urlscan.io logo urlscan.io
SecurityTrails logo

yay.journalbuddies.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://yay.journalbuddies.com/
Effective URL: https://yay.journalbuddies.com/login
Submission: On August 17 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 21 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is yay.journalbuddies.com.
TLS certificate: Issued by WE1 on July 25th 2024. Valid for: 3 months.
This is the only time yay.journalbuddies.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:26d... 16509 (AMAZON-02)
1 18.66.192.50 16509 (AMAZON-02)
4 151.101.1.21 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.66.192.49 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 192.229.221.25 15133 (EDGECAST)
1 188.114.96.3 13335 (CLOUDFLAR...)
21 11
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
yay.journalbuddies.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:9000:26db:f400:b:3152:9000:21 (United States)

ASN16509 (AMAZON-02, US)
d3nm84ewrvjnsw.cloudfront.net
1    18.66.192.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-50.muc50.r.cloudfront.net
js.stripe.com
4    151.101.1.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
3    2606:4700::6812:1a8e (United States)

ASN13335 (CLOUDFLARENET, US)
uploads.heightsplatform.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    18.66.192.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-49.muc50.r.cloudfront.net
js.stripe.com
3    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
t.paypal.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
yay.journalbuddies.com
Apex Domain
Subdomains		 Transfer
5 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3677
t.paypal.com — Cisco Umbrella Rank: 4582
91 KB
3 gstatic.com
fonts.gstatic.com
44 KB
3 heightsplatform.com
uploads.heightsplatform.com
12 KB
3 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
156 KB
3 cloudfront.net
d3nm84ewrvjnsw.cloudfront.net
400 KB
3 journalbuddies.com
yay.journalbuddies.com
5 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
21 8
Domain Requested by
4 www.paypal.com yay.journalbuddies.com
www.paypal.com
3 fonts.gstatic.com fonts.googleapis.com
3 uploads.heightsplatform.com yay.journalbuddies.com
3 js.stripe.com yay.journalbuddies.com
js.stripe.com
3 d3nm84ewrvjnsw.cloudfront.net yay.journalbuddies.com
3 yay.journalbuddies.com 1 redirects static.cloudflareinsights.com
1 t.paypal.com yay.journalbuddies.com
1 static.cloudflareinsights.com yay.journalbuddies.com
1 fonts.googleapis.com yay.journalbuddies.com
21 9

This site contains no links.

Subject Issuer Validity Valid
journalbuddies.com
WE1		 2024-07-25 -
2024-10-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-07-23 -
2024-10-24		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
heightsplatform.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://yay.journalbuddies.com/login
Frame ID: A1880C0554648A545B2765B581644AAF
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: DC3F3681DDC260EDA48A4A817EB6D7FE
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-6d8fb062da5921b957ba113caac230d4.html
Frame ID: 6A47CA115F53C9DDAAB23F0DC8A23FE4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ad Free Journal Buddies | Login

Page URL History Show full URLs

  1. https://yay.journalbuddies.com/ HTTP 302
    https://yay.journalbuddies.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

