go.thcmedical.org Open in urlscan Pro
2606:4700::6810:ec2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://go.thcmedical.org/
Effective URL:
https://go.thcmedical.org/crystal0169
Submission: On August 10 via api (August 10th 2021, 3:26:48 am UTC) from PH

Summary HTTP 262 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 37 IPs in 3 countries across 28 domains to perform 262 HTTP transactions. The main IP is 2606:4700::6810:ec2, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.thcmedical.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2021. Valid for: a year.

This is the only time go.thcmedical.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	2606:4700::68... 2606:4700::6810:ec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
13	2606:4700:303... 2606:4700:3035::6815:929	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:cc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6810:10c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:3::393 2a04:4e42:3::393	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
55	151.101.12.176 151.101.12.176	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.101.13.140 151.101.13.140	54113 (FASTLY) (FASTLY)
5	2.16.186.234 2.16.186.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
42	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	50.28.57.25 50.28.57.25	32244 (LIQUIDWEB) (LIQUIDWEB)
8	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	54.72.172.153 54.72.172.153	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:218... 2600:9000:2181:4000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2016	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	34.211.191.133 34.211.191.133	16509 (AMAZON-02) (AMAZON-02)
1	151.101.13.27 151.101.13.27	54113 (FASTLY) (FASTLY)
2	162.247.243.146 162.247.243.146	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
7	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
26	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
262	37

30 2606:4700::6810:ec2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

go.thcmedical.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3035::6815:929 (United States)

ASN13335 (CLOUDFLARENET, US)

app.funnelish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

funnelish.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:cc2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:10c2 (United States)

ASN13335 (CLOUDFLARENET, US)

images.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.186.234 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-234.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.28.57.25 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.marylandwebmanagement5.com

lakeeriehearing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.172.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-172-153.eu-west-1.compute.amazonaws.com

track.addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2181:4000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.211.191.133 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-191-133.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
89	stripe.com js.stripe.com m.stripe.com r.stripe.com q.stripe.com	1 MB
42	youtube.com www.youtube.com	3 MB
30	thcmedical.org 1 redirects go.thcmedical.org	12 MB
16	gstatic.com fonts.gstatic.com www.gstatic.com	219 KB
14	funnelish.com 1 redirects app.funnelish.com funnelish.com	38 KB
10	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	3 KB
9	facebook.com www.facebook.com	1 KB
9	clickfunnels.com 1 redirects assets.clickfunnels.com images.clickfunnels.com app.clickfunnels.com	8 KB
5	google.com www.google.com	52 KB
5	tiktok.com analytics.tiktok.com	86 KB
4	facebook.net connect.facebook.net	241 KB
4	ytimg.com i.ytimg.com	107 KB
4	ggpht.com yt3.ggpht.com	9 KB
4	fontawesome.com use.fontawesome.com	106 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	googleapis.com fonts.googleapis.com	4 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	stripe.network m.stripe.network	20 KB
2	reddit.com alb.reddit.com	197 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	google.de www.google.de	569 B
1	googleadservices.com www.googleadservices.com	14 KB
1	addevent.com track.addevent.com
1	lakeeriehearing.com lakeeriehearing.com	61 KB
1	redditstatic.com www.redditstatic.com	7 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	cloudinary.com res.cloudinary.com	38 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
262	28

	Domain	Requested by
55	js.stripe.com	go.thcmedical.org js.stripe.com
42	www.youtube.com	go.thcmedical.org www.youtube.com
30	go.thcmedical.org	1 redirects go.thcmedical.org static.cloudflareinsights.com
26	q.stripe.com
13	app.funnelish.com	go.thcmedical.org
12	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
9	www.facebook.com
7	r.stripe.com	js.stripe.com
6	googleads.g.doubleclick.net	1 redirects www.youtube.com www.googleadservices.com
5	www.google.com	www.youtube.com go.thcmedical.org
5	analytics.tiktok.com	go.thcmedical.org analytics.tiktok.com
5	app.clickfunnels.com	go.thcmedical.org
4	connect.facebook.net	go.thcmedical.org connect.facebook.net
4	www.gstatic.com	www.youtube.com
4	i.ytimg.com	www.youtube.com
4	yt3.ggpht.com	www.youtube.com
4	static.doubleclick.net	www.youtube.com
4	use.fontawesome.com	go.thcmedical.org use.fontawesome.com
3	fonts.googleapis.com	go.thcmedical.org js.stripe.com
2	bam-cell.nr-data.net	js-agent.newrelic.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	alb.reddit.com	go.thcmedical.org
2	tr.outbrain.com	amplify.outbrain.com go.thcmedical.org
2	images.clickfunnels.com	go.thcmedical.org
2	assets.clickfunnels.com	1 redirects go.thcmedical.org
1	js-agent.newrelic.com	go.thcmedical.org
1	m.stripe.com	m.stripe.network
1	www.google.de	go.thcmedical.org
1	www.googleadservices.com	www.googletagmanager.com
1	track.addevent.com	go.thcmedical.org
1	lakeeriehearing.com	go.thcmedical.org
1	www.redditstatic.com	go.thcmedical.org
1	amplify.outbrain.com	go.thcmedical.org
1	static.cloudflareinsights.com	go.thcmedical.org
1	res.cloudinary.com	go.thcmedical.org
1	www.googletagmanager.com	go.thcmedical.org
1	funnelish.com	1 redirects
262	37

This site contains links to these domains. Also see Links.

Domain
thcmedical.org
trycrystal.co
crystalhearingaid.shop
go.trycrystal.co

Subject Issuer	Validity	Valid
go.thcmedical.org Cloudflare Inc ECC CA-3	`2021-07-01` - `2022-06-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
funnelish.com Cloudflare Inc ECC CA-3	`2021-06-06` - `2022-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
ssl1029342.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-06` - `2022-06-30`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-06-22`	2 years	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
lakeeriehearing.com R3	`2021-07-03` - `2021-10-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
addevent.com Amazon	`2021-02-25` - `2022-03-26`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-05` - `2022-06-06`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-01-12` - `2021-09-29`	9 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://go.thcmedical.org/crystal0169
Frame ID: C560B2874B6F3CE3F38577A3962BF847
Requests: 102 HTTP requests in this frame

Frame: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: F5790D4DB72958D2E25CF1EADC8C9428
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: 963D06C0A26B6BAFF2D4FDAAB5EF66D2
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: 383DAD92C3F00E7E99146CFED8D5EBCC
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: ED7CA744DB4BA1FC29E6BA442D50D492
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: 99C808E3F27058CC30111B53F576FC5E
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: F96157B2DDFBC64C119E873A39227CED
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: 8A5435C799DE6F672BF32445B3773CD5
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Frame ID: CE31FCA7EC2DB3624133541C12EDAE5C
Requests: 17 HTTP requests in this frame

Frame: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fgo.thcmedical.org&stripe_xdm_c=default557582&stripe_xdm_p=1
Frame ID: 7C15E1BE6D14F2C56ACBB831C09C4FBA
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html
Frame ID: B81FD6A06CCE6C6282ACD1AE8E42B0FD
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 7DB134A3DED2D9D0379A625816E213A6
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-719c3740ab58da569fb843f4f3803404.html
Frame ID: AB25B2E897328B26F2A305ECFC6F60F5
Requests: 36 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
Frame ID: 83515F4BFE7329C3590818BFBB5AD08F
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
Frame ID: 029F4E09CA87519A35121294FD42B679
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
Frame ID: B05C19C6B6949B0699EBD454A1A13004
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
Frame ID: AE4A9424B722300590A1A655A4DC139F
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
Frame ID: F641D9A8FCACB17D703199F48E59D588
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
Frame ID: 8C5111E602039C4222BE90FD644B1A77
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
Frame ID: CFF97C5ADBCBBC40B9A168A9D64AE338
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
Frame ID: 97C1FDCB0798832822CC72B6031C2EF3
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
Frame ID: 05A9A3F59E16EF36335E70BF316DDBA3
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://go.thcmedical.org/ HTTP 302
https://go.thcmedical.org/crystal0169 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

ClickFunnels () Expand

Overall confidence: 100%
Detected patterns

env /Clickfunnels/i

Page Statistics

262
Requests

100 %
HTTPS

62 %
IPv6

28
Domains

37
Subdomains

37
IPs

3
Countries

17633 kB
Transfer

32093 kB
Size

19
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://thcmedical.org/
Title: Home

Search URL Search Domain Scan URL

URL: https://trycrystal.co/

Search URL Search Domain Scan URL

URL: https://crystalhearingaid.shop/pages/about-us
Title: About Us

Search URL Search Domain Scan URL

URL: https://crystalhearingaid.shop/pages/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://go.trycrystal.co/crystal-reviews
Title: Review

Search URL Search Domain Scan URL

URL: https://crystalhearingaid.shop/pages/refund-policy
Title: Return & Refund

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://go.thcmedical.org/ HTTP 302
https://go.thcmedical.org/crystal0169 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://funnelish.com/paypal-plugin-2.0.css HTTP 301
https://app.funnelish.com/css/paypal-plugin.min.css

Request Chain 11

https://assets.clickfunnels.com/templates/listhacking-sales/images/arrow-flash-small.gif HTTP 301
https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif

Request Chain 101

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

262 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request crystal0169 Show response
go.thcmedical.org/
Redirect Chain

http://go.thcmedical.org/
https://go.thcmedical.org/crystal0169

272 KB
34 KB

208ms
192ms

Document
text/html

2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

35866d83a80616ce273085d197a896851d43475fbcc173d0ef6dd49d0ad22aa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

:method: GET
:authority: go.thcmedical.org
:scheme: https
:path: /crystal0169
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-type: text/html; charset=utf-8
cf-ray: 67c61f77ccbc05d0-FRA
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Mon, 09 Aug 2021 10:33:38 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200 OK
x-content-digest: 3674e26056eb97c7656341244349559b168ba31f
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: 7953a2f63b4dd2b7ba739e2022cf3c64
x-runtime: 0.588515
set-cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n; path=/; expires=Tue, 10-Aug-21 03:56:29 GMT; domain=.go.thcmedical.org; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

Redirect headers

Date: Tue, 10 Aug 2021 03:26:29 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://go.thcmedical.org/crystal0169
CF-Ray: 67c61f7538e04a86-FRA
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Vary: Accept-Encoding
CF-Cache-Status: BYPASS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Request-Method: *
Pragma: no-cache
Status: 302 Found
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: e1339bfba92fdb01ac7842b73c112fc2
X-Runtime: 0.233366
Set-Cookie: __cf_bm=566107cd1ff9c9519c49359fcee47d66efd2453d-1628565989-1800-ATIyIyd2iBFzRG9c5gk3+WVdHlztY1aY7Cl0EPPE+xrbtcQ49BuzyK3JAq2pnlsVkM5YXGmyX9IkdeVncT1sBfYS37E1nYk41XQO1VSQV7wp; path=/; expires=Tue, 10-Aug-21 03:56:29 GMT; domain=.go.thcmedical.org; HttpOnly; SameSite=None
Server: cloudflare

GET
H2 200 lander.css
go.thcmedical.org/assets/ 425 KB
70 KB 33ms
31ms Stylesheet
text/css 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.thcmedical.org/assets/lander.css

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /assets/lander.css
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 864
last-modified: Mon, 09 Aug 2021 19:46:30 GMT
server: cloudflare
etag: W/"61118616-6a514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 67c61f790e8f05d0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 10 Aug 2021 03:46:29 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
13 KB 32ms
14ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2963945
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: H4FDMQCVAX1QJR1N
x-amz-id-2: R5U5V03xCJ1tQCjdvXnzHl6w9igM00Jpy6MhtaLP8VoCz5keh41FBeT76zB9Rs+GodO16HmJBmg=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0JJPulXzafrGPYn1QdqAjqMQoJbkDZetipOeRKomOJ15hgP%2BKPfughuIKUHXnSRyhRKfxGB6Q0yjznV0xrlRMcJQudg0dvdXfNZCycim9%2B%2BtbhxDND8l6tzfwJMk5bANFrhDPxofkKXwubx8DK2r%2FIS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 67c61f79288c4e79-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
4 KB 33ms
15ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2963945
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: H4F59D1N5HGP5X17
x-amz-id-2: YUdlAsA+TtJD+rHh62FdzZps5qHRs16q+LPxOPSwnBMavIM5gcZ75Y7cLfPddqE+iN9nZYEEHPw=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sE5%2FJuGSI2jD398G3WAV8irLNvrBZeCyBtL86DQrPp%2BxV%2FTgUSPFNhkUteWGO61Xq7eZI4Th%2BJPZKqGEVySwn%2FjE1YrT9i7LNj4%2Bwy1AsiYj8kIzasYPIjl6alAL6S9hOSVyfiTxFC2uA2elAm%2FKy6Ej"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 67c61f79288f4e79-FRA

GET
H2 200 css
fonts.googleapis.com/ 44 KB
2 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b2ea9e7931851f990381b912341a664b88f71c0c15e2cca600e9379fd3b0813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 03:17:55 GMT
server: ESF
date: Tue, 10 Aug 2021 03:26:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Aug 2021 03:26:29 GMT

GET
H2 200 application.js Show response
go.thcmedical.org/assets/userevents/ 5 KB
2 KB 35ms
34ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.thcmedical.org/assets/userevents/application.js

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /assets/userevents/application.js
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1158
last-modified: Mon, 09 Aug 2021 19:46:30 GMT
server: cloudflare
etag: W/"61118616-1353"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 67c61f790e9305d0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 10 Aug 2021 03:46:29 GMT

GET
H3-29 200 xapp.js Show response
app.funnelish.com/ 19 KB
7 KB 39ms
19ms Script
application/javascript 2606:4700:3035::6815:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.funnelish.com/xapp.js
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff243a1a71ffdb02522db7c5dd1e37bc4d82d3ff60ba76a926a5c5301fb9b7a2

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 15 May 2021 23:38:12 GMT
server: cloudflare
age: 6509
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JvKXdkEXA9aVgX9nUTlIaE5Y40gZD1hG5N4%2B8Gr0CjZw6RtjC%2FGjrymZGjpvQCqTkLxcttOVMjChFDZty8oK0HUCXJccWEZDB6%2FOJGtPIkTNcVWKaUUHBJfJ7lisfB4mzzXed%2BNjhOvSo%2Fpdo41KA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67c61f79f8ced6f5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

paypal-plugin.min.css
app.funnelish.com/css/
Redirect Chain

https://funnelish.com/paypal-plugin-2.0.css
https://app.funnelish.com/css/paypal-plugin.min.css

25 KB
7 KB

44ms
18ms

Stylesheet
text/css

2606:4700:3035::6815:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.funnelish.com/css/paypal-plugin.min.css
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d871061bcfb3b45d78456e425ea00cec29e3b52c1136f7ea0071102a75f30e4

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Apr 2021 02:00:12 GMT
server: cloudflare
age: 6510
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eA1O8ZIk%2FqNvk4Vv20AcdswRUhlBb%2BtUymCLbML9pD6c3Y5ZkRdhbuf5nnTMeSBxicZ1mr9PDPVHRJXS0%2BCAk73vVS3sUN81U1OYzEyyFpae1Z3QMFm6pbmBqjpfz%2BrL77pOaxNPMJOLMTp%2FJ5%2FmIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67c61f79af864339-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Tue, 10 Aug 2021 03:26:29 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1628565989.347824,VS0,VE0
strict-transport-security: max-age=300
x-cache: MISS
location: https://app.funnelish.com/css/paypal-plugin.min.css
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-cdg20770-CDG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 45ms
31ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-628586506

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d49301904638bf0f1f02b4f4d81e4c20d7f221366f1ae6efb73e3f1dd1fd464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38817
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Aug 2021 03:26:29 GMT

GET
H2 200 closemodal.png
assets.clickfunnels.com/images/ 672 B
1 KB 140ms
94ms Image
image/webp 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.clickfunnels.com/images/closemodal.png

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 16244
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
last-modified: Mon, 09 Aug 2021 19:46:30 GMT
server: cloudflare
etag: "61118616-314"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 10 Sep 2021 03:26:29 GMT
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 67c61f7a1f9e9748-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: imgq:100,h2pri,csam-hash

GET
H2 200 logo.png
go.thcmedical.org/hosted/images/35/237a4ab6144d00b4fb95096e7cf23c/ 58 KB
58 KB 444ms
430ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/35/237a4ab6144d00b4fb95096e7cf23c/logo.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14b8139d7060dc4d9f9f8750a2d9b34b45e73fde7e4dade88c1123aa77054ee8

Request headers

:path: /hosted/images/35/237a4ab6144d00b4fb95096e7cf23c/logo.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Feb 2021 05:05:57 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "917f6320ba102e99cc72c42b3edc8324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=59028
accept-ranges: bytes
cf-ray: 67c61f79efe005d0-FRA
content-length: 58880
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 Davie-badge.png
go.thcmedical.org/hosted/images/2f/802195370d494fa87591c33bd31314/ 824 KB
825 KB 67ms
53ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/2f/802195370d494fa87591c33bd31314/Davie-badge.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f12ec8d9b317ba4645090cd2ecb5090e9c92a6cf96e267aba883be04514273

Request headers

:path: /hosted/images/2f/802195370d494fa87591c33bd31314/Davie-badge.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 09 Aug 2021 10:17:59 GMT
server: cloudflare
x-amz-cf-pop: DUS51-C1
etag: "df37e7c6880b3b045120d7784ccb6916"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=848408
accept-ranges: bytes
cf-ray: 67c61f79efe105d0-FRA
content-length: 843598
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2

