Frame 0
0 344ms
119ms Preflight 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Protocol

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-monorail-edge-client-message-id,x-monorail-edge-event-created-at-ms,x-monorail-edge-event-sent-at-ms
Origin: https://shop.heroinsupport.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://shop.heroinsupport.org
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-dc: gcp-us-central1

POST
H2 200 produce
monorail-edge.shopifysvc.com/v1/ 0
0 112ms
111ms Fetch 104.198.248.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.248.251 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

251.248.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shop.heroinsupport.org/
X-Monorail-Edge-Event-Created-At-Ms: 1632657839310
X-Monorail-Edge-Event-Sent-At-Ms: 1632657839310
Accept-Language: de-DE,de;q=0.9
X-Monorail-Edge-Client-Message-Id: d3e2cf80-51ab-4682-9aca-a6c66329d74c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
x-dc: gcp-us-central1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://shop.heroinsupport.org
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 4cfac914-3a7f-4bec-bd74-c94ec7096b94

GET
H3 200 metas.ejs
shop.heroinsupport.org/tools/tabarnapp-ad/v1/ 0
1 KB 695ms
695ms Other
text/html 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/tools/tabarnapp-ad/v1/metas.ejs

Requested by

Host: cdn.tabarn.app
URL: https://cdn.tabarn.app/cdn/automatic-discount/wallsh_dp.min.js?shop=heroin-support.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1; _shopify_sa_t=2021-09-26T12%3A03%3A56.823Z; _shopify_sa_p=; shopify_pay_redirect=pending; _ga=GA1.2.851805355.1632657837; _gid=GA1.2.1978352179.1632657837; _gat=1; _gcl_au=1.1.2011839152.1632657837; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; _fbp=fb.1.1632657837277.141929649; _pin_unauth=dWlkPU5UTmtOak5tTVRBdE9XTTNNaTAwTmpSakxXSmtaamd0WlRJNE1XTXpOVGxsWVdGaA; fsb_previous_pathname=/
:path: /tools/tabarnapp-ad/v1/metas.ejs
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-request-trackable: false
x-shopify-stage: production
content-type: text/html; charset=utf-8
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
content-language: en
x-request-id: 4426e81b-b3e7-4c0b-88a5-bae7942c2ebc
vary: Accept-Encoding Accept
x-shopid: 18295133
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:04:00 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:34:00 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:04:00 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:03:59 GMT; secure; HttpOnly _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:34:00 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
cf-ray: 694c5a27d8d66973-FRA
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid: 57

GET
H3 200 cart.json
shop.heroinsupport.org/ 0
1 KB 151ms
151ms Other
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/cart.json

Requested by

Host: cdn.tabarn.app
URL: https://cdn.tabarn.app/cdn/automatic-discount/wallsh_dp.min.js?shop=heroin-support.myshopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1; _shopify_sa_t=2021-09-26T12%3A03%3A56.823Z; _shopify_sa_p=; shopify_pay_redirect=pending; _ga=GA1.2.851805355.1632657837; _gid=GA1.2.1978352179.1632657837; _gat=1; _gcl_au=1.1.2011839152.1632657837; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; _fbp=fb.1.1632657837277.141929649; _pin_unauth=dWlkPU5UTmtOak5tTVRBdE9XTTNNaTAwTmpSakxXSmtaamd0WlRJNE1XTXpOVGxsWVdGaA; fsb_previous_pathname=/
:path: /cart.json
pragma: no-cache
purpose: prefetch
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control: no-cache
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: application/json; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-shopid: 18295133
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:03:59 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 10 Oct 2021 12:03:59 GMT _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
x-request-id: 112dceb8-39e1-48a4-9cd3-73057686e913
cf-ray: 694c5a27d8d96973-FRA
x-sorting-hat-podid: 57
x-cartjs-updatedat: 0

GET
H2 200 /
discount-cache.tabarn.app/ 0
0 52ms
28ms Other
text/html 2606:4700:20::681a:643
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discount-cache.tabarn.app/
Requested by: Host: cdn.tabarn.app
URL: https://cdn.tabarn.app/cdn/automatic-discount/wallsh_dp.min.js?shop=heroin-support.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:643 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-allow-headers: X-Requested-With

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 12ms
11ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: cdn.tabarn.app
URL: https://cdn.tabarn.app/cdn/automatic-discount/wallsh_dp.min.js?shop=heroin-support.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 329495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4216
timing-allow-origin: *
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRwRMqyfAV3FLVNzik0HXFD6RKUQBnf7flDTrkX2HnpPKfEuNn8tdv7Dn1atXIyPq8JxGm3PmRdNCYOInIrFpi5J6RT8dD%2BHPKSm0tZ7hT57ec%2FXIceKxKOl%2BrCgAalugGzsJvahmbeQABOLdaLr56RO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 694c5a27cf4505b7-FRA
expires: Fri, 16 Sep 2022 12:03:59 GMT

GET
H2 200 pretty-checkbox.min.css
cdn.jsdelivr.net/npm/pretty-checkbox@3.0.3/dist/ 19 KB
3 KB 23ms
6ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/pretty-checkbox@3.0.3/dist/pretty-checkbox.min.css

Requested by

Host: cdn.tabarn.app
URL: https://cdn.tabarn.app/cdn/automatic-discount/wallsh_dp.min.js?shop=heroin-support.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b08d7830746349ff8a17d3234078ea1e46c33f0b1d29752484151d9c60a0d625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1456623
x-jsd-version: 3.0.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2728
etag: W/"4b56-fF0noLObvYApNnMFBFgmODIkGTo"
x-served-by: cache-fra19138-FRA
x-jsd-version-type: version
date: Sun, 26 Sep 2021 12:03:59 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sweetalert2.min.css
cdn.jsdelivr.net/npm/sweetalert2@9.10.9/dist/ 24 KB
4 KB 7ms
7ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@9.10.9/dist/sweetalert2.min.css

Requested by

Host: cdn.tabarn.app
URL: https://cdn.tabarn.app/cdn/automatic-discount/wallsh_dp.min.js?shop=heroin-support.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

611d5fac12fdd1a8e90a2e22c2157ce2caa2f90b8d9af3d93f3854b409cf4774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1456623
x-jsd-version: 9.10.9
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4270
etag: W/"6177-V/pYZDT83lv2tjr8pn4pGFJ6KYA"
x-served-by: cache-fra19138-FRA
x-jsd-version-type: version
date: Sun, 26 Sep 2021 12:03:59 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 notie.min.css
cdn.jsdelivr.net/npm/notie@4.3.1/dist/ 2 KB
701 B 6ms
6ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/notie@4.3.1/dist/notie.min.css

Requested by

Host: cdn.tabarn.app
URL: https://cdn.tabarn.app/cdn/automatic-discount/wallsh_dp.min.js?shop=heroin-support.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