9
Subdomains

11
IPs

3
Countries

714 kB
Transfer

2618 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://yay.journalbuddies.com/ HTTP 302
    https://yay.journalbuddies.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
yay.journalbuddies.com/
Redirect Chain
  • https://yay.journalbuddies.com/
  • https://yay.journalbuddies.com/login
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yay.journalbuddies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99fad55586049ae88c442958556c0c195476b0dd0d27be12f7d187d629fc7d41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b4b598e5f829746-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 17 Aug 2024 17:23:04 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723915384&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Jbza17aOr75kDL3fHC6U4cJPaWfAZaYC09aeuJIegyE%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1723915384&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=Jbza17aOr75kDL3fHC6U4cJPaWfAZaYC09aeuJIegyE%3D
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
ebef6865-e488-4167-8f88-51cc7409c4eb
x-runtime
0.030958
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8b4b598af9e79746-FRA
content-type
text/html; charset=utf-8
date
Sat, 17 Aug 2024 17:23:04 GMT
location
https://yay.journalbuddies.com/login
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723915383&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=qqjJmwpRpJpALbjqS3rG99e02j16rXFMbZ9nrdcJ81M%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1723915383&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=qqjJmwpRpJpALbjqS3rG99e02j16rXFMbZ9nrdcJ81M%3D
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
68faf559-2a4c-4e44-b04a-7b8966a11e8b
x-runtime
0.023882
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,400italic
Requested by
Host: yay.journalbuddies.com
URL: https://yay.journalbuddies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a53224625e94e636ad6e0c7316d83ae4c2a0c9b4627906f20567ed74b02dc953
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://yay.journalbuddies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Aug 2024 17:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Aug 2024 17:23:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Aug 2024 17:23:04 GMT
application-5dda2ef74cb2a6cc9d22325600870db1cab17815236607689e0cfb8fc37e8751.css
d3nm84ewrvjnsw.cloudfront.net/assets/ 		242 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3nm84ewrvjnsw.cloudfront.net/assets/application-5dda2ef74cb2a6cc9d22325600870db1cab17815236607689e0cfb8fc37e8751.css
Requested by
Host: yay.journalbuddies.com
URL: https://yay.journalbuddies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:f400:b:3152:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
5dda2ef74cb2a6cc9d22325600870db1cab17815236607689e0cfb8fc37e8751
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://yay.journalbuddies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 13:57:29 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
MUC50-P3
age
185134
x-cache
Hit from cloudfront
content-length
42352
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1723730250&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=C3248f6C7ct4EKEZWlp%2BkxMvjwAeQnUD4KFRIYa28%2Bo%3D
last-modified
Thu, 15 Aug 2024 13:53:49 GMT
server
Cowboy
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723730250&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=C3248f6C7ct4EKEZWlp%2BkxMvjwAeQnUD4KFRIYa28%2Bo%3D"}]}
content-type
text/css
access-control-allow-origin
https://uploads.heightsplatform.com
cache-control
public, s-maxage=31536000, max-age=15552000
x-amz-cf-id
HB_q_NWc03wd43_OpJ1O_8P16QOz3SjPkbVywBqz2JggECwi9tfMlw==
expires
Fri, 15 Aug 2025 13:55:49 +0000
core-53cb01ed7585036eead0f846c8a2bed24e66a36ef8adf386dae13bfbd8a60fc0.css
d3nm84ewrvjnsw.cloudfront.net/assets/ 		243 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3nm84ewrvjnsw.cloudfront.net/assets/core-53cb01ed7585036eead0f846c8a2bed24e66a36ef8adf386dae13bfbd8a60fc0.css
Requested by
Host: yay.journalbuddies.com
URL: https://yay.journalbuddies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:f400:b:3152:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
53cb01ed7585036eead0f846c8a2bed24e66a36ef8adf386dae13bfbd8a60fc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://yay.journalbuddies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 17:23:21 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
MUC50-P3
age
172783
x-cache
Hit from cloudfront
content-length
46656
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1723742601&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=KsiyAwjF8YfWtuwPdOBxjl4Ly63bRhEq%2F4giFjsx2vw%3D
last-modified