200

arrow-flash-small.gif
images.clickfunnels.com/old-public-templates/listhacking-sales/images/
Redirect Chain

https://assets.clickfunnels.com/templates/listhacking-sales/images/arrow-flash-small.gif
https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif

462 B
829 B

36ms
27ms

Image
image/webp

2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8312763f657406a0328d9901f05e3c28611700e3408a56a5ec993acdd70f2aa

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: HIT
age: 10489
cf-polished: origFmt=gif, origSize=494
cf-ray: 67c61f7c2d26c2ef-FRA
last-modified: Fri, 14 Aug 2015 19:43:23 GMT
content-disposition: inline; filename="arrow-flash-small.webp"
content-length: 462
x-amz-id-2: XndE4GbIUqJNlvUxoVX/HGWfm3cMIA0rJPwFl3Ot644Um7j4EjWABPLrzofzlHNrqgio0fucCP8=
cf-bgj: imgq:100,h2pri,csam-hash
server: cloudflare
etag: "64a7dd71d7bdc6a7200c52ce9b36701a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: CQB9A4CWXB4F5B48
cache-control: public, max-age=2678400
accept-ranges: bytes
content-type: image/webp
expires: Fri, 10 Sep 2021 03:26:29 GMT

Redirect headers

date: Tue, 10 Aug 2021 03:26:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2154402
server: cloudflare
location: https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
cf-ray: 67c61f7a1f9f9748-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 10 Sep 2021 03:26:29 GMT

GET
H2 200 Screen-Shot-2021-06-23-at-14.50.58.png
go.thcmedical.org/hosted/images/c6/b64c990e4f479a80fe295a8bc7b176/ 2 MB
2 MB 93ms
79ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/c6/b64c990e4f479a80fe295a8bc7b176/Screen-Shot-2021-06-23-at-14.50.58.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c6891cfe8465f228ac06812f8ccfb4da8e7bf714bea19c5e723533f20ee7df

Request headers

:path: /hosted/images/c6/b64c990e4f479a80fe295a8bc7b176/Screen-Shot-2021-06-23-at-14.50.58.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 23 Jun 2021 07:51:39 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "87af6e11f9466615b3e6b895fa3990b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=1931060
accept-ranges: bytes
cf-ray: 67c61f79efe305d0-FRA
content-length: 1923654
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 Screen-Shot-2021-05-27-at-00.39.47.png
go.thcmedical.org/hosted/images/9d/96294d19fa4361aa6bcd41929bfe28/ 689 KB
690 KB 74ms
61ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/9d/96294d19fa4361aa6bcd41929bfe28/Screen-Shot-2021-05-27-at-00.39.47.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174d7e0f62965d5cb134444b3f2a0d1c512d47b46b1dd37d937f622ccb6a5cd3

Request headers

:path: /hosted/images/9d/96294d19fa4361aa6bcd41929bfe28/Screen-Shot-2021-05-27-at-00.39.47.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 26 May 2021 17:40:16 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "346c78a5afa4f17fb6550c664bf79438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=711522
accept-ranges: bytes
cf-ray: 67c61f79efe405d0-FRA
content-length: 705989
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 MJ-crystal.png
go.thcmedical.org/hosted/images/49/880e78df394aa9863b2c26d27b0013/ 1 MB
1 MB 75ms
61ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/49/880e78df394aa9863b2c26d27b0013/MJ-crystal.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d0c0dc2681a1250a3b84acba8493f89591f7b9630a1ef795d9df052db229500

Request headers

:path: /hosted/images/49/880e78df394aa9863b2c26d27b0013/MJ-crystal.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 May 2021 04:05:31 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: "3e9384d96ab7591f938812121ca40e4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=1518367
accept-ranges: bytes
cf-ray: 67c61f79efe505d0-FRA
content-length: 1518219
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 FxB9raZc2wK3qgq0sgWXvUfN684sTqXyOtjR5LhM.jpeg
res.cloudinary.com/leightons/image/upload/c_fill,f_auto,g_auto,h_630,w_630/ 38 KB
38 KB 183ms
157ms Image
image/webp 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/leightons/image/upload/c_fill,f_auto,g_auto,h_630,w_630/FxB9raZc2wK3qgq0sgWXvUfN684sTqXyOtjR5LhM.jpeg

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

2d020a4778eec4184fa266127ee9e5afed4eec119438d394d7b29a63973285e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="FxB9raZc2wK3qgq0sgWXvUfN684sTqXyOtjR5LhM.webp"
server-timing: fastly;dur=150;cpu=1;start=2021-08-10T03:26:29.439Z;desc=miss,rtt;dur=5,cloudinary;dur=58;start=2021-08-10T03:26:29.488Z
vary: Accept,User-Agent
content-length: 38730
last-modified: Mon, 22 Oct 2018 08:50:20 GMT
server: Cloudinary
etag: "f3718da280803099a7b616da12aba33c"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 BTE-Spec2.png
go.thcmedical.org/hosted/images/f3/5ffe85b08a4d4790757c8dc56ef38c/ 498 KB
498 KB 74ms
61ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/f3/5ffe85b08a4d4790757c8dc56ef38c/BTE-Spec2.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa9c56b62694aaf4b9d1d1a24b19224d496d8568109917aa90153f5c7dc0fad6

Request headers

:path: /hosted/images/f3/5ffe85b08a4d4790757c8dc56ef38c/BTE-Spec2.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 26 May 2021 17:55:45 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "7351a948717e433d05f608b2904b3ad5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=510729
accept-ranges: bytes
cf-ray: 67c61f79efe905d0-FRA
content-length: 509681
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 Screen-Shot-2021-08-09-at-17.32.29.png
go.thcmedical.org/hosted/images/f7/76a64134404b4a9d9e56d8654107f7/ 393 KB
393 KB 74ms
61ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/f7/76a64134404b4a9d9e56d8654107f7/Screen-Shot-2021-08-09-at-17.32.29.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6af581d327e437e21da4b082c8cffbee6aa0dc0ac7ea3352ec95855f54d4ee27

Request headers

:path: /hosted/images/f7/76a64134404b4a9d9e56d8654107f7/Screen-Shot-2021-08-09-at-17.32.29.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 09 Aug 2021 10:33:07 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "6c0f31b330f014007e9fbcca84356be9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=407378
accept-ranges: bytes
cf-ray: 67c61f79efea05d0-FRA
content-length: 402183
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 Screen-Shot-2021-06-04-at-14.36.57.png
go.thcmedical.org/hosted/images/a2/d26b9487b2497db056b30b3c9c1af4/ 22 KB
22 KB 77ms
65ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/a2/d26b9487b2497db056b30b3c9c1af4/Screen-Shot-2021-06-04-at-14.36.57.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b686605a148483c5911dfc62c8992bdcb183ec9242c87d0a0e0bdd73651b1522

Request headers

:path: /hosted/images/a2/d26b9487b2497db056b30b3c9c1af4/Screen-Shot-2021-06-04-at-14.36.57.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 04 Jun 2021 07:38:23 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "1982862c5bf805e256d7f33291ceb00e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=26436
accept-ranges: bytes
cf-ray: 67c61f79efeb05d0-FRA
content-length: 22610
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 4-features.png
go.thcmedical.org/hosted/images/31/d8c0d264f14766b1ad0fb5641f7f22/ 65 KB
65 KB 76ms
64ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/31/d8c0d264f14766b1ad0fb5641f7f22/4-features.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7466c19dbfc7d5dbd2fcf9bace33d03eb2ad72ad75ddb464f6faefd3abdec57

Request headers

:path: /hosted/images/31/d8c0d264f14766b1ad0fb5641f7f22/4-features.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 04 Jun 2021 05:02:44 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "ecc43711e482fe772d22bc330c012e54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=67008
accept-ranges: bytes
cf-ray: 67c61f79efec05d0-FRA
content-length: 66860
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 6-programs-1-.png
go.thcmedical.org/hosted/images/0a/644f24c00f4d7c969534947c8a66de/ 752 KB
753 KB 73ms
61ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/0a/644f24c00f4d7c969534947c8a66de/6-programs-1-.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 123ab9cfae34b4888d9d464b1a0fafdcf425a1d24c4c85474870e510f3d60328

Request headers

:path: /hosted/images/0a/644f24c00f4d7c969534947c8a66de/6-programs-1-.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Jul 2021 03:39:16 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "79f35ad5f3436c4c7bed6e9d4c8bc6d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=774559
accept-ranges: bytes
cf-ray: 67c61f79efed05d0-FRA
content-length: 770547
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 IMG_0917.jpg
go.thcmedical.org/hosted/images/60/78436073a64641bbd5e669db4fe077/ 667 KB
668 KB 71ms
59ms Image
image/jpeg 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/60/78436073a64641bbd5e669db4fe077/IMG_0917.jpg
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7ca428be132f8c54867ebcafb286de18204b9cd42adb06b1548c468fb6e781b

Request headers

:path: /hosted/images/60/78436073a64641bbd5e669db4fe077/IMG_0917.jpg
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 May 2021 11:44:42 GMT
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "5bc9e57cb37a5b7cf52684b42c362378"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
cf-polished: origSize=707674
accept-ranges: bytes
cf-ray: 67c61f79efef05d0-FRA
content-length: 682625
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 Richard.png
go.thcmedical.org/hosted/images/75/6b6350d909462abb86686219a38afa/ 2 MB
2 MB 77ms
66ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/75/6b6350d909462abb86686219a38afa/Richard.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40bf68f1d329c839b7b39db9040a441d3d2e0284fe26f0511b8943dc46b3ef6f

Request headers

:path: /hosted/images/75/6b6350d909462abb86686219a38afa/Richard.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 09 Jul 2021 11:13:40 GMT
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "5f0efd22378c8600913b95261385d30f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=2440543
accept-ranges: bytes
cf-ray: 67c61f79eff205d0-FRA
content-length: 2430941
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 bte-features2.png
go.thcmedical.org/hosted/images/69/88acad58d24b05aa1a806af4ef846f/ 58 KB
58 KB 72ms
62ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/69/88acad58d24b05aa1a806af4ef846f/bte-features2.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4078d6c6556899876249bc5306487f4ae5c9d74caab15ade4e3061a6df90aa61

Request headers

:path: /hosted/images/69/88acad58d24b05aa1a806af4ef846f/bte-features2.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Jul 2021 10:34:53 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "8a2f506aa1d38e591cd4492d7230bac8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=59391
accept-ranges: bytes
cf-ray: 67c61f79eff305d0-FRA
content-length: 59211
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 3787983.png
go.thcmedical.org/hosted/images/ba/2f6ba5108a48ee95ed4c03c2a8eb0e/ 22 KB
22 KB 55ms
44ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/ba/2f6ba5108a48ee95ed4c03c2a8eb0e/3787983.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e01e0fb5ccbc983bcaaa9e324e1469c11ee941c27f057b7602e007caf8437d8f

Request headers

:path: /hosted/images/ba/2f6ba5108a48ee95ed4c03c2a8eb0e/3787983.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 04 Jun 2021 07:52:13 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "69eae9631e2bd30c9d7f025fe09551f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=22539
accept-ranges: bytes
cf-ray: 67c61f79eff405d0-FRA
content-length: 22333
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 CS.png
go.thcmedical.org/hosted/images/4f/7a56ac287a4cbd85d83a30cbf5d840/ 24 KB
24 KB 59ms
49ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/4f/7a56ac287a4cbd85d83a30cbf5d840/CS.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db8b05a70801f5932fdf0026e1118d5444333a760719162a47d2ff8cf1e23ac

Request headers

:path: /hosted/images/4f/7a56ac287a4cbd85d83a30cbf5d840/CS.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 04 Jun 2021 07:53:56 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "30270cf56bff2adeed4572b3c12189fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=24807
accept-ranges: bytes
cf-ray: 67c61f79eff505d0-FRA
content-length: 24601
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 752646.png
go.thcmedical.org/hosted/images/7d/9f9ec51d254e97a84b51c9d8165539/ 19 KB
19 KB 451ms
441ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/7d/9f9ec51d254e97a84b51c9d8165539/752646.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ca80e9907fbda560c7d8ea3e13ebeb2404e3ace34a1a36cd092880ea2176ee

Request headers

:path: /hosted/images/7d/9f9ec51d254e97a84b51c9d8165539/752646.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 04 Jun 2021 07:54:57 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "56a3288d3dcefada7b42abd475f95d4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=19263
accept-ranges: bytes
cf-ray: 67c61f79eff605d0-FRA
content-length: 19057
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 5A4524C4-9D87-4D4A-BFA1-1459D31EE6A2.jpg
go.thcmedical.org/hosted/images/c9/57232b83b74bb5905b82e871003d87/ 62 KB
62 KB 60ms
50ms Image
image/jpeg 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/c9/57232b83b74bb5905b82e871003d87/5A4524C4-9D87-4D4A-BFA1-1459D31EE6A2.jpg
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0ab6d8039987392a26c6a97d1998987fc0ab10fb69e1879d026368e79ac833b

Request headers

:path: /hosted/images/c9/57232b83b74bb5905b82e871003d87/5A4524C4-9D87-4D4A-BFA1-1459D31EE6A2.jpg
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 23 Jun 2021 07:48:56 GMT
server: cloudflare
x-amz-cf-pop: FRA56-C1
etag: "4100bce8c124620f35043900b1d61507"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 67c61f79eff705d0-FRA
content-length: 63240
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 Ads2.jpg
go.thcmedical.org/hosted/images/f4/312d24b9fd407e96376bc6a40165bc/ 105 KB
106 KB 66ms
57ms Image
image/jpeg 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/f4/312d24b9fd407e96376bc6a40165bc/Ads2.jpg
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91e6a69efe63f3800a792794c1defed43b6d5a7d360d7693323bad4285422ce5

Request headers

:path: /hosted/images/f4/312d24b9fd407e96376bc6a40165bc/Ads2.jpg
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 07 Jul 2021 16:48:55 GMT
server: cloudflare
x-amz-cf-pop: FRA2-C2
etag: "76ac3d3fe92d9c289c1cce1d933f7238"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
cf-polished: origSize=110920
accept-ranges: bytes
cf-ray: 67c61f79eff805d0-FRA
content-length: 107791
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 IMG_1006.jpg
go.thcmedical.org/hosted/images/42/5418259b9b4ceda56af713d166d703/ 250 KB
251 KB 69ms
60ms Image
image/jpeg 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/42/5418259b9b4ceda56af713d166d703/IMG_1006.jpg
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b1bdbb340a0c14464fdd00c1a15e11326263ae38bf44e3f0a80107f1e2b0bd7

Request headers

:path: /hosted/images/42/5418259b9b4ceda56af713d166d703/IMG_1006.jpg
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 02 Jun 2021 17:19:09 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "cac28c3444dac98f645bcfe475d954a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
cf-polished: origSize=281129
accept-ranges: bytes
cf-ray: 67c61f79eff905d0-FRA
content-length: 256117
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 Screen-Shot-2021-06-16-at-16.40.50.png
go.thcmedical.org/hosted/images/ee/aecb4793dd4629937512f109acaf8f/ 2 MB
2 MB 73ms
64ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/ee/aecb4793dd4629937512f109acaf8f/Screen-Shot-2021-06-16-at-16.40.50.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9bba452bd7ab92885415d470d81e75e322f9c2f1b061999db930fb6c7606b18

Request headers

:path: /hosted/images/ee/aecb4793dd4629937512f109acaf8f/Screen-Shot-2021-06-16-at-16.40.50.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 16 Jun 2021 09:41:36 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "cc50a7ef0f8bce5dfab5da7c2a1550b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=1614622
accept-ranges: bytes
cf-ray: 67c61f79effc05d0-FRA
content-length: 1605626
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 logo-removebg-preview.png
go.thcmedical.org/hosted/images/a8/f5fdc3cbfe457fa3adf4d9fe7b1257/ 36 KB
36 KB 80ms
71ms Image
image/png 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.thcmedical.org/hosted/images/a8/f5fdc3cbfe457fa3adf4d9fe7b1257/logo-removebg-preview.png
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6165976ca61008ac1e9c6adbabb842e33c765d14094dddac0ad6ba76f0de1d2

Request headers

:path: /hosted/images/a8/f5fdc3cbfe457fa3adf4d9fe7b1257/logo-removebg-preview.png
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Feb 2021 05:12:13 GMT
server: cloudflare
x-amz-cf-pop: FRA50-C1
etag: "b0b17a8edae0ca99cfad84e1b4570a60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
cf-polished: origSize=36818
accept-ranges: bytes
cf-ray: 67c61f79effe05d0-FRA
content-length: 36670
cf-bgj: imgq:85,h2pri,csam-hash

GET
H3-29 200 css
fonts.googleapis.com/ 7 KB
838 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway%7COxygen%7CRaleway%7COpen+Sans%7COxygen%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7CPassion+One%7CRaleway%7CPassion+One%7CRaleway%7CPassion+One%7COpen+Sans%7CRaleway%7CRoboto%7COpen+Sans%7CRaleway%7COpen+Sans%7CRoboto%7CRaleway%7COpen+Sans%7CRaleway%7C

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb4aa8813c39eee69d2f1fb178019a3a449698a224fcabc219b118225bbcc218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 03:26:29 GMT
server: ESF
date: Tue, 10 Aug 2021 03:26:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Aug 2021 03:26:29 GMT