91a7dc14a31c8e47b24df8c1a31f77c8fe4f90240dbdfe06cc0968bc9c93282b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1456623
x-jsd-version: 4.3.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 622
etag: W/"6f5-czt8y7g9GjGMjisK+cfYowPsXkg"
x-served-by: cache-fra19138-FRA
x-jsd-version-type: version
date: Sun, 26 Sep 2021 12:03:59 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 metas.ejs Show response
shop.heroinsupport.org/tools/tabarnapp-ad/v1/ 23 B
1 KB 516ms
515ms Fetch
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/tools/tabarnapp-ad/v1/metas.ejs

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1279dfc44a239b504bcfdfa3e34cb58da9636d25efcdc192c0e4c00e4b4182a6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1; _shopify_sa_t=2021-09-26T12%3A03%3A56.823Z; _shopify_sa_p=; shopify_pay_redirect=pending; _ga=GA1.2.851805355.1632657837; _gid=GA1.2.1978352179.1632657837; _gat=1; _gcl_au=1.1.2011839152.1632657837; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; _fbp=fb.1.1632657837277.141929649; _pin_unauth=dWlkPU5UTmtOak5tTVRBdE9XTTNNaTAwTmpSakxXSmtaamd0WlRJNE1XTXpOVGxsWVdGaA; fsb_previous_pathname=/
:path: /tools/tabarnapp-ad/v1/metas.ejs
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: application/json
cache-control: no-cache
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json
Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-request-trackable: false
x-shopify-stage: production
content-type: application/json; charset=utf-8
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
vary: Accept-Encoding Accept
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
content-language: en
x-request-id: 33e2e3c9-ec20-4aca-90bb-46b40af1b9cb
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-shopid: 18295133
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:03:59 GMT; secure; HttpOnly _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
cf-ray: 694c5a285a8d6973-FRA
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid: 57

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 82E7 0
3 KB 132ms
132ms Other
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=9923711489143428

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-f9be1fb53aa2879e18888d1b31ab8441' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com; media-src 'self' .pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1398338111193967; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
pinterest-generated-by: coreapp-webapp-prod-0a0112d0
x-cdn: fastly
content-security-policy-report-only: script-src 'nonce-f9be1fb53aa2879e18888d1b31ab8441' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 28
x-pinterest-rid: 1398338111193967
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Sun, 26 Sep 2021 12:03:59 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
vary: User-Agent, Accept-Encoding
pinterest-version: ac21edf
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-f9be1fb53aa2879e18888d1b31ab8441' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1398338111193967; frame-ancestors 'self'
timing-allow-origin: https://www.pinterest.de

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 82E7 0
3 KB 128ms
128ms Other
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-428295b12713b8c07056f4818c619221' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com; media-src 'self' .pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7299704289903467; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
pinterest-generated-by: coreapp-webapp-prod-0a011bbd
x-cdn: fastly
content-security-policy-report-only: script-src 'nonce-428295b12713b8c07056f4818c619221' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 28
x-pinterest-rid: 7299704289903467
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Sun, 26 Sep 2021 12:03:59 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
vary: User-Agent, Accept-Encoding
pinterest-version: ac21edf
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-428295b12713b8c07056f4818c619221' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7299704289903467; frame-ancestors 'self'
timing-allow-origin: https://www.pinterest.de

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 82E7 0
3 KB 133ms
133ms Other
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-a6995ae76873f741113d7942854a5238' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com; media-src 'self' .pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4501856110399130; frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
pinterest-generated-by: coreapp-webapp-prod-0a03c541
x-cdn: fastly
content-security-policy-report-only: script-src 'nonce-a6995ae76873f741113d7942854a5238' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 32
x-pinterest-rid: 4501856110399130
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Sun, 26 Sep 2021 12:03:59 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
vary: User-Agent, Accept-Encoding
pinterest-version: ac21edf
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-a6995ae76873f741113d7942854a5238' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4501856110399130; frame-ancestors 'self'
timing-allow-origin: https://www.pinterest.de

GET
H2 200 Hextom-logo-power-by.png
cdn2.hextom.com/img/spm_img/ 2 KB
3 KB 15ms
14ms Image
image/png 2600:9000:20eb:2a00:c:cd6:6900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hextom.com/img/spm_img/Hextom-logo-power-by.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2a00:c:cd6:6900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8e4110bf4768199cd05def7c278288da4e7a02dc9c9594b88178f553cfebc67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 08:18:36 GMT
via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jan 2021 23:18:44 GMT
server: AmazonS3
age: 13801
etag: "00a871fc56ed5a44a161602872c1462a"
x-edge-origin-shield-skipped: 0
content-type: image/png
cache-control: max-age=86400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2258
x-amz-cf-id: xw06wS8GMfz8xocsTPBRX_bP8FPIb6gk7CE_Ri0oqQPtZHPNGyGDqQ==

GET
H3 200 cart.js Show response
shop.heroinsupport.org/ 283 B
802 B 31ms
31ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/cart.js?_=1632657836666

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f5189ec9deab03c85bf30d7c632fd6ecfd3d8d6fad60e5cdee0aef3678823ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1; _shopify_sa_t=2021-09-26T12%3A03%3A56.823Z; _shopify_sa_p=; shopify_pay_redirect=pending; _ga=GA1.2.851805355.1632657837; _gid=GA1.2.1978352179.1632657837; _gat=1; _gcl_au=1.1.2011839152.1632657837; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; _fbp=fb.1.1632657837277.141929649; _pin_unauth=dWlkPU5UTmtOak5tTVRBdE9XTTNNaTAwTmpSakxXSmtaamd0WlRJNE1XTXpOVGxsWVdGaA; fsb_previous_pathname=/
:path: /cart.js?_=1632657836666
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.heroinsupport.org/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-storefront-renderer-rendered: 1
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
content-type: application/json; charset=utf-8
x-request-id: ec21ba9b-21b6-4e5d-89b7-583e00fb5883
cache-control: no-cache, no-store
cf-ray: 694c5a29fef66973-FRA
x-sorting-hat-podid: 57

GET
H3 200 cart.json Show response
shop.heroinsupport.org/ 283 B
1 KB 158ms
158ms XHR
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/cart.json

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a087145e9246e4a22f6019802bfb20f26fb2a5d16c67ce113258d779474150e1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1; _shopify_sa_t=2021-09-26T12%3A03%3A56.823Z; _shopify_sa_p=; shopify_pay_redirect=pending; _ga=GA1.2.851805355.1632657837; _gid=GA1.2.1978352179.1632657837; _gat=1; _gcl_au=1.1.2011839152.1632657837; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; _fbp=fb.1.1632657837277.141929649; _pin_unauth=dWlkPU5UTmtOak5tTVRBdE9XTTNNaTAwTmpSakxXSmtaamd0WlRJNE1XTXpOVGxsWVdGaA; fsb_previous_pathname=/
:path: /cart.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.heroinsupport.org/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: application/json; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-shopid: 18295133
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:03:59 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 10 Oct 2021 12:03:59 GMT _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:03:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:33:59 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
x-request-id: 8ae56b5f-f999-42cf-a085-26f927339ad1
cf-ray: 694c5a2a0f136973-FRA
x-sorting-hat-podid: 57
x-cartjs-updatedat: 0