Thu, 15 Aug 2024 17:20:26 GMT
server
Cowboy
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723742601&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=KsiyAwjF8YfWtuwPdOBxjl4Ly63bRhEq%2F4giFjsx2vw%3D"}]}
content-type
text/css
access-control-allow-origin
https://uploads.heightsplatform.com
cache-control
public, s-maxage=31536000, max-age=15552000
x-amz-cf-id
NSU-hUPwpSSp0oLKY1CZCbyoUh_Aw3W9ZqGGGbaIB4qeXwurN3YRkQ==
expires
Fri, 15 Aug 2025 17:22:01 +0000
/
js.stripe.com/v3/ 		641 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: yay.journalbuddies.com
URL: https://yay.journalbuddies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-50.muc50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7aa5c2b897778c5680849ce922dc77ecf24eb433472b89b8ca292eb213650d4b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://yay.journalbuddies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 17:22:54 GMT
content-encoding
br
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
12
x-amz-cf-pop
MUC50-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 17 Aug 2024 00:16:22 GMT
server
Cloudfront
etag
W/"e898735b4382c3fcc5c586c3699b39d5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
UE29V0rYJF_zJeCDOFSMJ6iYsxGKq7JNzrjsm9vBhO8LpgY35YPpwQ==
js
www.paypal.com/sdk/ 		304 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AdUZm6mA2lFH0Zeca_2JqIUk0qyAuaFr-D1n8OjN8dD9aXsEaGAF7Sw8rF--Td32LdoLXEsdvnIFbBfz&disable-funding=card
Requested by
Host: yay.journalbuddies.com
URL: https://yay.journalbuddies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
90e1966ffe67b31132ad2651e2053000ea0a7d5ce9fee9de779eed083d4b4b76
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-X4Xxi8obU/tV4uFrx+BahtNLRi2p9PBKhrup8pIcXtVk0nD7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-X4Xxi8obU/tV4uFrx+BahtNLRi2p9PBKhrup8pIcXtVk0nD7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yay.journalbuddies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-X4Xxi8obU/tV4uFrx+BahtNLRi2p9PBKhrup8pIcXtVk0nD7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-X4Xxi8obU/tV4uFrx+BahtNLRi2p9PBKhrup8pIcXtVk0nD7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Sat, 17 Aug 2024 17:23:04 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, HIT, MISS
p3p
true
paypal-debug-id
f174558287ac3
server-timing
"traceparent;desc="00-0000000000000000000f174558287ac3-0c395145fb2311f4-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
84136
x-xss-protection
1; mode=block
x-served-by
cache-lhr-egll1980044-LHR, cache-mad22043-MAD, cache-mad22043-MAD
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f174558287ac3-96899aa3f58d366d-01
x-timer
S1723915384.439718,VS0,VE355
etag
W/"148a8-+wJ0eeVjPs3CcpezT1NZvHwEOag"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
application-063f7244022ad953700d76b94adbca1eadae0b1cc2e9db64436cb936bfae80ad.js
d3nm84ewrvjnsw.cloudfront.net/assets/ 		1 MB
311 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3nm84ewrvjnsw.cloudfront.net/assets/application-063f7244022ad953700d76b94adbca1eadae0b1cc2e9db64436cb936bfae80ad.js
Requested by
Host: yay.journalbuddies.com
URL: https://yay.journalbuddies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:f400:b:3152:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
063f7244022ad953700d76b94adbca1eadae0b1cc2e9db64436cb936bfae80ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://yay.journalbuddies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 13:57:30 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
MUC50-P3
age
185134
x-cache
Hit from cloudfront
content-length
317261
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1723730250&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=C3248f6C7ct4EKEZWlp%2BkxMvjwAeQnUD4KFRIYa28%2Bo%3D
last-modified
Thu, 15 Aug 2024 13:53:49 GMT
server
Cowboy
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1723730250&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=C3248f6C7ct4EKEZWlp%2BkxMvjwAeQnUD4KFRIYa28%2Bo%3D"}]}
content-type
application/javascript
access-control-allow-origin
https://uploads.heightsplatform.com
cache-control
public, s-maxage=31536000, max-age=15552000
x-amz-cf-id
LgZRQucONZWQOrcpnD7Nyumj0jKrU8GPRJ94Y8V_GtN2liNxudOYKQ==
expires
Fri, 15 Aug 2025 13:55:49 +0000
cec593bd749cdf7cd429bc6553b7e843.jpeg
uploads.heightsplatform.com/program/journalbuddies/account/928/logo/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads.heightsplatform.com/program/journalbuddies/account/928/logo/cec593bd749cdf7cd429bc6553b7e843.jpeg
Requested by
Host: yay.journalbuddies.com
URL: https://yay.journalbuddies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8de21e3cda3babc01f86de10cf6a31aca8993f72001cb3784c379708defffcd