GET
H2 200 lander.js Show response
go.thcmedical.org/assets/ 2 MB
659 KB 33ms
33ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.thcmedical.org/assets/lander.js

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae1b95ac9519f0f65a5c36764597d4f506f942bf33c3ded5983293737486fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /assets/lander.js
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 864
last-modified: Mon, 09 Aug 2021 19:46:30 GMT
server: cloudflare
etag: W/"61118616-2355d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 67c61f797f2805d0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 10 Aug 2021 03:46:29 GMT

GET
H2 200 cf_stripe_orders.js Show response
go.thcmedical.org/ 18 KB
5 KB 167ms
167ms Script
application/x-javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.thcmedical.org/cf_stripe_orders.js

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987902c6c8d34bc663e2406589e9c26e9118839c9aefccc8616299ed524dbf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /cf_stripe_orders.js
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 09 Aug 2021 19:46:30 GMT
server: cloudflare
etag: W/"61118616-4711"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=0
cf-ray: 67c61f79cfb705d0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 mailcheck.min.js Show response
app.clickfunnels.com/ 3 KB
2 KB 107ms
66ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/mailcheck.min.js

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3209
last-modified: Mon, 09 Aug 2021 19:46:30 GMT
server: cloudflare
etag: W/"61118616-a8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 67c61f7a1b76c2ef-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 / Show response
js.stripe.com/v2/ 62 KB
20 KB 106ms
33ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v2/

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cc1967c55b7815465d4e44e67c18f1bacf8e0a8bf732e390d97c15da6177d0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
vary: Accept-Encoding
age: 194
via: 1.1 varnish
x-cache: HIT
content-length: 19860
x-amz-id-2: b5Msx8GCLlJ+nieySofbetr06AYposraEjN8B7vE5wLbmclA1ua4RxmFt/W4UC+Z77i9FzuMxhs=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Wed, 14 Apr 2021 16:51:13 GMT
server: AmazonS3
etag: "63806a255b9cebe70a4a260da446de65"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 3GNWT08Y26F47ZE9
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 10

GET
H2 200 / Show response
js.stripe.com/v3/ 233 KB
58 KB 106ms
33ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cc88bda4ce653c1508f11cf4a69da4859e87952d3c74b3278fdf7c98aa7156d5

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
vary: Accept-Encoding
age: 132
via: 1.1 varnish
x-cache: HIT
content-length: 58711
x-amz-id-2: kitrrM1mMYWRkj0G6R52OmWFpumFCMDhE9yzuYtkmNyXCI6nBiCGNmOIhUL84utZIjDOnO/DWPA=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:59:15 GMT
server: AmazonS3
etag: "c5e6f4c3ac5ece6537f523b7b4cf4ebe"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: T2Q1TSVVRYY1A45D
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 5

GET
H2 200 pushcrew.js Show response
app.clickfunnels.com/assets/ 637 B
705 B 118ms
77ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/pushcrew.js

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 396
last-modified: Mon, 09 Aug 2021 19:46:29 GMT
server: cloudflare
etag: W/"61118615-27d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 67c61f7a1b77c2ef-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 10 Aug 2021 03:46:29 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 37ms
13ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 67c61f7a0e2b1776-FRA

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 7 KB
3 KB 131ms
45ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 03:26:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 09:47:31 GMT
Server: AkamaiNetStorage
ETag: "fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3100
Expires: Tue, 10 Aug 2021 03:46:29 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 22 KB
7 KB 100ms
31ms Script
application/javascript 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 14 Jul 2021 17:50:00 GMT
server: snooserv
etag: "912f60c72fda50b2f21068c65115175d"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7018

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 112 KB
34 KB 591ms
207ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3F8BPMPKKNB3CA824N0&lib=ttq
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: acc97e3c52e9194fe62df0bd86012bdbebd90cf07ff83c1073038ed4c9eeff8c

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: a363098a.1d15d6e5
date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-53-33-159.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 156,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=153, origin; dur=3, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 202108100326290102450151363EF051CA
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 3,23.53.33.159
x-tt-trace-host: 01f569cbcf24416512122478616c9edf91e223005c7de3b69d676963a888afd0a784d6052bb2c54f2f85fd4f3f350ae867d6818bfc64806749a6f327a2d23bab23afecdc697496a4b6e15413b649ab6a52ae541b085d119870e9f33d7bffaaf64653d3b0def5bed53b37560a76f94e62e8
expires: Tue, 10 Aug 2021 03:26:30 GMT

GET
H2 200 s8MOs6orbhU
www.youtube.com/embed/ Frame F579 56 KB
0 127ms
91ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Aug 2021 03:26:29 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Lph16ZL7_Wk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=Pebuz0z6-KE; Domain=.youtube.com; Expires=Sun, 06-Feb-2022 03:26:29 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+652; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ho0c3ENtp-Q
www.youtube.com/embed/ Frame 963D 55 KB
0 100ms
65ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Aug 2021 03:26:29 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=EWJxEH-TccY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=5FuuhU8VDEM; Domain=.youtube.com; Expires=Sun, 06-Feb-2022 03:26:29 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+214; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 MwqQpmuXbDk
www.youtube.com/embed/ Frame 383D 56 KB
0 148ms
112ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Aug 2021 03:26:29 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=zKV_ss29iSs; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=oa3LmbmG7oY; Domain=.youtube.com; Expires=Sun, 06-Feb-2022 03:26:29 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+901; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Fj5TOujJ5jQ
www.youtube.com/embed/ Frame ED7C 55 KB
0 127ms
92ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Aug 2021 03:26:29 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=gbhPgAiDg5c; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=kY4kTHWKw3Q; Domain=.youtube.com; Expires=Sun, 06-Feb-2022 03:26:29 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+638; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 background-hearingaid-5-3.jpg
lakeeriehearing.com/wp-content/uploads/2018/05/ 61 KB
61 KB 580ms
219ms Image
image/jpeg 50.28.57.25
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lakeeriehearing.com/wp-content/uploads/2018/05/background-hearingaid-5-3.jpg
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.28.57.25 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.marylandwebmanagement5.com
Software: nginx / PleskLin
Resource Hash: 676bc309b8bc0ec69966f658246b44efec584753a6b53138578a9f193f087343

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:05 GMT
last-modified: Wed, 30 May 2018 16:52:47 GMT
server: nginx
x-powered-by: PleskLin
etag: "5b0ed6df-f247"
content-type: image/jpeg
accept-ranges: bytes
content-length: 62023

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
46 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://go.thcmedical.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 21:18:35 GMT
x-content-type-options: nosniff
age: 22074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 21:18:35 GMT

GET
H2 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v10/ 16 KB
16 KB 18ms
16ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v10/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%7COxygen%7CRaleway%7COpen+Sans%7COxygen%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7COpen+Sans%7CRaleway%7CPassion+One%7CRaleway%7CPassion+One%7CRaleway%7CPassion+One%7COpen+Sans%7CRaleway%7CRoboto%7COpen+Sans%7CRaleway%7COpen+Sans%7CRoboto%7CRaleway%7COpen+Sans%7CRaleway%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ccfa0fba5ab2cfef812fff3452cfdc73b6573900a9613b2828dfa691535b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://go.thcmedical.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:25:10 GMT
x-content-type-options: nosniff
age: 7279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16344
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 01:25:10 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v22/ 21 KB
21 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://go.thcmedical.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 08:28:20 GMT
x-content-type-options: nosniff
age: 586689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21028
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:28:20 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v22/ 15 KB
15 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v22/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://go.thcmedical.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:03:56 GMT
x-content-type-options: nosniff
age: 300153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:53:38 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:03:56 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v22/ 14 KB
14 KB 13ms
11ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v22/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://go.thcmedical.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:03:56 GMT
x-content-type-options: nosniff
age: 300153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:53:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:03:56 GMT

GET
H3-29 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 74 KB
74 KB 36ms
20ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Origin: https://go.thcmedical.org
Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2936514
cf-ray: 67c61f7a1a79d6b9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 75440
x-amz-id-2: m60y0+jSRCSXhXenIeHpQubhRxLC+mwfdleCumFDG5UXy8B4HMUzYJLxiZpuy98rfWADuqpsdnc=
last-modified: Wed, 30 Jun 2021 15:48:27 GMT
server: cloudflare
etag: "b5cf8ae26748570d8fb95a47f46b69e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zqApwh8edd8ovSYU%2Ba4AjPdngjIxJlPLRGNB6zu3O3LEg5q5vq5SS%2FIRlECYXOFQNn2ywZKpfvrqHifcZ9h5uNOKRpzxBKfdIPqkK%2Buq7iGYx%2BaVl470Gka6OwQVvyb7dwslVMXN%2BXzQ3cziy9yPxzZ"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 17H87Q5A6BMH62KK
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 PbynFmL8HhTPqbjUzux3JEuR9ls.woff2
fonts.gstatic.com/s/passionone/v11/ 7 KB
7 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/passionone/v11/PbynFmL8HhTPqbjUzux3JEuR9ls.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99c1949864ce5857840e26e8f83d0e782eda8032acd8c7f4ee602cb1a16e07ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://go.thcmedical.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 09:47:04 GMT
x-content-type-options: nosniff
age: 581965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:49:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 09:47:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 13ms
11ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://go.thcmedical.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:00:34 GMT
x-content-type-options: nosniff
age: 1555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 03:00:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://go.thcmedical.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 592451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 06:52:18 GMT

GET
H3-29 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 13 KB
14 KB 29ms
14ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

Origin: https://go.thcmedical.org
Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2963484
cf-ray: 67c61f7a1a7cd6b9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13580
x-amz-id-2: uZfUSZsOLdKeuSFef+k8aZAH3MSnFLAYsH9qfmb+IRbUfH8UipbimDsWoMHSEaYa0t/0wqVRFqU=
last-modified: Wed, 30 Jun 2021 15:48:27 GMT
server: cloudflare
etag: "e07d9e40b26048d9abe2ef966cd6e263"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnC0pxkbmBt9NGhEbeAkrQHHWlz6yYFITlH7qJL0ZsCMlOsfLByquFYnoPniGjFQfYx52P%2BUs14vUIwJLsRaw2GKkcgvIUlorchq8VKjLNBa30iC7FaZim6MiVOaRlUUefzhPH2VLC2ZrZKWKGNwUbP6"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: R3BNXWX2ZFV1HRC6
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H/1.1 200
OK /
track.addevent.com/atc/ 0
0 206ms
45ms Image
text/html 54.72.172.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=ad256004-ceaf-44bb-cd82-a37c1f1bb297&url=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&cache=1628565989802
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.172.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-172-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, X-Access-Token
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS

GET
H2 200 vendor.js Show response
go.thcmedical.org/ 18 KB
6 KB 170ms
170ms Script
application/javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.thcmedical.org/vendor.js

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

:path: /vendor.js
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n; addevent_track_cookie=ad256004-ceaf-44bb-cd82-a37c1f1bb297
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
strict-transport-security: max-age=0
x-request-id: 4b1c9b89bc0f2fb7d2edbd9763b9e1b0
x-runtime: 0.095361
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
access-control-allow-credentials: true
cf-ray: 67c61f7c5b6705d0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: fresh

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
807 B 177ms
162ms XHR
text/html 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=QXBWanh1QmJZQlFIM05YaWhONkQrUT09LS1MeUVjK000anMwVzdXNndFUkdSTS9nPT0%3D--a074ee8666fb395e3e74d18861d74cb99d3d7165&page_id=YjY2M0srNDZsOE5LUk8rLzNrbW5Vdz09LS01S0VvbnpBWEloVkFmMFpzTFBYVDdRPT0%3D--8f47e99a50a23c095f03f67e9e518a4b0e84185a&funnel_step_id=RXNZWjNSaitsZTZMZHZPRlJoNFI0dz09LS1zNEJjaFR6TDlIMzd0SW5NZFhidUJnPT0%3D--bf9cf2f93e6ca8aa3d25b718475066e5b953d256&user_id=TDQyOG05NzJubU8rdkR2aXFZaEpqUT09LS1aVVFPdmFKSnp6MVBwTE1sT1FNTnZRPT0%3D--3150e5961a2976923e77c90b31b0a6b83a6d24aa&account_id=cHpoSU9UeXdhUXJYaWg3SXFyTm8rUT09LS1PcHhveGdZeis4NktrT2ViOGFSYW5BPT0%3D--4c508aba46b4a9544b728f0f3c5d045c3cf7030e&page_code=NDcxNzY5MjI%3D&mode_id=1&time_zone=Hanoi&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=1d424e56-9976-4c7e-b0ec-7af556680ef6&url=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: bb808856903da4a43c0254fdb4122e45
x-runtime: 0.033016
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 67c61f7c882c4e13-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
305 B 185ms
170ms XHR
text/html 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=QXBWanh1QmJZQlFIM05YaWhONkQrUT09LS1MeUVjK000anMwVzdXNndFUkdSTS9nPT0%3D--a074ee8666fb395e3e74d18861d74cb99d3d7165&page_id=YjY2M0srNDZsOE5LUk8rLzNrbW5Vdz09LS01S0VvbnpBWEloVkFmMFpzTFBYVDdRPT0%3D--8f47e99a50a23c095f03f67e9e518a4b0e84185a&funnel_step_id=RXNZWjNSaitsZTZMZHZPRlJoNFI0dz09LS1zNEJjaFR6TDlIMzd0SW5NZFhidUJnPT0%3D--bf9cf2f93e6ca8aa3d25b718475066e5b953d256&user_id=TDQyOG05NzJubU8rdkR2aXFZaEpqUT09LS1aVVFPdmFKSnp6MVBwTE1sT1FNTnZRPT0%3D--3150e5961a2976923e77c90b31b0a6b83a6d24aa&account_id=cHpoSU9UeXdhUXJYaWg3SXFyTm8rUT09LS1PcHhveGdZeis4NktrT2ViOGFSYW5BPT0%3D--4c508aba46b4a9544b728f0f3c5d045c3cf7030e&page_code=NDcxNzY5MjI%3D&mode_id=1&time_zone=Hanoi&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=89371cd8-68ab-4ed3-8407-26e4fdc3e1f4&url=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: 7904c38b28cee6707eee6d275e3bd8e1
x-runtime: 0.029102
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 67c61f7c882d4e13-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
302 B 225ms
212ms XHR
text/html 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=QXBWanh1QmJZQlFIM05YaWhONkQrUT09LS1MeUVjK000anMwVzdXNndFUkdSTS9nPT0%3D--a074ee8666fb395e3e74d18861d74cb99d3d7165&page_id=YjY2M0srNDZsOE5LUk8rLzNrbW5Vdz09LS01S0VvbnpBWEloVkFmMFpzTFBYVDdRPT0%3D--8f47e99a50a23c095f03f67e9e518a4b0e84185a&funnel_step_id=RXNZWjNSaitsZTZMZHZPRlJoNFI0dz09LS1zNEJjaFR6TDlIMzd0SW5NZFhidUJnPT0%3D--bf9cf2f93e6ca8aa3d25b718475066e5b953d256&user_id=TDQyOG05NzJubU8rdkR2aXFZaEpqUT09LS1aVVFPdmFKSnp6MVBwTE1sT1FNTnZRPT0%3D--3150e5961a2976923e77c90b31b0a6b83a6d24aa&account_id=cHpoSU9UeXdhUXJYaWg3SXFyTm8rUT09LS1PcHhveGdZeis4NktrT2ViOGFSYW5BPT0%3D--4c508aba46b4a9544b728f0f3c5d045c3cf7030e&page_code=NDcxNzY5MjI%3D&mode_id=1&time_zone=Hanoi&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=92eba89f-7c1a-4778-9916-6e324fefc965&url=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
access-control-request-method: *
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
strict-transport-security: max-age=0
x-request-id: f0671400a15bda1d923f9893f172fee1
x-runtime: 0.048711
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 67c61f7c882e4e13-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H3-29 200 iframe_api Show response
www.youtube.com/ 980 B
513 B 31ms
30ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc0cbaf945a159758b1e56536890cd2d929d45c74f5c1a0b22a66daf3d8c246a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Tue, 10 Aug 2021 03:26:29 GMT

GET
H3-29 200 s8MOs6orbhU Show response
www.youtube.com/embed/ Frame 99C8 55 KB
23 KB 58ms
58ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a4454ac29efc8af49d07575cb3f70acabdfb0eaae471ee5b7d675fc87a7634e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=zKV_ss29iSs; VISITOR_INFO1_LIVE=oa3LmbmG7oY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Aug 2021 03:26:29 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+182; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ho0c3ENtp-Q Show response
www.youtube.com/embed/ Frame F961 55 KB
23 KB 61ms
61ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52b9219d2b341d9d2fccca96c63895f1ce8b22d6b7b6d0896102b5b4e297bd88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=zKV_ss29iSs; VISITOR_INFO1_LIVE=oa3LmbmG7oY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Aug 2021 03:26:29 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+688; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 MwqQpmuXbDk Show response
www.youtube.com/embed/ Frame 8A54 56 KB
23 KB 48ms
46ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

248bd5c873744a1ba01f31cb2c9f9ee1866587602f8ea370c9ad8d11ae2cd7ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=zKV_ss29iSs; VISITOR_INFO1_LIVE=oa3LmbmG7oY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Aug 2021 03:26:29 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+943; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Fj5TOujJ5jQ Show response
www.youtube.com/embed/ Frame CE31 55 KB
23 KB 58ms
58ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75f92bf579e015b79a1ff6668c2e5957288e53cd92020fb2104361c9b41be6ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=zKV_ss29iSs; VISITOR_INFO1_LIVE=oa3LmbmG7oY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 10 Aug 2021 03:26:30 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+339; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 channel.html Show response
js.stripe.com/v2/ Frame 7C15 1 KB
648 B 31ms
30ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fgo.thcmedical.org&stripe_xdm_c=default557582&stripe_xdm_p=1