POST
H2 200 multi Show response
stats.zotabox.com/api/1.0/event/ 0
330 B 1025ms
989ms XHR
text/plain 2606:4700:10::6816:37d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.zotabox.com/api/1.0/event/multi
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 26 Sep 2021 12:04:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 694c5a2a9bbac2b8-FRA
access-control-allow-headers: Content-Type

OPTIONS
H2 200 batch
stamped.io/api/widget/reviews/ Frame 0
0 163ms
163ms Preflight 44.241.220.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stamped.io/api/widget/reviews/batch
Protocol: H2
Server: 44.241.220.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-220-182.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shop.heroinsupport.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-stackifyid: V1|6d6e02e3-6813-4a1e-889c-ecfc508d4b6a|C59064|CD1|
access-control-allow-origin: https://shop.heroinsupport.org
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-max-age: 300
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
stamped: S2

GET
H2 200 css
fonts.googleapis.com/ 5 KB
771 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39047cc5b6753837a60ff903ec8e56d38407d2f2aee6d5dde4c74ef45cfcef0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Sep 2021 10:12:00 GMT
server: ESF
date: Sun, 26 Sep 2021 12:03:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Sep 2021 12:03:59 GMT

POST batch
stamped.io/api/widget/reviews/ 0
0

GET
H2 200 heroin-support.myshopify.com Show response
discount-cache.tabarn.app/ad_download_config/ 2 KB
2 KB 1733ms
1733ms Fetch
application/json 2606:4700:20::ac43:4a13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discount-cache.tabarn.app/ad_download_config/heroin-support.myshopify.com?&cb=none_2721096

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a97b53de9814182ca7503bd916bf70f8d9e4eaa568160f7802db0023ee6f2ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json
Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 26 Sep 2021 12:04:02 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
referrer-policy: no-referrer
last-modified: Sun, 26 Sep 2021 12:04:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g399mAtvt7gLc1gGXTIP4LGOl49ssjCjf9i8yc8HS%2FRfPGCkfFCq0ObQgi8s7EdfA1Xz5UZ1ChRKEwDa0smv3MMJWIR%2BHvaHPWt760xoArwaoQvFhKFlaCTsDdVcXUr%2BKxdyhIlIkQIsVu28tj%2ByAq8x0wrR8BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 694c5a2f3d811f25-FRA
access-control-allow-headers: X-Requested-With

OPTIONS
H2 204 heroin-support.myshopify.com
discount-cache.tabarn.app/ad_download_config/ Frame 0
0 580ms
542ms Preflight 2606:4700:20::ac43:4a13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discount-cache.tabarn.app/ad_download_config/heroin-support.myshopify.com?&cb=none_2721096

Protocol

Server

2606:4700:20::ac43:4a13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://shop.heroinsupport.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 26 Sep 2021 12:04:00 GMT
access-control-allow-origin: *
referrer-policy: no-referrer
access-control-allow-headers: origin, x-csrftoken, content-type, accept, X-Requested-With
access-control-allow-methods: *
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMk%2BW2C2WBzjcmlrp94MN0y9jgjSUlqhte%2BS0x0MuKzE1fMnUAWyv8CDa9rNxFSfNB6Hk%2F75Um1Bx0jqr%2FcDh%2FGfNBwyLRZGGMVdNpaxT23SYFcGjOos9%2FUAv4UMsUTDiNKcI%2BBpo48gsp7GpivMOFxD5hruusQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 694c5a2bc8901f25-FRA

GET
H2 200 heroin-support-fundraiser.json Show response
secure.givelively.org/donations/heroin-support-inc/ Frame ACC9 61 B
579 B 336ms
335ms XHR
application/json 13.225.78.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser.json?last_donation_date=2020-06-22T22:05:30.000Z

Requested by

Host: members.givelively.org
URL: https://members.givelively.org/packs/js/smart-donations-bundle-98409d480af01fb774d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-56.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

ae9947adcc62dd84085a0c7cea9d8b78e46bfec8c7709aa45a2768c6a66fb1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.givelively.org/donations/heroin-support-inc/heroin-support-fundraiser
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:03:59 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin
server: Cowboy
x-edge-origin-shield-skipped: 0
etag: W/"ae9947adcc62dd84085a0c7cea9d8b78"
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
via: 1.1 vegur, 1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-pop: FRA2-C2
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: jUsmptCk0vRcL66jbx5e_jKFMheeYa21-hDMXIrfCOQWYXM0ya_9QA==
x-request-id: ca20390d-5a86-4cc7-9623-324761bc0d82

OPTIONS
H2 200 /
cdn.pushowl.com/config/api/v1/heroin-support/subscriber/config/widget/ Frame 0
0 124ms
108ms Preflight 13.225.78.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/config/api/v1/heroin-support/subscriber/config/widget/?guid=fe38a29f-ac4b-42ab-b7b4-495ff100fe29&platform=shopify
Protocol: H2
Server: 13.225.78.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-51.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://shop.heroinsupport.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
access-control-allow-methods: *
access-control-allow-headers: *
cache-control: public, s-maxage=15552000, max-age=15552000
date: Sun, 26 Sep 2021 12:04:00 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: w3Uh6Q1-DQcHYAXZUsBTlJY-UpMEVl7VvGynipk49tt4CA9AH2Z2Hw==

GET
H2 200 / Show response
cdn.pushowl.com/config/api/v1/heroin-support/subscriber/config/widget/ 2 KB
2 KB 336ms
336ms XHR
application/json 13.225.78.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushowl.com/config/api/v1/heroin-support/subscriber/config/widget/?guid=fe38a29f-ac4b-42ab-b7b4-495ff100fe29&platform=shopify
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-51.fra2.r.cloudfront.net
Software: /
Resource Hash: aabaf525a8c5365b76ef8bb40c2da64a5ba515144eb2ad532adc7b2a2fecddb0

Request headers

Accept: application/json
Referer: https://shop.heroinsupport.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 26 Sep 2021 12:04:00 GMT
content-encoding: gzip
x-edge-origin-shield-skipped: 0
etag: W/"93e-fq0IymnlheofoOqES3hXkA"
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
x-amz-cf-pop: FRA2-C2
timing-allow-origin: *
x-amz-cf-id: YWwJeKMoQBBl-XLZb5_R-pmf-oweLIHMDy29HVM-dj3ucNBj_LGQow==
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)

GET
H3 200 cart.js Show response
shop.heroinsupport.org/ 283 B
1 KB 152ms
152ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/cart.js?_=1632657836667