Request headers

Referer
https://yay.journalbuddies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 17:23:04 GMT
via
1.1 43b9d5592d1dc6a44adc7ebaaf183280.cloudfront.net (CloudFront)
x-amz-version-id
FBN3uDPuL34ivq1s2.J33ZLho07cPnOW
cf-cache-status
MISS
x-amz-cf-pop
FRA56-P9
cf-polished
origSize=8240
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5326
cf-bgj
imgq:100,h2pri
last-modified
Sat, 17 Aug 2024 01:28:37 GMT
server
cloudflare
etag
"4859dcf8cbb864ec6f0b4e0f47690daa"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8b4b59907b2b65ca-FRA
x-amz-cf-id
nwq7DurPNoZXw-9g2uNtZD6lIBWRtgxb3NbCkBq88GFH_ReS7PwiGA==
expires
Sun, 25 Aug 2024 17:23:04 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: yay.journalbuddies.com
URL: https://yay.journalbuddies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://yay.journalbuddies.com/
Origin
https://yay.journalbuddies.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 17:23:04 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8b4b59921e021c9f-FRA
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=yay.journalbuddies.com&t=xo&v=5.0.456&source=payments_sdk&client_id=AdUZm6mA2lFH0Zeca_2JqIUk0qyAuaFr-D1n8OjN8dD9aXsEaGAF7Sw8rF--Td32LdoLXEsdvnIFbBfz&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdUZm6mA2lFH0Zeca_2JqIUk0qyAuaFr-D1n8OjN8dD9aXsEaGAF7Sw8rF--Td32LdoLXEsdvnIFbBfz&disable-funding=card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3a997e04353e88f40e41584ecfea025d074f355f534874f9dbe04a3bb5a5ca4d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-/VppL3gOx18nIlBzhPwsjOqleFo8/IA9lrA1UzOUFuAnEszT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yay.journalbuddies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-/VppL3gOx18nIlBzhPwsjOqleFo8/IA9lrA1UzOUFuAnEszT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 17 Aug 2024 17:23:04 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
51546
x-cache
HIT, MISS, MISS
paypal-debug-id
f17348922f526
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4336
x-xss-protection
1; mode=block
x-served-by
cache-lhr-egll1980090-LHR, cache-mad22043-MAD, cache-mad22043-MAD
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f17348922f526-8df01e0555a77099-01
x-timer
S1723915385.914649,VS0,VE29
etag
W/"2fa1-jxsR74+mGy9/tfIPXuzhzw2WmKM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0, 0
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame DC3F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-49.muc50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://yay.journalbuddies.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2958
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 17 Aug 2024 16:33:48 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Wed, 14 Aug 2024 20:40:27 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
x-amz-cf-id
da1VLThqUctRHuHIy_Gf0QWLtSIj6wfz9yNWfDRhztT3n8NzVGzbYg==
x-amz-cf-pop
MUC50-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yay.journalbuddies.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 13:59:43 GMT
x-content-type-options
nosniff
age
357802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 13:59:43 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yay.journalbuddies.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:00:00 GMT
x-content-type-options
nosniff
age
357785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:00:00 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yay.journalbuddies.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 13:58:51 GMT
x-content-type-options
nosniff
age
357854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 13:58:51 GMT
controller-with-preconnect-6d8fb062da5921b957ba113caac230d4.html
js.stripe.com/v3/ Frame 6A47 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-6d8fb062da5921b957ba113caac230d4.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-49.muc50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://yay.journalbuddies.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
34
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 17 Aug 2024 17:22:38 GMT
etag
"6d8fb062da5921b957ba113caac230d4"
last-modified
Fri, 16 Aug 2024 23:35:40 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
x-amz-cf-id
YZP9j-lIUmGvgKaMC_d69pIlJiiuq-H2MCTcC1j-x87zA4xa9Q5O8w==
x-amz-cf-pop
MUC50-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
ts
t.paypal.com/ 		42 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Ad%20Free%20Journal%20Buddies%20%7C%20Login&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1723915385071&g=-120&completeurl=https%3A%2F%2Fyay.journalbuddies.com%2Flogin&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: yay.journalbuddies.com
URL: https://yay.journalbuddies.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35BC) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://yay.journalbuddies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 17:23:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
9af387b442340
server
ECAcc (lhd/35BC)
traceparent
00-00000000000000000009af387b442340-953b4cc77f1b14e5-01
vary
Accept-Encoding
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
9af387b442340
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-type
image/gif
server-timing
traceparent;desc="00-00000000000000000009af387b442340-b7c2a670a9253154-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
expires
Sat, 17 Aug 2024 17:23:05 GMT
rum
yay.journalbuddies.com/cdn-cgi/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yay.journalbuddies.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://yay.journalbuddies.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 17 Aug 2024 17:23:05 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://yay.journalbuddies.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8b4b599918da35f6-FRA
favicon32-9327fc35b127fe7a5c259f10f17e15e6.png
uploads.heightsplatform.com/program/journalbuddies/account/928/favicon/ 		494 B
905 B 		Other
General
Check archive.org
Download Go to
Full URL
https://uploads.heightsplatform.com/program/journalbuddies/account/928/favicon/favicon32-9327fc35b127fe7a5c259f10f17e15e6.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e511dc9cb2e9c66d9980fdcdcc5b8743542383393d923a16b86352b9b41ca6f2