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a3e859b8149a06247853276aa0b4c79c4f3d0d63e91baf88bf96b76fbfc1b492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v2/channel.html?stripe_xdm_e=https%3A%2F%2Fgo.thcmedical.org&stripe_xdm_c=default557582&stripe_xdm_p=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

x-amz-id-2: fQyS3RhyQ7ZgS6lBS1x5QBH0Up6U+BmdpYrc0Ff+k2Xf+2151cf7Y40iRFw6qq2JE8+z2qTZZwE=
x-amz-request-id: PM7EPPNNA5H00RQY
last-modified: Wed, 06 Sep 2017 17:40:34 GMT
etag: "19af0c6cc7a0bca20a355b3362dc64a0"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Aug 2021 03:26:29 GMT
via: 1.1 varnish
age: 90
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 4
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-length: 449

GET
H2 200 m-outer-775bcd17e5e345e5c78406e66e355cd7.html Show response
js.stripe.com/v3/ Frame B81F 215 B
507 B 30ms
30ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4de975f97fecd028e959b36ad8636ff6b418f8894caa2ec16cf18581643ece47

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

x-amz-id-2: SNSMmkoudc0Oq3sP+Nkcul03tjOz7ETLmeopLgEmbCwSEErr+YNttX5ZpnhmrRpTlgUu7T1Jk84=
x-amz-request-id: 9J2SG9NDM85X6GG4
last-modified: Wed, 04 Aug 2021 20:44:45 GMT
etag: "775bcd17e5e345e5c78406e66e355cd7"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Aug 2021 03:26:29 GMT
via: 1.1 varnish
age: 271
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 79
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 130

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 428ms
119ms Script
application/javascript 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00b8cac538a4d5837bc9c00d3632997d58
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: gzip
X-TraceId: aabccda1cc4f44e8c625e2aa2c16fed7
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 414ms
105ms Image
image/gif 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00b8cac538a4d5837bc9c00d3632997d58&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&optOut=false&bust=016432482838705442
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 03:26:30 GMT
Cache-Control: no-cache
X-TraceId: 57e82e405d24caddc28a25ee38007c06
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
72 B 196ms
132ms Image
image/gif 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1628565989990&id=t2_3ave2e3h&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=07b4eff8-1a73-48d6-a80a-5d0cb5b82d29&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_a797b96e
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 195ms
131ms Image
image/gif 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1628565989990&id=t2_3ave2e3h&event=ViewContent&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=07b4eff8-1a73-48d6-a80a-5d0cb5b82d29&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_a797b96e
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 155ms
59ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-628586506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13910
x-xss-protection: 0
server: cafe
etag: 8154934153164151798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Aug 2021 03:26:30 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/4224c673/www-widgetapi.vflset/ 126 KB
42 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21c656c6aae5babedb87b7511e29fad50499615042bf7fdf35667dfcbbf19acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42109
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42930
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:41 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/4224c673/ Frame 99C8 328 KB
45 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47175b1daa58725f19ffe6baa072761eeb7e1c80cb30e4c6ba0e58b0605915aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42085
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46099
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:45:05 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/4224c673/www-embed-player.vflset/ Frame 99C8 192 KB
64 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63d41983cb11cb819383ae7d42101f22005b612b02e3cfab3ca39a7208778a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42124
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65180
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:26 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame 99C8 2 MB
493 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e26b31b609e44e401e93111cd65784f23b93e73320a17ad7c0aa21389c118758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42128
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504682
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:22 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4224c673/fetch-polyfill.vflset/ Frame 99C8 8 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42124
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:26 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 99C8 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 9814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:42:56 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/4224c673/ Frame F961 328 KB
45 KB 9ms
9ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47175b1daa58725f19ffe6baa072761eeb7e1c80cb30e4c6ba0e58b0605915aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42085
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46099
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:45:05 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/4224c673/www-embed-player.vflset/ Frame F961 192 KB
64 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63d41983cb11cb819383ae7d42101f22005b612b02e3cfab3ca39a7208778a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42124
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65180
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:26 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame F961 2 MB
493 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e26b31b609e44e401e93111cd65784f23b93e73320a17ad7c0aa21389c118758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42128
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504682
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:22 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4224c673/fetch-polyfill.vflset/ Frame F961 8 KB
3 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42124
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:26 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F961 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 9814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:42:56 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/4224c673/ Frame 8A54 328 KB
45 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47175b1daa58725f19ffe6baa072761eeb7e1c80cb30e4c6ba0e58b0605915aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42085
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46099
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:45:05 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/4224c673/www-embed-player.vflset/ Frame 8A54 192 KB
64 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63d41983cb11cb819383ae7d42101f22005b612b02e3cfab3ca39a7208778a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42124
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65180
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:26 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame 8A54 2 MB
493 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e26b31b609e44e401e93111cd65784f23b93e73320a17ad7c0aa21389c118758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42128
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504682
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:22 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4224c673/fetch-polyfill.vflset/ Frame 8A54 8 KB
3 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42124
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:26 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8A54 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 9814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:42:56 GMT

GET
H2 200 / Show response
js.stripe.com/v2/ Frame 7C15 62 KB
20 KB 40ms
31ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v2/

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fgo.thcmedical.org&stripe_xdm_c=default557582&stripe_xdm_p=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cc1967c55b7815465d4e44e67c18f1bacf8e0a8bf732e390d97c15da6177d0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fgo.thcmedical.org&stripe_xdm_c=default557582&stripe_xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: br
vary: Accept-Encoding
age: 195
via: 1.1 varnish
x-cache: HIT
content-length: 19860
x-amz-id-2: b5Msx8GCLlJ+nieySofbetr06AYposraEjN8B7vE5wLbmclA1ua4RxmFt/W4UC+Z77i9FzuMxhs=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Wed, 14 Apr 2021 16:51:13 GMT
server: AmazonS3
etag: "63806a255b9cebe70a4a260da446de65"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 3GNWT08Y26F47ZE9
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 12

GET
H2 200 m-outer-6d5bfd64b1e0529131bed3eaf87b7c9b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B81F 1 KB
1 KB 39ms
30ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6d5bfd64b1e0529131bed3eaf87b7c9b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-775bcd17e5e345e5c78406e66e355cd7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: br
vary: Accept-Encoding
age: 255
via: 1.1 varnish
x-cache: HIT
content-length: 637
x-amz-id-2: SOPFCkvwZr3i7GG3eSzSMYea2QtUxOwS7E3ODzytG5bL7vZEfxkcht1qjPX0pcfjDpEYynJt9o0=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 20:44:37 GMT
server: AmazonS3
etag: "78581b5abad6c4e7b59c0f8ee45a8134"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: NKR48DSHB6DJS955
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 77

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/4224c673/ Frame CE31 328 KB
45 KB 11ms
8ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47175b1daa58725f19ffe6baa072761eeb7e1c80cb30e4c6ba0e58b0605915aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42085
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46099
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:45:05 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/4224c673/www-embed-player.vflset/ Frame CE31 192 KB
64 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63d41983cb11cb819383ae7d42101f22005b612b02e3cfab3ca39a7208778a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42124
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65180
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:26 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame CE31 2 MB
493 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e26b31b609e44e401e93111cd65784f23b93e73320a17ad7c0aa21389c118758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42128
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 504682
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:22 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4224c673/fetch-polyfill.vflset/ Frame CE31 8 KB
3 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42124
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:26 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CE31 15 KB
15 KB 14ms
10ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 00:42:56 GMT
x-content-type-options: nosniff
age: 9814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 00:42:56 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 207ms
190ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3F8BPMPKKNB3CA824N0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: a38790cd.1d15d7ac
date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-53-33-180.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 160,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=155, origin; dur=5, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202108100326300102450151361AF34A6C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.53.33.180
x-tt-trace-host: 01f569cbcf24416512122478616c9edf91e223005c7de3b69d676963a888afd0a7a0ae3611568e29f618fc3ff836269f87ab9db8a96e9c2a666f55f5f929f71936209dad8bc1a626ffb4f1054f4e79e1596991ae78c770bd2854c64a43dbbddfe2ea3e9a9f696515f37404dfdefcdd56cf
expires: Tue, 10 Aug 2021 03:26:30 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 59 KB
20 KB 233ms
229ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C3F8BPMPKKNB3CA824N0&hostname=go.thcmedical.org
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3F8BPMPKKNB3CA824N0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c98893b44af705c8da0b5c2d2bd625e668b5095e5911a76a5fd10faf5caffad5

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: b87da7c2.1d15d7b7
date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-44-4-92.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 177,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=154, origin; dur=23, inner; dur=20
pragma: no-cache
server: nginx
x-tt-logid: 2021081003263001024500211909F28DC4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.44.4.92
x-tt-trace-host: 01f569cbcf24416512122478616c9edf91e223005c7de3b69d676963a888afd0a749fe24da4bd8fc2f39ebc71942bc1f892ad910023786f7a3033c4401897ef6c28e92b066a24edc2fb528bc4d5708d5f95785724f9ac65d8511fd062e2d460afc743fff57c2ca98a7e8c17788fab9fcfb
expires: Tue, 10 Aug 2021 03:26:30 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 7DB1 932 B
1 KB 123ms
30ms Document
text/html 2600:9000:2181:4000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6d5bfd64b1e0529131bed3eaf87b7c9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2181:4000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 18 Jun 2021 21:35:08 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Tue, 10 Aug 2021 03:22:35 GMT
cache-control: public, max-age=300
etag: W/"60cd118c-3a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P2
x-amz-cf-id: Ak5YyZ2c3d1DY-LjsaRnYjeS7CHUpWgPsoi2Bbm5zwNwrDXEk3vZDA==
age: 236

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 99C8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
159 B

15ms
15ms

XHR
application/json

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff8d04a3074dac7a0a26127c704090c455e0af5cf5869c033c4cb95d430aaaca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 10 Aug 2021 03:26:30 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 99C8 29 B
424 B 279ms
7ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:14:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 709
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 10 Aug 2021 03:29:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/628586506/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628586506/?random=1628565990469&cv=9&fst=1628565990469&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa840&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&tiba=Crystal%C2%AE%20BTE%20-%20Official%20Site&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfe04b96dbef162fa7d26af2eb20ee1c28e404aa4eb08f860a77ba4f58c139a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1041
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame F961 113 B
161 B 28ms
14ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c5c2990f03ef6c4d792dcd61a36cc79e2598165506295ae16e6b2040a6c9866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F961 29 B
87 B 245ms
7ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:14:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 709
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 10 Aug 2021 03:29:41 GMT

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 8A54 113 B
161 B 14ms
14ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32f66af2d3567ad74cffa251ec900b9382d7e01952fda08929edf5a64ca1a062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 8A54 29 B
87 B 229ms
7ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:14:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 709
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 10 Aug 2021 03:29:41 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame 99C8 95 KB
29 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9cf652fa4cfc3b7d5cfcc57fed17d0c4780061e6c643fd03141e94426f26936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42126
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29745
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:24 GMT

GET
H2 200 1RUYfOPm15xRPtPb4fddkPdwajr618gcK7VawN-FA3M.js Show response
www.google.com/js/th/ Frame 99C8 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1RUYfOPm15xRPtPb4fddkPdwajr618gcK7VawN-FA3M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d515187ce3e6d79c513ed3dbe1f75d90f7706a3afad7c81c2bb55ac0df850373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 05:58:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 05:58:35 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame 99C8 25 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d717c22b73d39caf59c4d46c23774ac2386bfc80937b90fd09ab56c0f2e7b072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 41733
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7445
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:50:57 GMT

GET
DATA 200
OK truncated
/ Frame 99C8 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQyyl7dDXwQpA3w1h7x4gpEufbAHip_b5MOTKQw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 99C8 3 KB
3 KB 478ms
459ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQyyl7dDXwQpA3w1h7x4gpEufbAHip_b5MOTKQw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cd36bbb453736ae048e6aa4c698588c733f11b071bb8c7e7d8b97e9e02a7cf06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3230
x-xss-protection: 0
server: fife
etag: "v1e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 09 Aug 2021 15:00:12 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/s8MOs6orbhU/ Frame 99C8 34 KB
34 KB 40ms
21ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/s8MOs6orbhU/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b01d55bd8dddfa1f9b2af932c04769bac28c5d60b6ca5e5112a92e8d1348c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
vary: Origin
server: sffe
x-content-type-options: nosniff
age: 0
etag: "1619148400"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34770
x-xss-protection: 0
expires: Tue, 10 Aug 2021 05:26:30 GMT

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame CE31 113 B
159 B 14ms
13ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8954ed4844fc130b3f2aa636de6b18ea3431738a9d3b45146497a17210d450c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CE31 29 B
52 B 19ms
6ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:14:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 709
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 10 Aug 2021 03:29:41 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame F961 95 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9cf652fa4cfc3b7d5cfcc57fed17d0c4780061e6c643fd03141e94426f26936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42126
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29745
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:24 GMT

GET
H3-29 200 1RUYfOPm15xRPtPb4fddkPdwajr618gcK7VawN-FA3M.js Show response
www.google.com/js/th/ Frame F961 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1RUYfOPm15xRPtPb4fddkPdwajr618gcK7VawN-FA3M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d515187ce3e6d79c513ed3dbe1f75d90f7706a3afad7c81c2bb55ac0df850373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:34:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 03:34:57 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame F961 25 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d717c22b73d39caf59c4d46c23774ac2386bfc80937b90fd09ab56c0f2e7b072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 41733
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7445
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:50:57 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame 8A54 95 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9cf652fa4cfc3b7d5cfcc57fed17d0c4780061e6c643fd03141e94426f26936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42126
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29745
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:24 GMT

GET
H3-29 200 1RUYfOPm15xRPtPb4fddkPdwajr618gcK7VawN-FA3M.js Show response
www.google.com/js/th/ Frame 8A54 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1RUYfOPm15xRPtPb4fddkPdwajr618gcK7VawN-FA3M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d515187ce3e6d79c513ed3dbe1f75d90f7706a3afad7c81c2bb55ac0df850373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:34:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 03:34:57 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame 8A54 25 KB
7 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d717c22b73d39caf59c4d46c23774ac2386bfc80937b90fd09ab56c0f2e7b072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 41733
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7445
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:50:57 GMT

GET
DATA 200
OK truncated
/ Frame F961 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSGl3Tm99C-HKLfr7OM0cUnVry7PTlob09-PA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F961 957 B
1 KB 154ms
153ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSGl3Tm99C-HKLfr7OM0cUnVry7PTlob09-PA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82f57af64c9ae441f0a2418e9dbcf1241ebf14b1671818d445334e4fe8080a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 957
x-xss-protection: 0
expires: Wed, 11 Aug 2021 03:26:31 GMT

GET
H3-29 200 sddefault.webp
i.ytimg.com/vi_webp/ho0c3ENtp-Q/ Frame F961 17 KB
17 KB 31ms
31ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/ho0c3ENtp-Q/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183afe18037906b8851a262e0f5d0ee14aa17e8df162856db96b77fcd45a9f15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1618419426"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17342
x-xss-protection: 0
expires: Tue, 10 Aug 2021 05:26:30 GMT

GET
DATA 200
OK truncated
/ Frame 8A54 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRQGPz22JATNmy0Y89OwwBYlTb8lbc1FwOyUEfBSw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 8A54 858 B
1 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRQGPz22JATNmy0Y89OwwBYlTb8lbc1FwOyUEfBSw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

54340e3f1f44609c0b3285866bcc5514d69e1f67640ed6c853c2dbf4eff2ef88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 858
x-xss-protection: 0
server: fife
etag: "v19d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Jul 2021 07:04:12 GMT

GET
H3-29 200 sddefault.webp
i.ytimg.com/vi_webp/MwqQpmuXbDk/ Frame 8A54 35 KB
35 KB 24ms
24ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/MwqQpmuXbDk/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90bb64a713453635950bd1ac500d4f3216f76ba8eb80b2fc2d340da6b9a7c92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1624383600"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35714
x-xss-protection: 0
expires: Tue, 10 Aug 2021 05:26:30 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame CE31 95 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9cf652fa4cfc3b7d5cfcc57fed17d0c4780061e6c643fd03141e94426f26936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 42126
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29745
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:44:24 GMT