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

635375c336ffde24b571e9acc5ad394bcefcf1d6f480e6695f4032c6996b4f7c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1; _shopify_sa_t=2021-09-26T12%3A03%3A56.823Z; _shopify_sa_p=; shopify_pay_redirect=pending; _ga=GA1.2.851805355.1632657837; _gid=GA1.2.1978352179.1632657837; _gat=1; _gcl_au=1.1.2011839152.1632657837; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; _fbp=fb.1.1632657837277.141929649; _pin_unauth=dWlkPU5UTmtOak5tTVRBdE9XTTNNaTAwTmpSakxXSmtaamd0WlRJNE1XTXpOVGxsWVdGaA; fsb_previous_pathname=/; po_visitor=yM-gjyrZ_3CU
:path: /cart.js?_=1632657836667
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.heroinsupport.org/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-shopid: 18295133
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:04:00 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 10 Oct 2021 12:04:00 GMT _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:04:00 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:34:00 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:04:00 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:34:00 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
x-request-id: 8b0ee4bf-628e-453f-be94-68b5f384eace
cf-ray: 694c5a2eece06973-FRA
x-sorting-hat-podid: 57
x-cartjs-updatedat: 0

POST
H/1.1 200
OK / Show response
sentry.io/api/2530294/store/ Frame ACC9 41 B
451 B 460ms
114ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/2530294/store/?sentry_key=ff1501bc43514145a38d52d0feb24672&sentry_version=7

Requested by

Host: members.givelively.org
URL: https://members.givelively.org/packs/js/smart-donations-bundle-98409d480af01fb774d7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

4cdfe57d9b73838fb3ddb1d528867a3493598fa905837df2e7b0381780933505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://secure.givelively.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 26 Sep 2021 12:04:00 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://secure.givelively.org
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 41

GET
H3 200 cart.js Show response
shop.heroinsupport.org/ 283 B
1 KB 164ms
164ms XHR
text/javascript 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/cart.js?_=1632657836668

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2428072b9dd3e5f45a9de279b8966dbf19004cd637f6eb395199aa98742c889

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1; _shopify_sa_t=2021-09-26T12%3A03%3A56.823Z; _shopify_sa_p=; shopify_pay_redirect=pending; _ga=GA1.2.851805355.1632657837; _gid=GA1.2.1978352179.1632657837; _gat=1; _gcl_au=1.1.2011839152.1632657837; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; _fbp=fb.1.1632657837277.141929649; _pin_unauth=dWlkPU5UTmtOak5tTVRBdE9XTTNNaTAwTmpSakxXSmtaamd0WlRJNE1XTXpOVGxsWVdGaA; fsb_previous_pathname=/; po_visitor=yM-gjyrZ_3CU
:path: /cart.js?_=1632657836668
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shop.heroinsupport.org/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:04:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-shopid: 18295133
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:04:00 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 10 Oct 2021 12:04:00 GMT _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:04:00 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:34:00 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:04:00 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:34:00 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
x-request-id: 9655fb6a-d499-495f-8ef6-1c5190137732
cf-ray: 694c5a30da376973-FRA
x-sorting-hat-podid: 57
x-cartjs-updatedat: 0

GET widget.css
staticw2.yotpo.com/aLN4Ll32fV6Z9NBLnbyPvfdAxFBdat1o8Sa974nX/ 0
0

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 59ms
8ms Image
image/gif 52.29.166.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=Heroin%20Support%20Fundraiser%20%E2%80%93%20HeroinSupport.org&se_va=aLN4Ll32fV6Z9NBLnbyPvfdAxFBdat1o8Sa974nX&cx=eyJwdl91dWlkIjo5OTEzOTY5Mjl9&dtm=1632657840874&tid=465235&vp=1600x1200&ds=1600x5345&vid=1&duid=c463f1028e3d629b&p=web&tv=js-0.13.2&fp=560948675&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fshop.heroinsupport.org%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.166.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-166-16.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 12:04:00 GMT
Cache-Control: max-age=86400, private
Expires: Mon, 27 Sep 2021 12:04:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/ Frame ACC9 83 KB
31 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDn7Z0DbkWJFqEs5NdeekLXvZ6a-JDGCsY&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f065d8408432842271dab54c2b2938ddcfe0cd0466139af9e0fcf5f89dd4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 18:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31127
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 21:29:58 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="maps-api-js"
expires: Thu, 22 Sep 2022 18:32:25 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/ Frame ACC9 294 KB
90 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDn7Z0DbkWJFqEs5NdeekLXvZ6a-JDGCsY&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54bc11342d941c2dca37e01a11ab4c1b05aa6da56cd221bc77616629330809da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 18:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91919
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 21:29:58 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="maps-api-js"
expires: Thu, 22 Sep 2022 18:32:25 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame ACC9 62 B
209 B 51ms
51ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fsecure.givelively.org%2Fdonations%2Fheroin-support-inc%2Fheroin-support-fundraiser&4sAIzaSyDn7Z0DbkWJFqEs5NdeekLXvZ6a-JDGCsY&callback=_xdc_._excv92&key=AIzaSyDn7Z0DbkWJFqEs5NdeekLXvZ6a-JDGCsY&token=95186

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/6/intl/de_ALL/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

7bc24df181ca0f5ad5e37e7e0155fc90111372524f7477a0a296a4464f7bbcc7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.givelively.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Sep 2021 12:04:02 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cart.json Show response
shop.heroinsupport.org/ 283 B
1 KB 161ms
161ms Fetch
application/json 23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.heroinsupport.org/cart.json

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

482ad0696ec24e735f15236fa90352d9f8019292354dcf831ea1577b46ce4ae6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:path: /cart.json
pragma: no-cache
cookie: secure_customer_sig=; cart_currency=USD; _orig_referrer=; _landing_page=%2F; _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; _hjid=b9cb6c22-2510-4cba-802b-f127a5aa19c9; _hjFirstSeen=1; _shopify_sa_t=2021-09-26T12%3A03%3A56.823Z; _shopify_sa_p=; shopify_pay_redirect=pending; _ga=GA1.2.851805355.1632657837; _gid=GA1.2.1978352179.1632657837; _gat=1; _gcl_au=1.1.2011839152.1632657837; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _hjIncludedInSessionSample=1; _fbp=fb.1.1632657837277.141929649; _pin_unauth=dWlkPU5UTmtOak5tTVRBdE9XTTNNaTAwTmpSakxXSmtaamd0WlRJNE1XTXpOVGxsWVdGaA; fsb_previous_pathname=/; po_visitor=yM-gjyrZ_3CU; _sp_id.058f=c463f1028e3d629b.1632657841.1.1632657841.1632657841; _sp_ses.058f=*
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: shop.heroinsupport.org
referer: https://shop.heroinsupport.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shop.heroinsupport.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 12:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
x-permitted-cross-domain-policies: none
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-shopify-stage: production
content-type: application/json; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 18295133
x-shardid: 57
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/shopify"}]}
x-shopid: 18295133
x-download-options: noopen
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
set-cookie: secure_customer_sig=; path=/; expires=Mon, 26 Sep 2022 12:04:02 GMT; secure; HttpOnly cart_currency=USD; path=/; expires=Sun, 10 Oct 2021 12:04:02 GMT _y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:04:02 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:34:02 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_y=ad7742e4-fa6a-4b39-90ff-46c32210b417; Expires=Mon, 26-Sep-22 12:04:02 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax _shopify_s=e1cf81fd-d694-4fea-a9f6-17b2ee0e035a; Expires=Sun, 26-Sep-21 12:34:02 GMT; Domain=heroinsupport.org; Path=/; SameSite=Lax
x-request-id: c8ab80a2-c6bd-4824-ab4f-61d6aa003692
cf-ray: 694c5a3a19e76973-FRA
x-sorting-hat-podid: 57
x-cartjs-updatedat: 0