Request headers

Referer
https://yay.journalbuddies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 17:23:05 GMT
via
1.1 8102b796fd59e74f0d71efa931e72264.cloudfront.net (CloudFront)
x-amz-version-id
9G7qRfeUN4yWOXvN3iP7jbEV11kQlCPU
cf-cache-status
REVALIDATED
x-amz-cf-pop
LHR5-P2
cf-polished
origFmt=png, origSize=3720
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-disposition
inline; filename="favicon32-9327fc35b127fe7a5c259f10f17e15e6.webp"
content-length
494
cf-bgj
imgq:100,h2pri
last-modified
Fri, 05 Jan 2024 06:07:56 GMT
server
cloudflare
etag
"932c8a6c70d3421dd798d9239893b4c2"
vary
Accept
content-type
image/webp
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8b4b59991e4965ca-FRA
x-amz-cf-id
uHSXVumc6sHzs9jGONma_EcX2vgs7Q2XcA-ZPGd_RjL5Jv7XriRcLg==
expires
Sun, 25 Aug 2024 17:23:05 GMT
logger
www.paypal.com/xoplatform/logger/api/ 		975 B
898 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdUZm6mA2lFH0Zeca_2JqIUk0qyAuaFr-D1n8OjN8dD9aXsEaGAF7Sw8rF--Td32LdoLXEsdvnIFbBfz&disable-funding=card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
979bf122bb687e7dcf6298fce5fdf7d9505ac26b75ce8a0f17fa347984a68639
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://yay.journalbuddies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 17 Aug 2024 17:23:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS, MISS
paypal-debug-id
f3284825619bf
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-lhr-egll1980064-LHR, cache-mad22072-MAD, cache-mad22072-MAD
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f3284825619bf-9f5710b9c26a9187-01
x-timer
S1723915386.177099,VS0,VE175
etag
W/"3cf-DDT7chsQu44qjT3Lv3tOgoEwpVE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yay.journalbuddies.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://yay.journalbuddies.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://yay.journalbuddies.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Sat, 17 Aug 2024 17:23:06 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f328482851709
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f328482851709-6c21fcc048d0dde4-01
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-served-by
cache-lhr-egll1980067-LHR, cache-mad22072-MAD, cache-mad22072-MAD
x-timer
S1723915386.908794,VS0,VE203
favicon76-b58d83d53a71b95c27809f281792a2a0.png
uploads.heightsplatform.com/program/journalbuddies/account/928/favicon/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://uploads.heightsplatform.com/program/journalbuddies/account/928/favicon/favicon76-b58d83d53a71b95c27809f281792a2a0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2137cfe175fb55ee6811323c48a23cbac47567b1bc5d3cd74f3b0d8fd8e78dce

Request headers

Referer
https://yay.journalbuddies.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 17:23:06 GMT
x-amz-version-id
1QrfTJwz4xJ26Xnif_NEDC0IPlCsmZvB
via
1.1 5375413f20e38c73685f4733c19ca2ae.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
HEL51-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4903
last-modified
Fri, 05 Jan 2024 06:07:54 GMT
server
cloudflare
etag
"0bb72842a7e698f73e474b6e9ca182a1"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
8b4b5999ff3f65ca-FRA
x-amz-cf-id
Wc6lb19aWP2-OMhco3agbR-cAENcXUA7XmuUsdHx4OIDJSKtVLtE-g==
expires
Sun, 25 Aug 2024 17:23:06 GMT

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunkStripeJSouter function| noop function| Stripe object| __post_robot_11_0_0___uid_hjamqwvtjrjjmcmiskzzxldxgkdxxr object| paypal object| __zoid_10_3_3___uid_hjamqwvtjrjjmcmiskzzxldxgkdxxr function| _instanceof function| _typeof function| _classCallCheck function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| setScrollableSectionsHeight function| toggleFadeOut function| handlePageLoad function| validateForm function| validateField function| validateOptionalIntegerField function| displayErrors function| submitProductCreateForm function| checkPGEnrollPlan function| checkPGPaymentOption function| submitFormCourseResult function| switchLessonType function| switchProductType function| validateQuiz function| storeSidebarState function| applyStoredSidebarState function| aiProductNav function| resetFlags function| checkAndRenderMetadata function| continueScroll function| renderMetadata function| appendButtonToMetadata function| renderMetadataExpand function| addChatEventListeners function| checkEnrollPlan function| checkPaymentOption function| checkUpsellOption function| checkOrderBumpOption function| checkAuthorOption function| addVideoEmbed function| makeModule function| makeChallengeModule function| composeMessage function| togglePopoutAIChat function| updateAndHighlightChatInput object| queries object| Abraham object| wysihtml5 function| Base object| wysihtml5ParserRulesDefaults object| wysihtml5ParserRules object| wysihtml5PasteRules function| sortable function| __slice function| __indexOf object| elementsWithPersistentScrolls object| persistentScrollsPositions function| change function| ready object| ThreddedMentionAutocompletion function| readyUp boolean| eventsAttached function| quizReady boolean| formCloseWarning function| $ function| jQuery object| jQuery112409919764115403904 object| Turbolinks object| NProgress function| init function| listenForChange function| addQuery function| removeQuery function| triggerCallbacks function| addEvent function| getPreviousContext function| getContext function| _inArray function| _indexOf object| MQ object| callbacks string| context string| new_context function| Cookies object| Shepherd object| rangy object| wysihtml5ParserPasteRulesets function| moment function| tinysort function| jPlayerPlaylist function| List function| ListFuzzySearch function| Color function| Chart object| ifvisible function| timeago function| autosize function| Textcomplete object| Thredded function| ThreddedPreviewArea function| Slideout object| LocalTime object| iro function| SimpleBar function| ClipboardJS function| VanillaCalendar object| __cfBeacon object| paypalDDL