GET
H3-29 200 1RUYfOPm15xRPtPb4fddkPdwajr618gcK7VawN-FA3M.js Show response
www.google.com/js/th/ Frame CE31 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/1RUYfOPm15xRPtPb4fddkPdwajr618gcK7VawN-FA3M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d515187ce3e6d79c513ed3dbe1f75d90f7706a3afad7c81c2bb55ac0df850373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 03:34:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 Aug 2022 03:34:57 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/ Frame CE31 25 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d717c22b73d39caf59c4d46c23774ac2386bfc80937b90fd09ab56c0f2e7b072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 15:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 09 Aug 2021 00:18:29 GMT
server: sffe
age: 41733
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7445
x-xss-protection: 0
expires: Tue, 09 Aug 2022 15:50:57 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
705 B 204ms
203ms Ping
application/octet-stream 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3F8BPMPKKNB3CA824N0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: f9a1d103.1d15d9c3
date: Tue, 10 Aug 2021 03:26:31 GMT
x-cache-remote: TCP_MISS from a23-44-4-38.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 163,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=153, origin; dur=10, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2021081003263001024502715056ECAE78
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.44.4.38
x-tt-trace-host: 01f569cbcf24416512122478616c9edf91e223005c7de3b69d676963a888afd0a78cedbe69acf50d4939d50fe0421d894d9f38c5382f848efd169428628c658dd9facdb8343c1b6888580512e679847bee9f121fc5d78deeccbee662f0266e32f38265fcca2e5a330d84262bcd73acefcc
expires: Tue, 10 Aug 2021 03:26:31 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
709 B 244ms
243ms Ping
application/octet-stream 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3F8BPMPKKNB3CA824N0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a98a5569.1d15d9c5
date: Tue, 10 Aug 2021 03:26:31 GMT
x-cache-remote: TCP_MISS from a23-53-33-191.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 207,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=184, origin; dur=24, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2021081003263101024504521331E67D61
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.53.33.191
x-tt-trace-host: 01f569cbcf24416512122478616c9edf91e223005c7de3b69d676963a888afd0a711786d084f343e274e7eebe80fb1cb67cc0ee3a3205aed6182ffd04698d32489ec9d04f8aac4736b0bbfd9a9b73b2b0d6bd0fbed7608d72ccf2dac75021273ff81f1864f1bd071de8911627f7931bce1
expires: Tue, 10 Aug 2021 03:26:31 GMT

GET
DATA 200
OK truncated
/ Frame CE31 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 AKedOLQyyl7dDXwQpA3w1h7x4gpEufbAHip_b5MOTKQw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CE31 3 KB
3 KB 348ms
347ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQyyl7dDXwQpA3w1h7x4gpEufbAHip_b5MOTKQw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cd36bbb453736ae048e6aa4c698588c733f11b071bb8c7e7d8b97e9e02a7cf06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3230
x-xss-protection: 0
server: fife
etag: "v1e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 09 Aug 2021 15:00:12 GMT

GET
H3-29 200 sddefault.webp
i.ytimg.com/vi_webp/Fj5TOujJ5jQ/ Frame CE31 21 KB
21 KB 21ms
21ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Fj5TOujJ5jQ/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b04d6741a8f47e4dce61eb8428741041365bd9b25e0e791508a6ac151ee43f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1624504317"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21274
x-xss-protection: 0
expires: Tue, 10 Aug 2021 05:26:30 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/628586506/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/628586506/?random=1628565990469&cv=9&fst=1628564400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa840&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&tiba=Crystal%C2%AE%20BTE%20-%20Official%20Site&async=1&fmt=3&is_vtc=1&random=4214487771&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/628586506/ 42 B
569 B 43ms
19ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/628586506/?random=1628565990469&cv=9&fst=1628564400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa840&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&tiba=Crystal%C2%AE%20BTE%20-%20Official%20Site&async=1&fmt=3&is_vtc=1&random=4214487771&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 out-4.5.35.js Show response
m.stripe.network/ Frame 7DB1 85 KB
19 KB 36ms
36ms Script
application/x-javascript 2600:9000:2181:4000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.35.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2181:4000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"60cd118c-153a9"
age: 72
x-cache: Hit from cloudfront
last-modified: Fri, 18 Jun 2021 21:35:08 GMT
server: nginx
date: Tue, 10 Aug 2021 03:25:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MRS52-P2
timing-allow-origin: *
x-amz-cf-id: rXu7HGplooSvDdjnYhH2ZkV4Y7TBAJZPae9oTZ1AJLeBDoRjrCaGHw==

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 99C8 4 KB
2 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Tue, 10 Aug 2021 03:26:30 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F961 4 KB
2 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Tue, 10 Aug 2021 03:26:30 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 99C8 0
9 B 8ms
7ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?7owOhg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 204 generate_204
www.youtube.com/ Frame F961 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?iaIGNg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 8A54 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Tue, 10 Aug 2021 03:26:31 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 8A54 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?a78YTQ
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 204 generate_204
www.youtube.com/ Frame CE31 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?GA3KjA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CE31 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Tue, 10 Aug 2021 03:26:31 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 7DB1 156 B
517 B 538ms
181ms XHR
text/plain 34.211.191.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.35.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.191.133 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-191-133.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9211133b27c829b1af6d5e654a7287001caf220d0732d2394fb5db8212a840b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

OPTIONS
H3-29 200 track
app.funnelish.com/apps/api/v1/ Frame 0
0 245ms
236ms Preflight 2606:4700:3035::6815:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.funnelish.com/apps/api/v1/track
Protocol: H3-29
Server: 2606:4700:3035::6815:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://go.thcmedical.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-length: 0
access-control-allow-headers: Content-Type
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UL3KC3rNqNBni32WUauNvzfTfjghwl6WFEyygNWR5g2cRL2KjQwd7qIzV9WwZLkiIeLtah4PXltRVXpMRUP%2BH01OsvHdQq%2FqflyGhx17fBivZWKCWKjozMvEj2%2Bla8hhSZ%2BZk0N3srnaBSByGNJQHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67c61f8758634eb6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H3-29 200 get_config
app.funnelish.com/apps/api/v1/ Frame 0
0 244ms
235ms Preflight 2606:4700:3035::6815:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.funnelish.com/apps/api/v1/get_config
Protocol: H3-29
Server: 2606:4700:3035::6815:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://go.thcmedical.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-length: 0
access-control-allow-headers: Content-Type
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvh1soOtOJO0jH2cV%2BAp8h7MrKZNRmuforEkChht9oYWAcp22gzoRVlE86ohTDPmjR7870RZ%2BIesG0Fhv4D0BP%2BdFjPpkOs2iI7H%2Bp5GmwVwj3OwOHWr5mrXOmeuVdL%2BFYkNxIvSaO5N5XQZcxEG4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67c61f8758644eb6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 86ms
29ms Script
application/javascript 151.101.13.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: H89KM1RV4S7TFTBC
x-cache: HIT
content-length: 11781
x-amz-id-2: 2X4DcPAuUiE6Foymon7Mxx0ETD5vM2d6Ih31P/Gs/3u8xfRvjERnC1m/KQrm7GW45yv3YDNKCwU=
x-served-by: cache-fra19125-FRA
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1628565992.631146,VS0,VE0
date: Tue, 10 Aug 2021 03:26:31 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1869

POST
H3-29 200 track Show response
app.funnelish.com/apps/api/v1/ 40 B
587 B 295ms
295ms XHR
text/plain 2606:4700:3035::6815:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.funnelish.com/apps/api/v1/track
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80398af9331a338ed258fa05e07de4cdca2d835d9f2a5259f44f2f4abb1ca165

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGe3N9clyWAdY%2BrW%2FvtC5FhxJq70H21eVKjPrzkIQdOY6bZYD%2FgjJi6VwLjF6qSqHGCEnoZr2QayUF%2BRUSqyEJNJNJb8IWsU6PFxYvvzrtGnagaKU4q1aaX5tockVXnYVM8uaNpFtfNMLfBS%2BtjXaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 67c61f88da304eb6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 40

POST
H3-29 200 get_config Show response
app.funnelish.com/apps/api/v1/ 4 KB
3 KB 271ms
271ms XHR
text/plain 2606:4700:3035::6815:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.funnelish.com/apps/api/v1/get_config
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f736cfabd6270c7bb0910483a8752601f6154744e542021253eb43b136aabb41

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cuBZBVptnBCV0fP%2BaYZcXdDeNjYFc5mv85IaufgdmvbaFs8V%2FcS8GIoHZXOyWJY0WeV%2Bb4tYiA4oPV7HJHylIGio3y94lR9Jv1%2BM2EcYKwWkj%2B5oOZls%2B%2FMyCXNIeEu1%2FxjQyr6BPtJK%2BAU8%2Fq3FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 67c61f88da2f4eb6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 background.png Show response
go.thcmedical.org/images/ 119 B
341 B 160ms
160ms XHR
text/javascript 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.thcmedical.org/images/background.png?_unique=0.9442177240735583&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//go.thcmedical.org/crystal0169&_title=Crystal%C2%AE%20BTE%20-%20Official%20Site&_key=zmnjyo78&_page_key=nbf89a46as0xeljr&_fid=10671996&_fspos=1&_fvrs=15&_funnel_stat=1&_location=https://go.thcmedical.org/crystal0169&_referrer=

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/vendor.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

f12b1080681ef1069d36cc32369b45fa4c6cbc3f473d1cd79c5e172f4eee4a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

:path: /images/background.png?_unique=0.9442177240735583&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//go.thcmedical.org/crystal0169&_title=Crystal%C2%AE%20BTE%20-%20Official%20Site&_key=zmnjyo78&_page_key=nbf89a46as0xeljr&_fid=10671996&_fspos=1&_fvrs=15&_funnel_stat=1&_location=https://go.thcmedical.org/crystal0169&_referrer=
pragma: no-cache
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n; addevent_track_cookie=ad256004-ceaf-44bb-cd82-a37c1f1bb297; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NDcxNzY5MjI=:visited=true; cf:visitor_id=112c928f-ac1f-4e9d-8d65-b99424744a47; _rdt_uuid=1628565989988.07b4eff8-1a73-48d6-a80a-5d0cb5b82d29; _gcl_au=1.1.1099131455.1628565990; outbrain_cid_fetch=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
access-control-request-method: *
cf-cache-status: DYNAMIC
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
strict-transport-security: max-age=0
content-encoding: br
x-request-id: f98a3f735a650eee1be4622f6b5efdff
x-runtime: 0.020814
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
cf-ray: 67c61f87588605d0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

POST
H2 200 rum Show response
go.thcmedical.org/cdn-cgi/ 0
200 B 13ms
12ms XHR
text/plain 2606:4700::6810:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.thcmedical.org/cdn-cgi/rum?req_id=67c61f77ccbc05d0

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://go.thcmedical.org
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: __cf_bm=67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n; addevent_track_cookie=ad256004-ceaf-44bb-cd82-a37c1f1bb297; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NDcxNzY5MjI=:visited=true; cf:visitor_id=112c928f-ac1f-4e9d-8d65-b99424744a47; _rdt_uuid=1628565989988.07b4eff8-1a73-48d6-a80a-5d0cb5b82d29; _gcl_au=1.1.1099131455.1628565990; outbrain_cid_fetch=true
content-length: 27274
:path: /cdn-cgi/rum?req_id=67c61f77ccbc05d0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: go.thcmedical.org
referer: https://go.thcmedical.org/crystal0169
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://go.thcmedical.org/crystal0169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://go.thcmedical.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 67c61f87f94d05d0-FRA
vary: Origin

GET
H2 200 controller-719c3740ab58da569fb843f4f3803404.html Show response
js.stripe.com/v3/ Frame AB25 299 B
377 B 28ms
28ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-719c3740ab58da569fb843f4f3803404.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b64d2142784b8cc71bd71e8c94ab14a82b6ea4f02238428405ac90f2969a2517

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-719c3740ab58da569fb843f4f3803404.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

x-amz-id-2: vEJ7qrWzS2Yhs8ytdgGJ/F78tw7Rik489GKiofIw81lbh17IJfqXIWK1glqKSj5kPxdPEkTilyM=
x-amz-request-id: GC7ZREH7YZFXJB9T
last-modified: Mon, 09 Aug 2021 19:51:45 GMT
etag: "719c3740ab58da569fb843f4f3803404"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Aug 2021 03:26:31 GMT
via: 1.1 varnish
age: 43
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 204
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 154

GET
H3-29 200 css Show response
fonts.googleapis.com/ 677 B
359 B 29ms
15ms XHR
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

854eeab54c92762230493a02ad6c7227d0ae34a0605605b5fd5f668f0310d241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 02:23:38 GMT
server: ESF
date: Tue, 10 Aug 2021 03:26:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 Aug 2021 03:26:31 GMT

GET
H2 200 elements-inner-card-aef647d1041359cc03891345daa8d07d.html Show response
js.stripe.com/v3/ Frame 8351 5 KB
1 KB 30ms
28ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a23eb4f5098fe57f0d4ba0780ed87ff80bf4d31f0ad50c4cf50996827989d9ee

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

x-amz-id-2: TmCjaNDIJdrRaQJRFJuKwbHKfAHRHgQpreGfgOlI4tYSWy19FmrdVz6pn/QCoYlB2/GKkmmJjVg=
x-amz-request-id: GC7VHVZH7YVBTDN1
last-modified: Mon, 09 Aug 2021 19:51:36 GMT
etag: "aef647d1041359cc03891345daa8d07d"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Aug 2021 03:26:31 GMT
via: 1.1 varnish
age: 150
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 1133

GET
H2 200 elements-inner-card-aef647d1041359cc03891345daa8d07d.html Show response
js.stripe.com/v3/ Frame 029F 5 KB
1 KB 29ms
28ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a23eb4f5098fe57f0d4ba0780ed87ff80bf4d31f0ad50c4cf50996827989d9ee

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

x-amz-id-2: TmCjaNDIJdrRaQJRFJuKwbHKfAHRHgQpreGfgOlI4tYSWy19FmrdVz6pn/QCoYlB2/GKkmmJjVg=
x-amz-request-id: GC7VHVZH7YVBTDN1
last-modified: Mon, 09 Aug 2021 19:51:36 GMT
etag: "aef647d1041359cc03891345daa8d07d"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Aug 2021 03:26:31 GMT
via: 1.1 varnish
age: 150
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 1133

GET
H2 200 elements-inner-card-aef647d1041359cc03891345daa8d07d.html Show response
js.stripe.com/v3/ Frame B05C 5 KB
1 KB 29ms
29ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a23eb4f5098fe57f0d4ba0780ed87ff80bf4d31f0ad50c4cf50996827989d9ee

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

x-amz-id-2: TmCjaNDIJdrRaQJRFJuKwbHKfAHRHgQpreGfgOlI4tYSWy19FmrdVz6pn/QCoYlB2/GKkmmJjVg=
x-amz-request-id: GC7VHVZH7YVBTDN1
last-modified: Mon, 09 Aug 2021 19:51:36 GMT
etag: "aef647d1041359cc03891345daa8d07d"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Aug 2021 03:26:31 GMT
via: 1.1 varnish
age: 150
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 1133

GET
H/1.1 200
OK NRJS-fc902efb332119fff33 Show response
bam-cell.nr-data.net/1/ 49 B
881 B 498ms
451ms Script
text/javascript 162.247.243.146
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1210.e2a3f80&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3252&ck=1&ref=https://go.thcmedical.org/crystal0169&ap=597&be=641&fe=2911&dc=1177&perf=%7B%22timing%22:%7B%22of%22:1628565988654,%22n%22:0,%22f%22:420,%22dn%22:421,%22dne%22:421,%22c%22:421,%22s%22:426,%22ce%22:436,%22rq%22:436,%22rp%22:629,%22rpe%22:634,%22dl%22:632,%22di%22:1176,%22ds%22:1177,%22de%22:1323,%22dc%22:2911,%22l%22:2911,%22le%22:3021%7D,%22navigation%22:%7B%7D%7D&fp=950&fcp=950&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 03:26:32 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQGQlVTAAQBXFFTFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoAClAKVXRMB05WAhtDUgcAUglSWFNRVAdTBQYHUUBKBQNcEV0/
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 67c61f89bb11edfb-CDG

GET
H2 200 shared-b32fc07c0f665ac81b672c9ffb777d7d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AB25 174 KB
44 KB 45ms
42ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-719c3740ab58da569fb843f4f3803404.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea670ae855f2f2a2b3719efe146218a19418b0e8684c1e95b1ed0da5f32d1a9c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/controller-719c3740ab58da569fb843f4f3803404.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 42
via: 1.1 varnish
x-cache: HIT
content-length: 44800
x-amz-id-2: mL/1aOJOlgpUhqQnfybU3hnGlMw7OYBPVCrMiscUI7ICZD2tldz5OJi5M7PC3D2kMPusjs15/aU=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:39 GMT
server: AmazonS3
etag: "df7c28d5a00c1589657f9dc7875c7922"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N25AW443YN5WW
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1

GET
H2 200 controller-10f52f89fdeeafa352674bf3fd0f0b38.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AB25 185 KB
44 KB 58ms
55ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-10f52f89fdeeafa352674bf3fd0f0b38.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-719c3740ab58da569fb843f4f3803404.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

025a1f3418f665e36c16a74898c3ca0c378a4a1de1c281c58df0fda4bb8e2894

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/controller-719c3740ab58da569fb843f4f3803404.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 42
via: 1.1 varnish
x-cache: HIT
content-length: 44233
x-amz-id-2: FB9lkXXklZMSUxpmc27Ml74UE61UkeRoEkR9Rxx6PNJGXWFInlFHBjdX3rhqPbcCSnYOM6/ugUk=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "469756c754859d433e5dca21dac119bc"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: R2PBJVQVENFWCWWY
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1

GET
H2 200 ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css
js.stripe.com/v3/fingerprinted/css/ Frame 8351 17 KB
3 KB 53ms
50ms Stylesheet
text/css 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 344
via: 1.1 varnish
x-cache: HIT
content-length: 2763
x-amz-id-2: sR1MQrQvF6g0VYwtdRf1/H1Cyhgkbl8qyGFQ0LBia3q7FE3AQSeu+M9ZYIQsrIwXuHEsE6UzrAQ=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 20:44:34 GMT
server: AmazonS3
etag: "9a9c2063d7db2d15e1e3281da15b9d41"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 8TSZ5PZE4C2PNHQS
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: text/css
x-cache-hits: 7