GET smart_cart_liquid.ejs
shop.heroinsupport.org/tools/tabarnapp-ad/v1/default,dealIds/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stamped.io
URL: https://stamped.io/api/widget/reviews/batch

Domain: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/aLN4Ll32fV6Z9NBLnbyPvfdAxFBdat1o8Sa974nX/widget.css?widget_version=2021-09-23_12-59-05

Domain: shop.heroinsupport.org
URL: https://shop.heroinsupport.org/tools/tabarnapp-ad/v1/default,dealIds/smart_cart_liquid.ejs

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
shop.heroinsupport.org/	1970-01-20 06:16:33	Name: secure_customer_sig Value:
shop.heroinsupport.org/	1970-01-19 21:51:07	Name: cart_currency Value: USD
.heroinsupport.org/	1970-01-19 21:51:07	Name: _orig_referrer Value:
.heroinsupport.org/	1970-01-19 21:51:07	Name: _landing_page Value: %2F
.heroinsupport.org/	1970-01-20 06:16:33	Name: _y Value: ad7742e4-fa6a-4b39-90ff-46c32210b417
.heroinsupport.org/	1970-01-19 21:30:59	Name: _s Value: e1cf81fd-d694-4fea-a9f6-17b2ee0e035a
.heroinsupport.org/	1970-01-20 06:16:33	Name: _shopify_y Value: ad7742e4-fa6a-4b39-90ff-46c32210b417
.heroinsupport.org/	1970-01-19 21:30:59	Name: _shopify_s Value: e1cf81fd-d694-4fea-a9f6-17b2ee0e035a
.heroinsupport.org/	1970-01-20 06:16:33	Name: _hjid Value: b9cb6c22-2510-4cba-802b-f127a5aa19c9
.heroinsupport.org/	1970-01-19 21:30:59	Name: _hjFirstSeen Value: 1
.heroinsupport.org/	1970-01-19 21:30:59	Name: _shopify_sa_t Value: 2021-09-26T12%3A03%3A56.823Z
.heroinsupport.org/	1970-01-19 21:30:59	Name: _shopify_sa_p Value:
shop.heroinsupport.org/	1970-01-19 21:31:01	Name: shopify_pay_redirect Value: pending
.heroinsupport.org/	1970-01-20 15:02:09	Name: _ga Value: GA1.2.851805355.1632657837
.heroinsupport.org/	1970-01-19 21:32:24	Name: _gid Value: GA1.2.1978352179.1632657837
.heroinsupport.org/	1970-01-19 21:30:57	Name: _gat Value: 1
.heroinsupport.org/	1970-01-19 23:40:33	Name: _gcl_au Value: 1.1.2011839152.1632657837
.google.com/	1970-01-20 01:54:29	Name: NID Value: 511=vH2pDCmqiNgcrhZfj1KYnioPucw7_TZ_2Dy1NDVj6_Op-MKoNuJAEXmZ_thj19C2LnsD2A3QhsqKj3Z7q-ni4AJs8w1Vuk1YwU7iXvtCpzkTWPjnh_4lo7zvWPNVm46peg1RaANWKLe1TYO1Bx5KbO88hs4DGEkWEJGFf-v_uD4
shop.heroinsupport.org/	1970-01-19 21:30:57	Name: _hjIncludedInPageviewSample Value: 1
.heroinsupport.org/	1970-01-19 21:30:59	Name: _hjAbsoluteSessionInProgress Value: 0
shop.heroinsupport.org/	1970-01-19 21:30:57	Name: _hjIncludedInSessionSample Value: 1
.heroinsupport.org/	1970-01-19 23:40:33	Name: _fbp Value: fb.1.1632657837277.141929649
.ct.pinterest.com/	1970-01-20 06:16:33	Name: _pinterest_ct_ua Value: "TWc9PSY0UkhZWC9tS0JLUkc2OGp5bmJycmVSVzRpcnpzNC9WQ2tpZDRwdW00M0RRNUkrNGltMWN4QkZWdE9FRFp3dERPT2Z2Zk1GTkp4WnVtb0J1L21KUFRLYW80SG5VRndKZ3o2cStWaGlnbVRoST0mSW5YWXdrdGl6ak5tajNBRmE5ZHV4MlNUOFhVPQ=="
.doubleclick.net/	1970-01-20 06:52:33	Name: IDE Value: AHWqTUlPL7Oj4eEWUExUu46vvEojskTZLDT1eLhSyODO5IyvKZJZNZ9lJPeyAqZD
.shop.heroinsupport.org/	1970-01-20 06:16:33	Name: _pin_unauth Value: dWlkPU5UTmtOak5tTVRBdE9XTTNNaTAwTmpSakxXSmtaamd0WlRJNE1XTXpOVGxsWVdGaA
m.stripe.com/	1970-01-20 15:02:09	Name: m Value: c1422e7d-aee8-42e2-b2d4-d23d3d0d09ffb34286
.boldapps.net/	1970-01-19 21:30:59	Name: __cf_bm Value: JgZj74ff15U1sPZk.fmhw57Sk5jpRXYsgKZBuPoeUGg-1632657839-0-ASDwEH9DzWQw6phPQibrvWBhP+ei2npa2nDSYaf59yZxFCHA2UFpdOoVZX2O/yjj78ZcAGW4oJT7TD0LgeOz77U=
shop.heroinsupport.org/	1969-12-31 23:59:59	Name: fsb_previous_pathname Value: /
www.pinterest.de/	1970-01-20 06:09:21	Name: _pinterest_sess Value: TWc9PSY2LzA4anlBckdYZmV6TVB1RjMzVS93T1B2Sk15dlJoRWNhQWpWclM0L3VDcll0V1d6YUJmZytCZVJvSmpIdXVGSjl2T1Q5d3ZvRG55Tkw4dDFDM1d5bFRndTNJYjRHK3dPTWo1Tkl0a1FEbFlSenlhNHR4R2lqZldvbldxdUJsRSZOeE5icytUeUpJbjF5cURJdDNyUENSR3U3QUE9
shop.heroinsupport.org/	1970-01-19 21:32:24	Name: po_visitor Value: yM-gjyrZ_3CU
shop.heroinsupport.org/	1970-01-20 15:02:09	Name: _sp_id.058f Value: c463f1028e3d629b.1632657841.1.1632657841.1632657841
shop.heroinsupport.org/	1970-01-19 21:30:59	Name: _sp_ses.058f Value: *
.yotpo.com/	1970-01-20 06:16:33	Name: pixel Value: a0964dd7-836f-4e70-6ac5-10fb7b67b423