5 Cookies

Domain/Path Name / Value
.yay.journalbuddies.com/ Name: _Heights_session
Value: VFhnM1JKTXdBamlndGNxdjFnTHpYN3RRVWxrK3ZhMFdBVU92eHNqTnpVUnkySTg0SmoxZmhaTVo0cU1CeHRpanNuUldCRXYvUzRua3dnejlKUWcvcWdtQlZBcTZ2bnc5ei9ldkloSnVaOGZlT1VsZkoyQUxVU3UvWjE4WFgzYWJkdHZRcklmV0Q4KzI5QmNQNHcxbVFBPT0tLVA1VFh3bkJaVDN4ZERjd3N1R1NSRFE9PQ%3D%3D--e4a55ddb92e9b48a7fb7c065671d0950b5af10c1
.heightsplatform.com/ Name: __cf_bm
Value: qrlrce597pR0jPLUkR0hT32mwZpuwm.8qnPrjQYbgYQ-1723915384-1.0.1.1-OmPJ0sBygTdcNbZ3_fxAIy2Rq3sCi6GMbmx3rRHRlyvEpD39joOTH6UranAzMvAVYJdSVl7GeWND5H401YTvOQ
m.stripe.com/ Name: m
Value: c4a16fe5-cd80-4761-bdfa-1620314abaf35ea016
.yay.journalbuddies.com/ Name: __stripe_mid
Value: bf8938ec-960e-42fd-9bf3-0c61e87c4666dcdc0b
.yay.journalbuddies.com/ Name: __stripe_sid
Value: 81bc5a22-3c2d-4163-9f83-19b73427bbcd2ce7ed

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d3nm84ewrvjnsw.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
static.cloudflareinsights.com
t.paypal.com
uploads.heightsplatform.com
www.paypal.com
yay.journalbuddies.com
151.101.1.21
18.66.192.49
18.66.192.50
188.114.96.3
192.229.221.25
2600:9000:26db:f400:b:3152:9000:21
2606:4700::6810:4f49
2606:4700::6812:1a8e
2a00:1450:4001:81c::2003
2a00:1450:4001:829::200a
2a06:98c1:3121::3
063f7244022ad953700d76b94adbca1eadae0b1cc2e9db64436cb936bfae80ad
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
2137cfe175fb55ee6811323c48a23cbac47567b1bc5d3cd74f3b0d8fd8e78dce
3a997e04353e88f40e41584ecfea025d074f355f534874f9dbe04a3bb5a5ca4d
53cb01ed7585036eead0f846c8a2bed24e66a36ef8adf386dae13bfbd8a60fc0
5dda2ef74cb2a6cc9d22325600870db1cab17815236607689e0cfb8fc37e8751
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7aa5c2b897778c5680849ce922dc77ecf24eb433472b89b8ca292eb213650d4b
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
90e1966ffe67b31132ad2651e2053000ea0a7d5ce9fee9de779eed083d4b4b76
979bf122bb687e7dcf6298fce5fdf7d9505ac26b75ce8a0f17fa347984a68639
99fad55586049ae88c442958556c0c195476b0dd0d27be12f7d187d629fc7d41
a53224625e94e636ad6e0c7316d83ae4c2a0c9b4627906f20567ed74b02dc953
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e511dc9cb2e9c66d9980fdcdcc5b8743542383393d923a16b86352b9b41ca6f2
f8de21e3cda3babc01f86de10cf6a31aca8993f72001cb3784c379708defffcd