GET
H2 200 shared-b32fc07c0f665ac81b672c9ffb777d7d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8351 174 KB
44 KB 33ms
31ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea670ae855f2f2a2b3719efe146218a19418b0e8684c1e95b1ed0da5f32d1a9c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 343
via: 1.1 varnish
x-cache: HIT
content-length: 44800
x-amz-id-2: mL/1aOJOlgpUhqQnfybU3hnGlMw7OYBPVCrMiscUI7ICZD2tldz5OJi5M7PC3D2kMPusjs15/aU=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:39 GMT
server: AmazonS3
etag: "df7c28d5a00c1589657f9dc7875c7922"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N25AW443YN5WW
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 20

GET
H2 200 ui-shared-949091b01d3d3ab0457b3033d3e63136.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8351 214 KB
61 KB 72ms
69ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-949091b01d3d3ab0457b3033d3e63136.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a44e43ff3f2cfb7a9a2d6f97f72b89ce4c228161f48c874a6b3e76f71644868

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 286
via: 1.1 varnish
x-cache: HIT
content-length: 62657
x-amz-id-2: H87OsK5npzUGoo6maxV5oNShTR46V7fIhVLdIrqlM9KatSj8kqTxHXyr25+GgrONaAf5px//dEY=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "e6fbd3185b800c740aa8b00e95ebc92c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N3QC4KP43Q1N6
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 7

GET
H2 200 elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8351 46 KB
11 KB 79ms
76ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cdc35d6b1038cf84ec8cf61abff81ee6ff36f57438f0ed9229b86a43386f56e3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 162
via: 1.1 varnish
x-cache: HIT
content-length: 11406
x-amz-id-2: cJDlmEU+PwQOYaoZWSZISS4kuF7BM9EEtepIR1SX3U/YjGh7QYy/dOnr9UkUVG7l1xTHGhE8ogE=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "2d66b0c2c1043dbc64cb85d8924c86ab"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7QXBV0C0MHSSXC
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1

GET
H2 200 ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css
js.stripe.com/v3/fingerprinted/css/ Frame 029F 17 KB
3 KB 53ms
51ms Stylesheet
text/css 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 43
via: 1.1 varnish
x-cache: HIT
content-length: 2763
x-amz-id-2: sR1MQrQvF6g0VYwtdRf1/H1Cyhgkbl8qyGFQ0LBia3q7FE3AQSeu+M9ZYIQsrIwXuHEsE6UzrAQ=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 20:44:34 GMT
server: AmazonS3
etag: "9a9c2063d7db2d15e1e3281da15b9d41"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 8TSZ5PZE4C2PNHQS
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: text/css
x-cache-hits: 1

GET
H2 200 shared-b32fc07c0f665ac81b672c9ffb777d7d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 029F 174 KB
44 KB 65ms
63ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea670ae855f2f2a2b3719efe146218a19418b0e8684c1e95b1ed0da5f32d1a9c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 42
via: 1.1 varnish
x-cache: HIT
content-length: 44800
x-amz-id-2: mL/1aOJOlgpUhqQnfybU3hnGlMw7OYBPVCrMiscUI7ICZD2tldz5OJi5M7PC3D2kMPusjs15/aU=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:39 GMT
server: AmazonS3
etag: "df7c28d5a00c1589657f9dc7875c7922"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N25AW443YN5WW
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 2

GET
H2 200 ui-shared-949091b01d3d3ab0457b3033d3e63136.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 029F 214 KB
61 KB 70ms
69ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-949091b01d3d3ab0457b3033d3e63136.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a44e43ff3f2cfb7a9a2d6f97f72b89ce4c228161f48c874a6b3e76f71644868

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 286
via: 1.1 varnish
x-cache: HIT
content-length: 62657
x-amz-id-2: H87OsK5npzUGoo6maxV5oNShTR46V7fIhVLdIrqlM9KatSj8kqTxHXyr25+GgrONaAf5px//dEY=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "e6fbd3185b800c740aa8b00e95ebc92c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N3QC4KP43Q1N6
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 7

GET
H2 200 elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 029F 46 KB
11 KB 86ms
84ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cdc35d6b1038cf84ec8cf61abff81ee6ff36f57438f0ed9229b86a43386f56e3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 162
via: 1.1 varnish
x-cache: HIT
content-length: 11406
x-amz-id-2: cJDlmEU+PwQOYaoZWSZISS4kuF7BM9EEtepIR1SX3U/YjGh7QYy/dOnr9UkUVG7l1xTHGhE8ogE=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "2d66b0c2c1043dbc64cb85d8924c86ab"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7QXBV0C0MHSSXC
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 3

GET
H2 200 ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css
js.stripe.com/v3/fingerprinted/css/ Frame B05C 17 KB
3 KB 69ms
68ms Stylesheet
text/css 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 43
via: 1.1 varnish
x-cache: HIT
content-length: 2763
x-amz-id-2: sR1MQrQvF6g0VYwtdRf1/H1Cyhgkbl8qyGFQ0LBia3q7FE3AQSeu+M9ZYIQsrIwXuHEsE6UzrAQ=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 20:44:34 GMT
server: AmazonS3
etag: "9a9c2063d7db2d15e1e3281da15b9d41"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 8TSZ5PZE4C2PNHQS
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: text/css
x-cache-hits: 2

GET
H2 200 shared-b32fc07c0f665ac81b672c9ffb777d7d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B05C 174 KB
44 KB 81ms
80ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea670ae855f2f2a2b3719efe146218a19418b0e8684c1e95b1ed0da5f32d1a9c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 42
via: 1.1 varnish
x-cache: HIT
content-length: 44800
x-amz-id-2: mL/1aOJOlgpUhqQnfybU3hnGlMw7OYBPVCrMiscUI7ICZD2tldz5OJi5M7PC3D2kMPusjs15/aU=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:39 GMT
server: AmazonS3
etag: "df7c28d5a00c1589657f9dc7875c7922"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N25AW443YN5WW
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 3

GET
H2 200 ui-shared-949091b01d3d3ab0457b3033d3e63136.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B05C 214 KB
61 KB 85ms
84ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-949091b01d3d3ab0457b3033d3e63136.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a44e43ff3f2cfb7a9a2d6f97f72b89ce4c228161f48c874a6b3e76f71644868

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 286
via: 1.1 varnish
x-cache: HIT
content-length: 62657
x-amz-id-2: H87OsK5npzUGoo6maxV5oNShTR46V7fIhVLdIrqlM9KatSj8kqTxHXyr25+GgrONaAf5px//dEY=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "e6fbd3185b800c740aa8b00e95ebc92c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N3QC4KP43Q1N6
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 8

GET
H2 200 elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B05C 46 KB
11 KB 85ms
84ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cdc35d6b1038cf84ec8cf61abff81ee6ff36f57438f0ed9229b86a43386f56e3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 162
via: 1.1 varnish
x-cache: HIT
content-length: 11406
x-amz-id-2: cJDlmEU+PwQOYaoZWSZISS4kuF7BM9EEtepIR1SX3U/YjGh7QYy/dOnr9UkUVG7l1xTHGhE8ogE=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "2d66b0c2c1043dbc64cb85d8924c86ab"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7QXBV0C0MHSSXC
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 3

POST
H2 200 0 Show response
r.stripe.com/ Frame AB25 0
214 B 539ms
179ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
286 B 538ms
176ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=2&timestamp=1628565992051&event_id=97aaf844-3370-4115-a8ce-50d71c69e41a&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 538ms
176ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.elements&event_count=3&timestamp=1628565992052&event_id=521860d4-02be-4c95-91d5-6fd3138c37ac&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&options-fonts=%5Bobject+Object%5D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 538ms
177ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.fetch_locale&event_count=4&timestamp=1628565992052&event_id=470931e6-45de-430d-9608-a071f5e0dc2c&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 538ms
177ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.font.loaded&event_count=5&timestamp=1628565992052&event_id=ca3256e4-5b4f-49e6-94b1-99611519943c&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&load_time=112&font_count=2&css_src=https%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DOxygen

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 536ms
177ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.update_css_fonts&event_count=6&timestamp=1628565992055&event_id=bd41a6b2-fb0b-4446-89d4-2ff5cc52fd14&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 534ms
178ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=7&timestamp=1628565992056&event_id=73f153a7-c27d-48a7-81e0-3bd53ef7e506&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&element=outer&dom_loading=212&dom_interactive=756&dom_complete=2491&since_fetch=754&load_count=1&load_before_dom_content_loaded=true&load_ready_state=loading&first_create_ready_state=complete&first_mount_readyState=complete&until_first_create=1743&until_first_mount=1857&until_first_load=2220&resource_timings-stripe.js-transfer_size=59366&resource_timings-stripe.js-duration=276&resource_timings-m-outer.html-transfer_size=507&resource_timings-m-outer.html-duration=31&resource_timings-controller.html-transfer_size=377&resource_timings-controller.html-duration=30&resource_timings-elements-inner-card.html-transfer_size=1246&resource_timings-elements-inner-card.html-duration=31

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 179ms
176ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=8&timestamp=1628565992057&event_id=dfaecf1d-c59a-41ea-98c3-a4265b56b111&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&element=ControllerApp&dom_loading=113&dom_interactive=359&dom_complete=359&since_sjs_load=2213&since_stripe_create=470&since_create=470&mount_duration=356&since_fetch=356&load_count=1&match_frame=true&resource_timings-shared.js-transfer_size=44871&resource_timings-shared.js-duration=53&resource_timings-controller.js-transfer_size=44566&resource_timings-controller.js-duration=65

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H3-29 200 js Show response
app.funnelish.com/apps/api/v1/ 31 KB
9 KB 241ms
241ms Script
application/javascript 2606:4700:3035::6815:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.funnelish.com/apps/api/v1/js?api_key=LgAPnnSgAjSbLDRSxYUXRuBcFFgYrIgs&api_secret=6233136184&email=dangquangvinh.espeed@gmail.com&step_url=go.thcmedical.org/crystal0169&id=1&_=1628565992099
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7125a121c31e5e343abe97b1972b452dc1b44d94a9ab3380abf4106d334cdb7

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 08 Aug 2021 11:58:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJC8sJNtRFzulu6fOcAVQ7l1w%2Br7z7wOTPZucrfcXnkEtFHNmPcPsEtOWrRW9oqL62c6ejDVa%2B1R4Py5PuMnILarWnJGx%2FeNHq04SbnknH8tqslMScuBi%2BKC4j1EpEUPx24Mj0s9GEiPIvK54H3cNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 67c61f8a9eead6f5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 180ms
177ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.create&event_count=9&timestamp=1628565992102&event_id=bdd2382b-dc57-4f22-97dc-3c3e3dd3f636&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&options-style-base-type=blocks&options-style-base-blocks=%5Bobject+Object%5D&options-betas=&options-componentName=cardCvc&options-wait=true&options-rtl=false&element=cardCvc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AB25 0
213 B 482ms
180ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 181ms
178ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=11&timestamp=1628565992106&event_id=6c64c3ba-2630-4618-bc36-b3beb20c07c6&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&dom_loading=107&dom_interactive=383&dom_complete=403&since_sjs_load=2243&since_stripe_create=383&since_group_create=386&since_create=383&mount_duration=379&since_fetch=378&load_count=1&match_frame=true&resource_timings-ui-shared.css-transfer_size=2812&resource_timings-ui-shared.css-duration=54&resource_timings-shared.js-transfer_size=45254&resource_timings-shared.js-duration=70&resource_timings-ui-shared.js-transfer_size=62839&resource_timings-ui-shared.js-duration=82&resource_timings-elements-inner-card.js-transfer_size=11453&resource_timings-elements-inner-card.js-duration=87&element=cardCvc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 181ms
178ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.create&event_count=12&timestamp=1628565992107&event_id=5b81e9fa-b14a-499b-810a-ba0c396aad12&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&options-style-base-type=blocks&options-style-base-blocks=%5Bobject+Object%5D&options-betas=&options-componentName=cardNumber&options-wait=true&options-rtl=false&element=cardNumber

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AB25 0
213 B 477ms
180ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 181ms
178ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=14&timestamp=1628565992110&event_id=9e8b7fbf-32ff-448b-a56a-e1dc785f7ad4&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&dom_loading=108&dom_interactive=395&dom_complete=406&since_sjs_load=2255&since_stripe_create=397&since_group_create=398&since_create=397&mount_duration=392&since_fetch=392&load_count=1&match_frame=true&resource_timings-ui-shared.css-transfer_size=2975&resource_timings-ui-shared.css-duration=54&resource_timings-shared.js-transfer_size=45259&resource_timings-shared.js-duration=41&resource_timings-ui-shared.js-transfer_size=62731&resource_timings-ui-shared.js-duration=78&resource_timings-elements-inner-card.js-transfer_size=11589&resource_timings-elements-inner-card.js-duration=83&element=cardNumber

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 192ms
189ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.create&event_count=15&timestamp=1628565992110&event_id=92634b94-8668-4478-81cb-a7dd1e596662&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&options-style-base-type=blocks&options-style-base-blocks=%5Bobject+Object%5D&options-betas=&options-componentName=cardExpiry&options-wait=true&options-rtl=false&element=cardExpiry

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AB25 0
213 B 474ms
180ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 192ms
189ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=17&timestamp=1628565992113&event_id=6cab2f43-471d-45cc-96f4-9e4ec5bb6972&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&dom_loading=106&dom_interactive=401&dom_complete=405&since_sjs_load=2265&since_stripe_create=403&since_group_create=408&since_create=403&mount_duration=401&since_fetch=399&load_count=1&match_frame=true&resource_timings-ui-shared.css-transfer_size=2809&resource_timings-ui-shared.css-duration=71&resource_timings-shared.js-transfer_size=44871&resource_timings-shared.js-duration=85&resource_timings-ui-shared.js-transfer_size=62733&resource_timings-ui-shared.js-duration=90&resource_timings-elements-inner-card.js-transfer_size=11462&resource_timings-elements-inner-card.js-duration=91&element=cardExpiry

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 192ms
189ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.event.ready&event_count=18&timestamp=1628565992114&event_id=2f6c2e0e-b4ed-4e99-bf6a-b71dfa9a7f21&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&element=cardCvc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 192ms
189ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.event.ready&event_count=19&timestamp=1628565992114&event_id=3408ff2e-217b-44cb-92cb-f5e5827d1f4a&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&element=cardNumber

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 192ms
190ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.event.ready&event_count=20&timestamp=1628565992115&event_id=32785e9d-df8b-47ce-be90-64f4a000dbf1&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&element=cardExpiry

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 elements-inner-card-aef647d1041359cc03891345daa8d07d.html Show response
js.stripe.com/v3/ Frame AE4A 5 KB
2 KB 28ms
28ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a23eb4f5098fe57f0d4ba0780ed87ff80bf4d31f0ad50c4cf50996827989d9ee

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

x-amz-id-2: TmCjaNDIJdrRaQJRFJuKwbHKfAHRHgQpreGfgOlI4tYSWy19FmrdVz6pn/QCoYlB2/GKkmmJjVg=
x-amz-request-id: GC7VHVZH7YVBTDN1
last-modified: Mon, 09 Aug 2021 19:51:36 GMT
etag: "aef647d1041359cc03891345daa8d07d"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Aug 2021 03:26:32 GMT
via: 1.1 varnish
age: 151
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 4
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 1133

GET
H2 200 elements-inner-card-aef647d1041359cc03891345daa8d07d.html Show response
js.stripe.com/v3/ Frame F641 5 KB
1 KB 28ms
28ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a23eb4f5098fe57f0d4ba0780ed87ff80bf4d31f0ad50c4cf50996827989d9ee

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

x-amz-id-2: TmCjaNDIJdrRaQJRFJuKwbHKfAHRHgQpreGfgOlI4tYSWy19FmrdVz6pn/QCoYlB2/GKkmmJjVg=
x-amz-request-id: GC7VHVZH7YVBTDN1
last-modified: Mon, 09 Aug 2021 19:51:36 GMT
etag: "aef647d1041359cc03891345daa8d07d"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Aug 2021 03:26:32 GMT
via: 1.1 varnish
age: 151
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 5
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 1133

GET
H2 200 elements-inner-card-aef647d1041359cc03891345daa8d07d.html Show response
js.stripe.com/v3/ Frame 8C51 5 KB
1 KB 28ms
28ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a23eb4f5098fe57f0d4ba0780ed87ff80bf4d31f0ad50c4cf50996827989d9ee

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

x-amz-id-2: TmCjaNDIJdrRaQJRFJuKwbHKfAHRHgQpreGfgOlI4tYSWy19FmrdVz6pn/QCoYlB2/GKkmmJjVg=
x-amz-request-id: GC7VHVZH7YVBTDN1
last-modified: Mon, 09 Aug 2021 19:51:36 GMT
etag: "aef647d1041359cc03891345daa8d07d"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Aug 2021 03:26:32 GMT
via: 1.1 varnish
age: 151
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 6
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 1133

GET
H2 200 paypal.png
images.clickfunnels.com/e7/0d5ce07b8c11e78ac4f5ffe75feae3/ 2 KB
2 KB 26ms
26ms Image
image/webp 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/e7/0d5ce07b8c11e78ac4f5ffe75feae3/paypal.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2cd4d088520163ba2b2a56b7e9c9eead3dcd7567febccf1ef66d86e46cf0871