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.shopify.com/s/files/1/1829/5133/t/6/assets/bold-upsell-custom.css?866 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secure.givelively.org/double_the_donation_api_key/acb73907-c7f4-452b-8067-91ffff5b0d31 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-1d9317083edf8bc237d677c9ff0ca09b' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-js.datadome.co
api.getvop.com
apis.google.com
c.getvop.com
cdn-stamped-io.azureedge.net
cdn.codeblackbelt.com
cdn.getvop.com
cdn.heapanalytics.com
cdn.hextom.com
cdn.jsdelivr.net
cdn.pushowl.com
cdn.shopify.com
cdn.tabarn.app
cdn1.stamped.io
cdn2.hextom.com
cdnjs.cloudflare.com
code.tidio.co
connect.facebook.net
ct.pinterest.com
discount-cache.tabarn.app
fonts.googleapis.com
fonts.gstatic.com
fsb.hextom.com
googleads.g.doubleclick.net
heapanalytics.com
images.givelively.org
in.hotjar.com
js.datadome.co
js.stripe.com
loox.io
m.stripe.com
m.stripe.network
maps.googleapis.com
members.givelively.org
monorail-edge.shopifysvc.com
p.yotpo.com
pay.google.com
play.google.com
polyfill.io
productreviews.shopifycdn.com
q.stripe.com
r.stripe.com
s.pinimg.com
script.hotjar.com
sdk-static.loyaltylion.net
sdk.loyaltylion.net
secure.givelively.org
sentry.io
sessions.bugsnag.com
shipping-bar-cdn.shopstorm.com
shop.app
shop.heroinsupport.org
spm.hextom.com
stamped.io
static.hotjar.com
static.zotabox.com
staticw2.yotpo.com
stats.g.doubleclick.net
stats.zotabox.com
upsell-now.herokuapp.com
upsells.boldapps.net
use.fontawesome.com
vars.hotjar.com
widget-v4.tidiochat.com
www.codeblackbelt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.pinterest.com
www.pinterest.de
shop.heroinsupport.org
stamped.io
staticw2.yotpo.com
104.198.248.251
104.75.88.209
13.224.193.11
13.224.193.116
13.224.193.28
13.224.193.38
13.224.193.78
13.225.78.103
13.225.78.46
13.225.78.51
13.225.78.56
13.225.78.67
142.250.185.98
151.101.0.84
151.101.64.176
172.67.72.223
18.159.15.241
23.227.38.33
23.227.38.74
2600:1901:0:7a0b::
2600:9000:20eb:2a00:c:cd6:6900:93a1
2600:9000:20eb:f600:1:427b:a440:93a1
2600:9000:21f3:7c00:1f:123e:c280:93a1
2606:4700:10::6816:21ac
2606:4700:10::6816:36d8
2606:4700:10::6816:37d8
2606:4700:20::681a:643
2606:4700:20::ac43:4703
2606:4700:20::ac43:498a
2606:4700:20::ac43:4a13
2606:4700:3031::ac43:d645
2606:4700:3033::ac43:9cd1
2606:4700:3037::6815:20ed
2606:4700::6810:135e
2606:4700::6810:6d12
2620:1ec:46::44
2620:1ec:bdf::44
2a00:1450:4001:800::2003
2a00:1450:4001:800::200a
2a00:1450:4001:801::200a
2a00:1450:4001:803::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c01::9d
2a00:1450:400c:c0b::5c
2a02:26f0:6c00:28f::1931
2a02:26f0:6c00:294::1d72
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:600::485
2a04:4e42:800::268
2a04:4e42:800::282
3.216.159.230
3.87.166.65
35.188.42.15
44.241.220.182
52.29.166.16
52.54.234.247
54.146.248.82
54.186.23.98
54.186.42.192
54.209.91.188
54.78.108.238
0191364dfecae2fea3d891eda93691591e5fd626b7a50c64485af794ecac174d
05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c
077f27ecf229e754258d45c5bcbf5792c4213f6418f9c60e4503fbd171b3231d
08667d9358a79eb51311832d60b702b5a9587d136479439053ff027001ad9b06
0a82438b2cf140e255e0b15311c920d5321f451e5808b88a735ccfac357ea6d5
0b325af4971224bbc65f588b5d98e6995d83b5eee22cf171aca438225f95eca5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bd9f0e659d439ddbdfb4b1f7f176a307ba7a23a8fbcae43a56edc9b54ab0e2a
0d79b8b4e0935251ea3a809db93328be7aaf0fed1600048d59afac3970d43996
0da4d013c46f950570b4c3abae8406515e1ee17a48385094d7a4e78fc78bffd6
1080db8f515dadc3e1b1cee70fc8cee36fefeb0803c252185e731c5f97bcff6d
108b1dcb4850efb013c2484f9fc90c5fc0aa950771ca38f2ebd5f5470f0ac1ca
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fc9972aee852e4c7d4badb5f5b0767452bafa6c2a1ebadf9aa74a7bf0f58ab
11ba4ab958e245b5c72c2da95f5c81a8fd305094e627f51211a9e7a88f665e96
1279dfc44a239b504bcfdfa3e34cb58da9636d25efcdc192c0e4c00e4b4182a6
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00
13eea62a61518ed68dd0ffcd7fec169f0538b8f44f2802136eef509cdb4a0f55
14a2f762fa3691ca4f808cf9ac6372709633894fcee69df1bf0841882d0cbacc
14b07d6b4dd41536f9deb40dc3eb7eef42c1e1bc2a3c73b171c0e5d20418504c
16859ca0c3c2396324e5be9a2c319d322febc9f41d2742bcfe11724f05868a9b
1731fb3688d8c61a7311bf0b1562e852fb9ac7d2985df4ab134159fe2475c44b
1973c565452586f0755b4195cbb55355daea22cec3549dbc41460a4452802ae8
1bbe85d71066c62cec39541db03448ef2c620c4a9c0653e8f2472e8102a2778e
1c70d10f9de343b6df84f553f4417bd59cc965520141df9f8efc5965517382aa
1c850bc198d33f7b0ec794d98eb3557fc5b3a46d3db1e5da56cbb9face202100
1dc230248c5c46df04bdfc573de5bb6f98a91da775902040c2049de3303abee7
1e4316066121d4fe181e0bbdd328ee45e9514a585bbee3f5878f159f6acd05fb
1ec0134d926fbbe46e912c369e68edada913447a49201bb58d397a85ad9f9859
239a4e5173d8dee5871385d097646cfbf3527dfa09e1f363d5c1562597d895c5
247c313ca1e5ee9f9248cdfdf25cb6723974c6fad0daee91827fb85a6d1938dc
259d13726619f9589930734713651e8c2de59ce474a3c1c7b92422dd960cf6b4
29be6d58cf6508078cb4f19205d49b11c933f94113097ea1478b6b405d8c732c
2acf06c1c75ef98f232ea8f3ce537f21e042fae2c6c0d51a65a5dca5ec5be112
2b44f6fc4993950d95c16d866d5effd0f42c22884d8f9ec5ef347045675aed11
2bf3370d23bca4b5df1a3bb2a16481bb4fca70a5f0cac95b1eb7efff1bdd7ccc
2d0d434a492d9ef486bf5a02ccfa239495cb035e23df6e62adf49cb9047fd763
2f5104528e4c6516c726ba68a329645049260e71d4d17934f865c64c82f12027
3391f1b5dee3c8caf3535a67139b89d390ab073b6829f11e435db89abf732092
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
366bf8696392da0b36fb41af9058184b7d11b5f53ba8856f0db16d25766c35c9
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39047cc5b6753837a60ff903ec8e56d38407d2f2aee6d5dde4c74ef45cfcef0d
3b843d8505c200af17cdbf0a534faf3a5e6d41e67068387787984470ea717c97
3d9695ce2f003681148b50cb5582955ae841ebb7e724f2337e078ab7114bd335
3e61b8d9fae3bf7e8dc6a117f45ea71454b348ce7ea966289ab63dd8072fff03
3ea5b522e36cb1e8e2bf7e3f77935b251cba8245dba24fe083b3260fd2703046
4058e2480cac6a0509fb74a0e6557ba24d5de55d4de1914d5be0f5d382f25402
43584589af625ff1cdd99c3268505d56bbe887300252cc9c6cb508daab82421e
449232f007b4a1ff43a4d373f64e02d7751043f75e2840255a199e97b19ba137
482ad0696ec24e735f15236fa90352d9f8019292354dcf831ea1577b46ce4ae6
4a7eb4b0961dc2a57594a3dc38e67d916c0030a27956007ab24f06016b2e8296
4cdfe57d9b73838fb3ddb1d528867a3493598fa905837df2e7b0381780933505
4dfe40731128c59d8869e69daf0ba5fa855a14fb61c5594f4121123bb6f6f903
4e801382789700cb72b82146fa8947a5dc30eaed330a81b8c61756a240f28d99
4ee54ff917c539b264537d0d6f62c78484457762a6fd64ace831385744b98c9b
4f5c6f22e373fd36a53ddf9cc3b80cb17a524dc6cd6053cd7090f835bd02acec
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
54bc11342d941c2dca37e01a11ab4c1b05aa6da56cd221bc77616629330809da
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
565deac0c7edc7850a7762c24c560f0a9670aa5c52a728e9dbb43d5a7887c1d4
56c63a60f91f569ef23a1cbc7ffcd518b19168e39ae54937cefe1f29fb3adeae
5810a31d0e0905e74e45920f55f97157d5be09282d03cdd7e1f0dc2785a5b6ab
583d91b997a39d3a6a6c76a18b9026cdcd74d3bb3aea6c8ceb0165c2cbbbf7f0
58b51d48a14c6b29ccba023196a193c68f9842a13cac717939c303e3b1460481
5c256819cffea08483c47f1421d2437f3c61529d73a1893388b50e9db68f9534
5c5f00380b0c154454af53416372a7169a2815c5de015a888fca57aad2fac11c
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
611d5fac12fdd1a8e90a2e22c2157ce2caa2f90b8d9af3d93f3854b409cf4774
6276641b212758687bcb0c80c79dd665f1fb4542019d757ca034bfd711f2df91
635375c336ffde24b571e9acc5ad394bcefcf1d6f480e6695f4032c6996b4f7c
6387fe6324a49eb8eacc7d2b71c721b70fb0cb96c5d33feed02ffbaeda9477ea
65f065d8408432842271dab54c2b2938ddcfe0cd0466139af9e0fcf5f89dd4df
65f1553074d779f5d748a0d0216f14a78f89b0bd5dc69b0e5562910950110d40
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b24da0c6d2f25d86882b64b5b180c298afd02c3222dbfd415d179767e67823f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70451f9e2fd63c36dd9534e636401b78fdcebd8e3ec240c2018499c9eadadf9b
7078a079d289c7f5883a665801735c880d24b9dc344b071f130ce9c562d26e86
719691ed2538c0caec57cca97f3ea15ea3e27775397b769fbf97a80827f5313b
7532da32524c4974ee8b5903a06323d54dfac84c23aedda76e9d5b93971084d6
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
7bc24df181ca0f5ad5e37e7e0155fc90111372524f7477a0a296a4464f7bbcc7
7c836c93602924dfacf07700127739a53276fc8990f8f249dae2fd58a8614ef6
7f5aeb7e0748cabfd8bf5701db0d1304a405e7482fdd16be77d7c431c1d5549e
7f8f750f67250588f252240cf102438d92d681b20f35bfa37a7bc3266e056f07
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c1195e56dee82db7c5da22495df951938a87803f60ac0cd6a69fdcd7b1901f
83f987eef2dcf5df9067b2fb033a8313cc7046627a7818d2e43473a3b9c8aafb
840ee62c133c553ff018a6b00f5b5d6836c37a0205f1be2f82b12d4f02b9cb01
8564742cdf60a4bf929217d69c74ee2ed690981d29c1edfa414ba66f79792846
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
886430890562cc216ae31a8047f07542f8df8c11f9465f9b08a8dd2da529ac9a
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
895a9abb219fd2af30ad07d7ed904c321249fa5d6a7cf966e69586443ff2ebca
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8cd3a1579ab234f0c391ea71a582bbad4c1195ad475844a0a42d813670745c27
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8e0ba33e5efcee204636a6ac4133704636441262045aa95051b550163699c4fc
8f292ce01da628e3a300fdf9f67b7a90f842bffd9afe2a0686d0198667624754
91a7dc14a31c8e47b24df8c1a31f77c8fe4f90240dbdfe06cc0968bc9c93282b
91ea71f6d3aa51acc45275db494f975c0946d38d537c50cdf56208de9f7a12d8
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93e2f58e310618040282e647d99e4fb3ffe7089f1d51ea9a01350cc6d06dc06d
951ff965496e99c06f1008bff464db635507aca6331c539f5e3157acbc03b5dc
99f6935cf72f1ef19eb4e9cbfdb2863ca1d972b7a283f8bddf930b5d152d2dec
9ad0dcb0dcb9d15db88513d9f0c0ca1622f34ac1ae390baa97e7edb245531bcd
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9d0435f3f104dce3eff274120f3ebca0377cb5141c0f284d310ddd01b7886d86
9d15f5889b901db2d243c8632b5864c62577d894122903a5831cebfd3d4514bc
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9f5189ec9deab03c85bf30d7c632fd6ecfd3d8d6fad60e5cdee0aef3678823ee