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
cf-cache-status: HIT
age: 4306
cf-polished: origFmt=png, origSize=2501
cf-ray: 67c61f8ce9dac2ef-FRA
last-modified: Mon, 07 Aug 2017 16:24:40 GMT
content-disposition: inline; filename="paypal.webp"
content-length: 1698
x-amz-id-2: stnjHW7GtXM6OahvsSGyDFT3d4wnKSgmdJzJz0NjH8Kt05OSBA2JNuYLjT0LvXDmcMcshVAnVqA=
cf-bgj: imgq:85,h2pri,csam-hash
server: cloudflare
etag: "505db0aa3ceec96bb11f9f54f9484792"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: 2HG6YT6C6B6HMCNX
cache-control: public, max-age=2073600
accept-ranges: bytes
content-type: image/webp
expires: Fri, 03 Sep 2021 03:26:32 GMT

GET
H3-29 200 js Show response
app.funnelish.com/apps/api/v1/ 19 KB
6 KB 233ms
233ms Script
application/javascript 2606:4700:3035::6815:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.funnelish.com/apps/api/v1/js?api_key=LgAPnnSgAjSbLDRSxYUXRuBcFFgYrIgs&api_secret=6233136184&email=dangquangvinh.espeed@gmail.com&step_url=go.thcmedical.org/crystal0169&id=12&_=1628565992471
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5239cd9f74667cbff04cdf9a13b9b7aa493ef43c5aac34dfecbcfac0496bf92c

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 08 Aug 2021 11:58:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82k4CDr0Gog4Z7SmnvmPwV6NF49pGnBmK0Zo%2Fu9uzrXC%2Fowx%2ByzLPFIgbBhfT280uPw0VMDB3VWah0dMjbupsp7tiRFbx4JQ0F%2FYjklof66CX15UcpntZOWTq1NgViq1pRoPHuG5x7Vr2mEVTwXeaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 67c61f8ce8dcd6f5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css
js.stripe.com/v3/fingerprinted/css/ Frame AE4A 17 KB
3 KB 29ms
28ms Stylesheet
text/css 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 44
via: 1.1 varnish
x-cache: HIT
content-length: 2763
x-amz-id-2: sR1MQrQvF6g0VYwtdRf1/H1Cyhgkbl8qyGFQ0LBia3q7FE3AQSeu+M9ZYIQsrIwXuHEsE6UzrAQ=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 20:44:34 GMT
server: AmazonS3
etag: "9a9c2063d7db2d15e1e3281da15b9d41"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 8TSZ5PZE4C2PNHQS
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: text/css
x-cache-hits: 3

GET
H2 200 shared-b32fc07c0f665ac81b672c9ffb777d7d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AE4A 174 KB
44 KB 30ms
29ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea670ae855f2f2a2b3719efe146218a19418b0e8684c1e95b1ed0da5f32d1a9c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 43
via: 1.1 varnish
x-cache: HIT
content-length: 44800
x-amz-id-2: mL/1aOJOlgpUhqQnfybU3hnGlMw7OYBPVCrMiscUI7ICZD2tldz5OJi5M7PC3D2kMPusjs15/aU=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:39 GMT
server: AmazonS3
etag: "df7c28d5a00c1589657f9dc7875c7922"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N25AW443YN5WW
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 4

GET
H2 200 ui-shared-949091b01d3d3ab0457b3033d3e63136.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AE4A 214 KB
61 KB 30ms
30ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-949091b01d3d3ab0457b3033d3e63136.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a44e43ff3f2cfb7a9a2d6f97f72b89ce4c228161f48c874a6b3e76f71644868

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 287
via: 1.1 varnish
x-cache: HIT
content-length: 62657
x-amz-id-2: H87OsK5npzUGoo6maxV5oNShTR46V7fIhVLdIrqlM9KatSj8kqTxHXyr25+GgrONaAf5px//dEY=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "e6fbd3185b800c740aa8b00e95ebc92c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N3QC4KP43Q1N6
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 9

GET
H2 200 elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AE4A 46 KB
11 KB 29ms
28ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cdc35d6b1038cf84ec8cf61abff81ee6ff36f57438f0ed9229b86a43386f56e3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 163
via: 1.1 varnish
x-cache: HIT
content-length: 11406
x-amz-id-2: cJDlmEU+PwQOYaoZWSZISS4kuF7BM9EEtepIR1SX3U/YjGh7QYy/dOnr9UkUVG7l1xTHGhE8ogE=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "2d66b0c2c1043dbc64cb85d8924c86ab"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7QXBV0C0MHSSXC
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 4

GET
H2 200 ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css
js.stripe.com/v3/fingerprinted/css/ Frame 8C51 17 KB
3 KB 33ms
32ms Stylesheet
text/css 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 44
via: 1.1 varnish
x-cache: HIT
content-length: 2763
x-amz-id-2: sR1MQrQvF6g0VYwtdRf1/H1Cyhgkbl8qyGFQ0LBia3q7FE3AQSeu+M9ZYIQsrIwXuHEsE6UzrAQ=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 20:44:34 GMT
server: AmazonS3
etag: "9a9c2063d7db2d15e1e3281da15b9d41"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 8TSZ5PZE4C2PNHQS
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: text/css
x-cache-hits: 4

GET
H2 200 shared-b32fc07c0f665ac81b672c9ffb777d7d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8C51 174 KB
44 KB 34ms
33ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea670ae855f2f2a2b3719efe146218a19418b0e8684c1e95b1ed0da5f32d1a9c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 43
via: 1.1 varnish
x-cache: HIT
content-length: 44800
x-amz-id-2: mL/1aOJOlgpUhqQnfybU3hnGlMw7OYBPVCrMiscUI7ICZD2tldz5OJi5M7PC3D2kMPusjs15/aU=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:39 GMT
server: AmazonS3
etag: "df7c28d5a00c1589657f9dc7875c7922"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N25AW443YN5WW
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 5

GET
H2 200 ui-shared-949091b01d3d3ab0457b3033d3e63136.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8C51 214 KB
61 KB 36ms
36ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-949091b01d3d3ab0457b3033d3e63136.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a44e43ff3f2cfb7a9a2d6f97f72b89ce4c228161f48c874a6b3e76f71644868

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 287
via: 1.1 varnish
x-cache: HIT
content-length: 62657
x-amz-id-2: H87OsK5npzUGoo6maxV5oNShTR46V7fIhVLdIrqlM9KatSj8kqTxHXyr25+GgrONaAf5px//dEY=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "e6fbd3185b800c740aa8b00e95ebc92c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N3QC4KP43Q1N6
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 10

GET
H2 200 elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8C51 46 KB
11 KB 38ms
37ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cdc35d6b1038cf84ec8cf61abff81ee6ff36f57438f0ed9229b86a43386f56e3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 163
via: 1.1 varnish
x-cache: HIT
content-length: 11406
x-amz-id-2: cJDlmEU+PwQOYaoZWSZISS4kuF7BM9EEtepIR1SX3U/YjGh7QYy/dOnr9UkUVG7l1xTHGhE8ogE=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "2d66b0c2c1043dbc64cb85d8924c86ab"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7QXBV0C0MHSSXC
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 5

GET
H2 200 ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css
js.stripe.com/v3/fingerprinted/css/ Frame F641 17 KB
3 KB 38ms
37ms Stylesheet
text/css 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 44
via: 1.1 varnish
x-cache: HIT
content-length: 2763
x-amz-id-2: sR1MQrQvF6g0VYwtdRf1/H1Cyhgkbl8qyGFQ0LBia3q7FE3AQSeu+M9ZYIQsrIwXuHEsE6UzrAQ=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 20:44:34 GMT
server: AmazonS3
etag: "9a9c2063d7db2d15e1e3281da15b9d41"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 8TSZ5PZE4C2PNHQS
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: text/css
x-cache-hits: 5

GET
H2 200 shared-b32fc07c0f665ac81b672c9ffb777d7d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F641 174 KB
44 KB 38ms
37ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea670ae855f2f2a2b3719efe146218a19418b0e8684c1e95b1ed0da5f32d1a9c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 43
via: 1.1 varnish
x-cache: HIT
content-length: 44800
x-amz-id-2: mL/1aOJOlgpUhqQnfybU3hnGlMw7OYBPVCrMiscUI7ICZD2tldz5OJi5M7PC3D2kMPusjs15/aU=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:39 GMT
server: AmazonS3
etag: "df7c28d5a00c1589657f9dc7875c7922"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N25AW443YN5WW
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 6

GET
H2 200 ui-shared-949091b01d3d3ab0457b3033d3e63136.js
js.stripe.com/v3/fingerprinted/js/ Frame F641 214 KB
0 45ms
44ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-949091b01d3d3ab0457b3033d3e63136.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 287
via: 1.1 varnish
x-cache: HIT
content-length: 62657
x-amz-id-2: H87OsK5npzUGoo6maxV5oNShTR46V7fIhVLdIrqlM9KatSj8kqTxHXyr25+GgrONaAf5px//dEY=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "e6fbd3185b800c740aa8b00e95ebc92c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N3QC4KP43Q1N6
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 11

GET
H2 200 elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F641 46 KB
11 KB 44ms
43ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cdc35d6b1038cf84ec8cf61abff81ee6ff36f57438f0ed9229b86a43386f56e3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 163
via: 1.1 varnish
x-cache: HIT
content-length: 11406
x-amz-id-2: cJDlmEU+PwQOYaoZWSZISS4kuF7BM9EEtepIR1SX3U/YjGh7QYy/dOnr9UkUVG7l1xTHGhE8ogE=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "2d66b0c2c1043dbc64cb85d8924c86ab"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7QXBV0C0MHSSXC
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 6

GET
H2 200 elements-inner-card-aef647d1041359cc03891345daa8d07d.html Show response
js.stripe.com/v3/ Frame CFF9 5 KB
1 KB 29ms
27ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a23eb4f5098fe57f0d4ba0780ed87ff80bf4d31f0ad50c4cf50996827989d9ee

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

x-amz-id-2: TmCjaNDIJdrRaQJRFJuKwbHKfAHRHgQpreGfgOlI4tYSWy19FmrdVz6pn/QCoYlB2/GKkmmJjVg=
x-amz-request-id: GC7VHVZH7YVBTDN1
last-modified: Mon, 09 Aug 2021 19:51:36 GMT
etag: "aef647d1041359cc03891345daa8d07d"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Aug 2021 03:26:32 GMT
via: 1.1 varnish
age: 151
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 8
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 1133

GET
H2 200 elements-inner-card-aef647d1041359cc03891345daa8d07d.html Show response
js.stripe.com/v3/ Frame 97C1 5 KB
1 KB 29ms
28ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a23eb4f5098fe57f0d4ba0780ed87ff80bf4d31f0ad50c4cf50996827989d9ee

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

x-amz-id-2: TmCjaNDIJdrRaQJRFJuKwbHKfAHRHgQpreGfgOlI4tYSWy19FmrdVz6pn/QCoYlB2/GKkmmJjVg=
x-amz-request-id: GC7VHVZH7YVBTDN1
last-modified: Mon, 09 Aug 2021 19:51:36 GMT
etag: "aef647d1041359cc03891345daa8d07d"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Aug 2021 03:26:32 GMT
via: 1.1 varnish
age: 151
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 8
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 1133

GET
H2 200 elements-inner-card-aef647d1041359cc03891345daa8d07d.html Show response
js.stripe.com/v3/ Frame 05A9 5 KB
1 KB 28ms
28ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a23eb4f5098fe57f0d4ba0780ed87ff80bf4d31f0ad50c4cf50996827989d9ee

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://go.thcmedical.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.thcmedical.org/

Response headers

x-amz-id-2: TmCjaNDIJdrRaQJRFJuKwbHKfAHRHgQpreGfgOlI4tYSWy19FmrdVz6pn/QCoYlB2/GKkmmJjVg=
x-amz-request-id: GC7VHVZH7YVBTDN1
last-modified: Mon, 09 Aug 2021 19:51:36 GMT
etag: "aef647d1041359cc03891345daa8d07d"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Tue, 10 Aug 2021 03:26:32 GMT
via: 1.1 varnish
age: 151
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 9
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 1133

GET
H2 200 ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css
js.stripe.com/v3/fingerprinted/css/ Frame CFF9 17 KB
3 KB 29ms
28ms Stylesheet
text/css 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 44
via: 1.1 varnish
x-cache: HIT
content-length: 2763
x-amz-id-2: sR1MQrQvF6g0VYwtdRf1/H1Cyhgkbl8qyGFQ0LBia3q7FE3AQSeu+M9ZYIQsrIwXuHEsE6UzrAQ=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 20:44:34 GMT
server: AmazonS3
etag: "9a9c2063d7db2d15e1e3281da15b9d41"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 8TSZ5PZE4C2PNHQS
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: text/css
x-cache-hits: 6

GET
H2 200 shared-b32fc07c0f665ac81b672c9ffb777d7d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CFF9 174 KB
44 KB 31ms
30ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea670ae855f2f2a2b3719efe146218a19418b0e8684c1e95b1ed0da5f32d1a9c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 43
via: 1.1 varnish
x-cache: HIT
content-length: 44800
x-amz-id-2: mL/1aOJOlgpUhqQnfybU3hnGlMw7OYBPVCrMiscUI7ICZD2tldz5OJi5M7PC3D2kMPusjs15/aU=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:39 GMT
server: AmazonS3
etag: "df7c28d5a00c1589657f9dc7875c7922"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N25AW443YN5WW
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 7

GET
H2 200 ui-shared-949091b01d3d3ab0457b3033d3e63136.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CFF9 214 KB
61 KB 30ms
30ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-949091b01d3d3ab0457b3033d3e63136.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a44e43ff3f2cfb7a9a2d6f97f72b89ce4c228161f48c874a6b3e76f71644868

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 287
via: 1.1 varnish
x-cache: HIT
content-length: 62657
x-amz-id-2: H87OsK5npzUGoo6maxV5oNShTR46V7fIhVLdIrqlM9KatSj8kqTxHXyr25+GgrONaAf5px//dEY=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "e6fbd3185b800c740aa8b00e95ebc92c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N3QC4KP43Q1N6
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 12

GET
H2 200 elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CFF9 46 KB
11 KB 29ms
29ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cdc35d6b1038cf84ec8cf61abff81ee6ff36f57438f0ed9229b86a43386f56e3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 163
via: 1.1 varnish
x-cache: HIT
content-length: 11406
x-amz-id-2: cJDlmEU+PwQOYaoZWSZISS4kuF7BM9EEtepIR1SX3U/YjGh7QYy/dOnr9UkUVG7l1xTHGhE8ogE=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "2d66b0c2c1043dbc64cb85d8924c86ab"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7QXBV0C0MHSSXC
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 7

GET
H2 200 ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css
js.stripe.com/v3/fingerprinted/css/ Frame 97C1 17 KB
3 KB 33ms
33ms Stylesheet
text/css 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 44
via: 1.1 varnish
x-cache: HIT
content-length: 2763
x-amz-id-2: sR1MQrQvF6g0VYwtdRf1/H1Cyhgkbl8qyGFQ0LBia3q7FE3AQSeu+M9ZYIQsrIwXuHEsE6UzrAQ=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 20:44:34 GMT
server: AmazonS3
etag: "9a9c2063d7db2d15e1e3281da15b9d41"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 8TSZ5PZE4C2PNHQS
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: text/css
x-cache-hits: 7

GET
H2 200 shared-b32fc07c0f665ac81b672c9ffb777d7d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 97C1 174 KB
44 KB 52ms
52ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea670ae855f2f2a2b3719efe146218a19418b0e8684c1e95b1ed0da5f32d1a9c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 43
via: 1.1 varnish
x-cache: HIT
content-length: 44800
x-amz-id-2: mL/1aOJOlgpUhqQnfybU3hnGlMw7OYBPVCrMiscUI7ICZD2tldz5OJi5M7PC3D2kMPusjs15/aU=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:39 GMT
server: AmazonS3
etag: "df7c28d5a00c1589657f9dc7875c7922"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N25AW443YN5WW
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 8

GET
H2 200 ui-shared-949091b01d3d3ab0457b3033d3e63136.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 97C1 214 KB
61 KB 34ms
33ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-949091b01d3d3ab0457b3033d3e63136.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a44e43ff3f2cfb7a9a2d6f97f72b89ce4c228161f48c874a6b3e76f71644868

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 287
via: 1.1 varnish
x-cache: HIT
content-length: 62657
x-amz-id-2: H87OsK5npzUGoo6maxV5oNShTR46V7fIhVLdIrqlM9KatSj8kqTxHXyr25+GgrONaAf5px//dEY=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "e6fbd3185b800c740aa8b00e95ebc92c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N3QC4KP43Q1N6
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 13

GET
H2 200 elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 97C1 46 KB
11 KB 52ms
52ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cdc35d6b1038cf84ec8cf61abff81ee6ff36f57438f0ed9229b86a43386f56e3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 163
via: 1.1 varnish
x-cache: HIT
content-length: 11406
x-amz-id-2: cJDlmEU+PwQOYaoZWSZISS4kuF7BM9EEtepIR1SX3U/YjGh7QYy/dOnr9UkUVG7l1xTHGhE8ogE=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "2d66b0c2c1043dbc64cb85d8924c86ab"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7QXBV0C0MHSSXC
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 8