a087145e9246e4a22f6019802bfb20f26fb2a5d16c67ce113258d779474150e1
a23000c21d0ef59bb032e686cf346ed77d83fac27d7048205ded1a6e20460648
a55261a7a987674749989983b5889eadaac6795d8d48548fb61470a96edb9524
a97b53de9814182ca7503bd916bf70f8d9e4eaa568160f7802db0023ee6f2ef6
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabaf525a8c5365b76ef8bb40c2da64a5ba515144eb2ad532adc7b2a2fecddb0
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
ab5d95b55a41f726aa1c90ef3dfd7af61e9e1f688360a16a96ec631bf61eebaf
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36
abf9893e86a6c646b870d1385a92fd8301c531dbfdeb6d8f9fcee1793c1b43cf
ac3465c45e99cdf5cc23676b0c67fce49c648e6e3c90f30c64722367eaaf21ff
ae62dd075f4359b389158ec0ce732971da832938b5d630a24eb2e89111b00e1b
ae9947adcc62dd84085a0c7cea9d8b78e46bfec8c7709aa45a2768c6a66fb1dd
aed0b9a65b8d5279476552f4fd56e97b4af722cde229a849ef40da6ff5055eb8
b08d7830746349ff8a17d3234078ea1e46c33f0b1d29752484151d9c60a0d625
b0cc4893a88acbd261347947311c13d085e0fb3909b71bb8b14d4f58214c2add
b110428c2cf2bb0bab8390f3e58b7961de970b7da528b93cafddf5378bb7cf65
b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb
b4422b66257bf657c8f5953fc86f2a71b17882cbd8d4c73e07fdaaa9ae12f449
b5730b5cda06e0b6d7a3e954013e065c8db99ab4a1d4cb537523e6e0e291ac88
b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8
b813ada0501b32e29202af62613bfce2cf7c34f4381d6b45592ba5678fdd481d
b860f153027662f049f2b3c85112e8f94baf10132a9d72b8ac998cfad4e03d54
b9116b9f9aac9236cf66d2a187a8b0cd5a84e4828f06f5f9d55a7d939a6ec2fb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbaf8796714d189a9ae5febc6847742dbc296b5f76acc14b68a54a7250d948b1
bf275debca5a4df45158e1c43cbb122499c3801e67b7933af32a76bbe3c660da
c0aeb10cae9de65aab4cb92668b92779341a9092b0c4b251226236dfadc78a06
c15171fcd5929135b805d4b4dbf845248179064899580dec8a1de845da08c489
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c45fbfc905237f16fa3644bae78d607fc6e6f6e1f62d37ea696d4cf7c1dcfeae
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c637f0c8062fe1c86cac3c5993e7d16bb1ecba387172c226db10b12f90c2ace8
c818f6481b35791f79fb6da8dcf6512072ffe6348288cb81ea751d2afbcbd0c9
c86fb1ebfd671cf1a8505ef2e5fab24ff0ead66b7837f28df2076ce8ec53db64
c8ccd698ffa33f43b86a2996de1c7248e15d740752669ae6b489ca49f3193e3f
cc2ff6d4fb51b6eed4c40181a00b09b841c0930ee87875901028f7828e2e84cb
cc75e668166dc38d4155d90aa3322948f7cdc419e969d1f49c98617c570907d2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f387e5f3411a35691da3e37847ccfaf180043c63e8cfd59097191158b9923d
d27775eeff3a9b98f619819b8e0399e69a408034c4534bd5baf573506fe75c6a
d4b2ca6ed32b07e113be48cecee742c5be39fa8354c67a542c72e463d1007336
d61b7cac2f6bf0482a24d1b4437e14c1e1033419aa50d67df92275b8fade5f26
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d92ae911efa5999c08f1e12d577339ad668e9ecf7deaec81af7bfcfe4d288aaa
da1c287941508f498be1e1e5bf496c33903f50d6957601d2916d3eee7193f150
dabbfc02e2dd0545367b8d536848807d8b7c019f24434ceac3a2aeee641686c0
db86b4d18017697578628cf41791dda2c2e627a71f670aa0a069e4b070523ac0
dc2f384245b27deef54568cd1558d9e28f51d9c12f921539753c9406d3dc2d75
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
dec5e5786208beaa10be7849ea723c2e1cf022781092424e6debad5690bfeb1b
df870e6ec42abc29c776c7144bfceec6e31d4ba9dfdd3b94d49ae607209dbe82
e0035b63fc5b34bfac32f49487ad09ae908071d9cddbe3886cb54c459c75ba1d
e129bfd0ccdfe0e85ff3894a24ab3746247ec2024c8f413d37e36403e5f42849
e33b783381cdecd157540c271d33c592ee1b4197ba286b4f6b30e68fbb4eeaf2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87b507dcf1026babc8bd24deabc7118cc941fbe032ba9369307a3f1207b9fbe
e8e4110bf4768199cd05def7c278288da4e7a02dc9c9594b88178f553cfebc67
e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d7b8029a2b1be7f1fb9a2ba721a823a1925749a372c18e3dc3e52000b9fc3
efa5b8e3ec9445cc2c30784a8277aee98074b003e8c34bc97671d340cd460402
f2428072b9dd3e5f45a9de279b8966dbf19004cd637f6eb395199aa98742c889
f3275ef137c8d178daa5c1c0881087e75879e162e7d7e1543b5ab3a487059c8f
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
f38bc3f11fd2acc0096935138b41b023a7fe512563423b3423198118ad689313
f6dd77d82ef7485d0ebd87e63ecd31fc0ae4f9a0bc85b071492b6ed791a0ce48
f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
fad217b28b3e4434cde68e1912cd8f882ba64b29702b7b2881ae6c9a77909bb2
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f

shop.heroinsupport.org Open in urlscan Pro 23.227.38.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

284 Requests

99 %HTTPS

57 %IPv6

46 Domains

75 Subdomains

70 IPs

5 Countries

7827 kBTransfer

23902 kBSize

33 Cookies

11 Outgoing links

Redirected requests

284 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shop.heroinsupport.org Open in urlscan Pro
23.227.38.74 Public Scan

Screenshot
Live screenshot

Full Image

284
Requests

99 %
HTTPS

57 %
IPv6

46
Domains

75
Subdomains

70
IPs

5
Countries

7827 kB
Transfer

23902 kB
Size

33
Cookies

284 HTTP transactions
2 data transactions