GET
H2 200 ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css
js.stripe.com/v3/fingerprinted/css/ Frame 05A9 17 KB
3 KB 55ms
55ms Stylesheet
text/css 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-fbbc6b7fa9d2977c6c9a09143f3027fd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 44
via: 1.1 varnish
x-cache: HIT
content-length: 2763
x-amz-id-2: sR1MQrQvF6g0VYwtdRf1/H1Cyhgkbl8qyGFQ0LBia3q7FE3AQSeu+M9ZYIQsrIwXuHEsE6UzrAQ=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 20:44:34 GMT
server: AmazonS3
etag: "9a9c2063d7db2d15e1e3281da15b9d41"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 8TSZ5PZE4C2PNHQS
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: text/css
x-cache-hits: 8

GET
H2 200 shared-b32fc07c0f665ac81b672c9ffb777d7d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 05A9 174 KB
44 KB 53ms
53ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea670ae855f2f2a2b3719efe146218a19418b0e8684c1e95b1ed0da5f32d1a9c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 43
via: 1.1 varnish
x-cache: HIT
content-length: 44800
x-amz-id-2: mL/1aOJOlgpUhqQnfybU3hnGlMw7OYBPVCrMiscUI7ICZD2tldz5OJi5M7PC3D2kMPusjs15/aU=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:39 GMT
server: AmazonS3
etag: "df7c28d5a00c1589657f9dc7875c7922"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N25AW443YN5WW
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 9

GET
H2 200 ui-shared-949091b01d3d3ab0457b3033d3e63136.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 05A9 214 KB
61 KB 55ms
54ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-949091b01d3d3ab0457b3033d3e63136.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a44e43ff3f2cfb7a9a2d6f97f72b89ce4c228161f48c874a6b3e76f71644868

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 287
via: 1.1 varnish
x-cache: HIT
content-length: 62657
x-amz-id-2: H87OsK5npzUGoo6maxV5oNShTR46V7fIhVLdIrqlM9KatSj8kqTxHXyr25+GgrONaAf5px//dEY=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "e6fbd3185b800c740aa8b00e95ebc92c"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7N3QC4KP43Q1N6
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 14

GET
H2 200 elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 05A9 46 KB
11 KB 57ms
57ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-5034fcce8b39fa63b414db4cbf716bc1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cdc35d6b1038cf84ec8cf61abff81ee6ff36f57438f0ed9229b86a43386f56e3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/elements-inner-card-aef647d1041359cc03891345daa8d07d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
content-encoding: br
vary: Accept-Encoding
age: 163
via: 1.1 varnish
x-cache: HIT
content-length: 11406
x-amz-id-2: cJDlmEU+PwQOYaoZWSZISS4kuF7BM9EEtepIR1SX3U/YjGh7QYy/dOnr9UkUVG7l1xTHGhE8ogE=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Mon, 09 Aug 2021 19:51:37 GMT
server: AmazonS3
etag: "2d66b0c2c1043dbc64cb85d8924c86ab"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: GC7QXBV0C0MHSSXC
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 9

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 177ms
176ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.create&event_count=21&timestamp=1628565992685&event_id=f1e10532-23b0-41ca-9406-9d7aca8be20c&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&options-style-base-type=blocks&options-style-base-blocks=%5Bobject+Object%5D&options-betas=&options-componentName=cardNumber&options-wait=true&options-rtl=false&element=cardNumber

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AB25 0
213 B 178ms
178ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 177ms
177ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=23&timestamp=1628565992686&event_id=5e3687f5-c0b5-40ad-8293-e28e9b1773e4&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&dom_loading=34&dom_interactive=92&dom_complete=98&since_sjs_load=2840&since_stripe_create=982&since_group_create=983&since_create=982&mount_duration=977&since_fetch=89&load_count=3&match_frame=true&resource_timings-ui-shared.css-transfer_size=3342&resource_timings-ui-shared.css-duration=30&resource_timings-shared.js-transfer_size=44996&resource_timings-shared.js-duration=36&resource_timings-ui-shared.js-transfer_size=62852&resource_timings-ui-shared.js-duration=38&resource_timings-elements-inner-card.js-transfer_size=11617&resource_timings-elements-inner-card.js-duration=30&element=cardNumber

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 177ms
177ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.event.ready&event_count=24&timestamp=1628565992689&event_id=a6c0643b-cf83-4b2b-949b-3c8e07b4a2b0&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&element=cardNumber

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 177ms
176ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.create&event_count=25&timestamp=1628565992723&event_id=51aa6250-bfe8-4b8c-b72e-fc084edb4c6b&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&options-style-base-type=blocks&options-style-base-blocks=%5Bobject+Object%5D&options-betas=&options-componentName=cardExpiry&options-wait=true&options-rtl=false&element=cardExpiry

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AB25 0
213 B 181ms
181ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 177ms
177ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=27&timestamp=1628565992723&event_id=fafa11d8-3e76-47d0-b5b4-17da67ac863a&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&dom_loading=35&dom_interactive=120&dom_complete=132&since_sjs_load=2869&since_stripe_create=1007&since_group_create=1012&since_create=1008&mount_duration=1005&since_fetch=118&load_count=2&match_frame=true&resource_timings-ui-shared.css-transfer_size=3339&resource_timings-ui-shared.css-duration=34&resource_timings-shared.js-transfer_size=44867&resource_timings-shared.js-duration=57&resource_timings-ui-shared.js-transfer_size=62785&resource_timings-ui-shared.js-duration=37&resource_timings-elements-inner-card.js-transfer_size=11564&resource_timings-elements-inner-card.js-duration=54&element=cardExpiry

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 179ms
178ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.create&event_count=28&timestamp=1628565992724&event_id=bf590dd5-b0c6-4246-8674-fe073cc118a0&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&options-style-base-type=blocks&options-style-base-blocks=%5Bobject+Object%5D&options-betas=&options-componentName=cardCvc&options-wait=true&options-rtl=false&element=cardCvc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AB25 0
213 B 180ms
180ms XHR
application/octet-stream 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-b32fc07c0f665ac81b672c9ffb777d7d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Aug 2021 03:26:32 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 179ms
179ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.timings&event_count=30&timestamp=1628565992725&event_id=380796f1-b1db-4c01-8978-270839d380d5&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&dom_loading=34&dom_interactive=128&dom_complete=139&since_sjs_load=2879&since_stripe_create=1019&since_group_create=1022&since_create=1019&mount_duration=1015&since_fetch=126&load_count=3&match_frame=true&resource_timings-ui-shared.css-transfer_size=3339&resource_timings-ui-shared.css-duration=56&resource_timings-shared.js-transfer_size=44868&resource_timings-shared.js-duration=60&resource_timings-ui-shared.js-transfer_size=62843&resource_timings-ui-shared.js-duration=60&resource_timings-elements-inner-card.js-transfer_size=11503&resource_timings-elements-inner-card.js-duration=58&element=cardCvc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 179ms
179ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.event.ready&event_count=31&timestamp=1628565992725&event_id=bc937160-bb32-49d1-a482-52f1cd442c3a&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&element=cardExpiry

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 194ms
194ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.event.ready&event_count=32&timestamp=1628565992726&event_id=bea9aae2-7b36-4cef-906a-dc461efec209&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&element=cardCvc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

OPTIONS
H3-29 200 get_config
app.funnelish.com/apps/api/v1/ Frame 0
0 223ms
223ms Preflight 2606:4700:3035::6815:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.funnelish.com/apps/api/v1/get_config
Protocol: H3-29
Server: 2606:4700:3035::6815:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://go.thcmedical.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 10 Aug 2021 03:26:33 GMT
content-length: 0
access-control-allow-headers: Content-Type
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXcKGDT2iRd8BZ9bdXaKkL5yawgQH13%2ByIF%2BFMigxi2fOaEgEB9ITfKXyJZxy6jrDxitGKyUgUOFnIEGLn8wZGhS3xO%2FswTklOWL3QDlniz1GH8R5CvmxfFkRmIKKCoE4%2Frb0lEW%2BIzABg6prHTeqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67c61f8f2af44eb6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 200 get_config Show response
app.funnelish.com/apps/api/v1/ 1 KB
837 B 229ms
229ms XHR
text/plain 2606:4700:3035::6815:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.funnelish.com/apps/api/v1/get_config
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98ae18e334a5a6d336d0664019463bcf83de8d5d7eaa9c6a04b1f8e4542d375f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 10 Aug 2021 03:26:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPI4d9qMYNsTP12Ye6Ph7ofz%2BDmoZUM1%2FgVDQeQL6rJnUnAaul%2BMM56X1O21suqgupfV0jh8trBiEHmvIEA3ML72p1mg4dXixDIkom0tjXCj%2B2RkAfenB7LKwLgBLsBBCRv2oluoWDUFPpFDNfmkdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 67c61f909d2f4eb6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 js Show response
app.funnelish.com/apps/api/v1/ 10 KB
4 KB 235ms
235ms Script
application/javascript 2606:4700:3035::6815:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.funnelish.com/apps/api/v1/js?api_key=LgAPnnSgAjSbLDRSxYUXRuBcFFgYrIgs&api_secret=6233136184&email=dangquangvinh.espeed@gmail.com&step_url=go.thcmedical.org/crystal0169&id=11&_=1628565992830
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ed5a64e7eeac321bfeba3caf7bcee31ba5cf84ef9486e100aabdfb875cd233

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 08 Aug 2021 11:58:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChPWrksfNBulq5AmzKwCBE8P0uZuchCTTTZWWufgeX%2B2zBgNnoPgkx7waNK%2F%2BgPiezORKDC1kcdRO4qSMvDLIP5tfbDQ8s6rFDUQF9CFs7sgMcm75NtG75gbw%2B2t%2Bg816Y54c%2FL6kHDJx%2Fi8u1SmnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 67c61f8f2b1dd6f5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 8A54 28 B
54 B 19ms
19ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/MwqQpmuXbDk?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-YouTube-Client-Version: 1.20210808.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtvYTNMbWJtRzdvWSjl48eIBg%3D%3D
X-YouTube-Ad-Signals: dt=1628565990502&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C507%2C285&vis=1&wgl=true&ca_type=image&bid=ANyPxKqI_T-CVJcrKXSYVkc41R7MaVRdPR9IjAsVDHcfi2txOOwjZfIGZhDzhnL3_AP0NEitMT7fF9dElWD1Ux81giHOnJWcng

Response headers

date: Tue, 10 Aug 2021 03:26:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 10 Aug 2021 03:26:33 GMT

POST
H3-29 200 get_config Show response
app.funnelish.com/apps/api/v1/ 1 KB
835 B 228ms
227ms XHR
text/plain 2606:4700:3035::6815:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.funnelish.com/apps/api/v1/get_config
Requested by: Host: go.thcmedical.org
URL: https://go.thcmedical.org/assets/lander.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98ae18e334a5a6d336d0664019463bcf83de8d5d7eaa9c6a04b1f8e4542d375f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 10 Aug 2021 03:26:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POvdNgTQQTV9dL5f0y5fi2NJcJr40iJRMVQHeHyS0uZ8lKbotmznEzRWmNcYEFwPe29rYixAcEgv8mb17sGUOuy%2BzI4U3fqzNk%2Be1U9xwDKSM55ojQM6HrWiZOVVklwoch2xD33CiGeYXqz05DPHBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 67c61f922f7b4eb6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

OPTIONS
H3-29 200 get_config
app.funnelish.com/apps/api/v1/ Frame 0
0 226ms
226ms Preflight 2606:4700:3035::6815:929
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.funnelish.com/apps/api/v1/get_config
Protocol: H3-29
Server: 2606:4700:3035::6815:929 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://go.thcmedical.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 10 Aug 2021 03:26:33 GMT
content-length: 0
access-control-allow-headers: Content-Type
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOuUNL9wVKlp4LPeIqtiuCBu3FBcCfD1Yax6KSxJD4qZJa%2FIbmA0SBan%2FryXV9lrtGqu5uguRaXyZE6JD1v1pnKdDmFgYEr5omJ0%2BG2mbVwzlCg3ROIF607KK5BK41HbFdi%2FGi1adb366gMx0%2F0NDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67c61f90bd654eb6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F961 28 B
54 B 21ms
20ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ho0c3ENtp-Q?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-YouTube-Client-Version: 1.20210808.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtvYTNMbWJtRzdvWSjl48eIBg%3D%3D
X-YouTube-Ad-Signals: dt=1628565990290&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C517%2C291&vis=1&wgl=true&ca_type=image&bid=ANyPxKo9mVdfazj0AEfqEbBP8kf49jJjlUU2yA6UnB11QqmkU2EsG2PmDWLCqAkEcHdkEn6odZJWN6DdrfnCuwPiLX8mMtiOEA

Response headers

date: Tue, 10 Aug 2021 03:26:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 10 Aug 2021 03:26:33 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 99C8 28 B
54 B 31ms
31ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/s8MOs6orbhU?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-YouTube-Client-Version: 1.20210808.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtvYTNMbWJtRzdvWSjl48eIBg%3D%3D
X-YouTube-Ad-Signals: dt=1628565990431&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C603%2C339&vis=1&wgl=true&ca_type=image&bid=ANyPxKqQdCb2oU2BLXJv1DB7aXE1UoUofjCdQm17K7AN7KhVxn5dp5GJUsvbXRj0kK3HPzIl7sHZKXEyoGsxTDh21syDc0SaUg

Response headers

date: Tue, 10 Aug 2021 03:26:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 10 Aug 2021 03:26:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: go.thcmedical.org
URL: https://go.thcmedical.org/crystal0169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: T5x3ptx2/5F56z1hiaKszQXFElB9WmvSGwnnjrI063eIovUoqDaUN/7Lo69E/EwxQ1w/fXuIdNga7SPFSqLp4Q==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 10 Aug 2021 03:26:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 914903749375869 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 214ms
213ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/914903749375869?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40473a2facef1262f5b8b7fe7c8e3a57a2590566d82dc330324c11252c4b5cd6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: UEZRaB4Ow/MTHbPjXf/5ARiXpzLPRhqtJu9hZCiGZlgbyYrFQ4yECgCADNdAa4fNm50tl5km+qdzVp7uCmBhjQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 10 Aug 2021 03:26:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CE31 28 B
54 B 22ms
22ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4224c673/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Fj5TOujJ5jQ?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
X-YouTube-Client-Version: 1.20210808.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtvYTNMbWJtRzdvWSjl48eIBg%3D%3D
X-YouTube-Ad-Signals: dt=1628565990800&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C507%2C285&vis=1&wgl=true&ca_type=image&bid=ANyPxKogg_Q8Xo1RCIoK8CESW7UphJKBOBh5CFscLdEgM3Od0l7eTKr9JMnvx0g6oy159XXSCb6TSWa5_LKiwVH3IFYU7rSNnQ

Response headers

date: Tue, 10 Aug 2021 03:26:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 10 Aug 2021 03:26:33 GMT

GET
H3-29 200 576680053497932 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 158ms
158ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/576680053497932?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45581b032ca205802df1bb238b85d94f91ff0f4e6454dee986c84f9e828fd979

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: pap3l5O+rrf0wYaobsRYTOVIK6Lr0XJC6cUKlWL/q/FxfPwF+KkxLYKsTpXLeoBHaaVpGvlZvxIUWJEY8Ser+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 10 Aug 2021 03:26:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 4008457755947380 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 135ms
135ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4008457755947380?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c6e305c1bddb2ea3bf2a8ab3ede818e849aa360629d46f3569c301aec314d13

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: xSfAdSIbU94N3RwWt0TExm0vPQJAA+8GgoVUwiCMd7ZRS5rzPX44aiINDRSlyrQFFrJrNi9TQH+aReBb0zFIqQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 10 Aug 2021 03:26:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 21ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=914903749375869&ev=PageView&dl=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&rl=&if=false&ts=1628565994132&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628565994131.564448098&it=1628565993565&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 10 Aug 2021 03:26:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 21ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=576680053497932&ev=PageView&dl=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&rl=&if=false&ts=1628565994135&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628565994131.564448098&it=1628565993565&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 10 Aug 2021 03:26:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 21ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4008457755947380&ev=PageView&dl=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&rl=&if=false&ts=1628565994135&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628565994131.564448098&it=1628565993565&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 10 Aug 2021 03:26:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 20ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=914903749375869&ev=ViewContent&dl=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&rl=&if=false&ts=1628565994136&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628565994131.564448098&it=1628565993565&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 10 Aug 2021 03:26:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 20ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=576680053497932&ev=ViewContent&dl=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&rl=&if=false&ts=1628565994137&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628565994131.564448098&it=1628565993565&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 10 Aug 2021 03:26:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 20ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4008457755947380&ev=ViewContent&dl=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&rl=&if=false&ts=1628565994137&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628565994131.564448098&it=1628565993565&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 10 Aug 2021 03:26:34 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=914903749375869&ev=Microdata&dl=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&rl=&if=false&ts=1628565994635&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Crystal%C2%AE%20BTE%20-%20Official%20Site%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22bte%2C%20hearing%20aids%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fgo.thcmedical.org%2Fhosted%2Fimages%2F49%2F880e78df394aa9863b2c26d27b0013%2FMJ-crystal.png%22%2C%22og%3Atitle%22%3A%22Crystal%C2%AE%20BTE%20-%20Official%20Site%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=2&o=30&fbp=fb.1.1628565994131.564448098&it=1628565993565&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 10 Aug 2021 03:26:34 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=576680053497932&ev=Microdata&dl=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&rl=&if=false&ts=1628565994638&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Crystal%C2%AE%20BTE%20-%20Official%20Site%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22bte%2C%20hearing%20aids%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fgo.thcmedical.org%2Fhosted%2Fimages%2F49%2F880e78df394aa9863b2c26d27b0013%2FMJ-crystal.png%22%2C%22og%3Atitle%22%3A%22Crystal%C2%AE%20BTE%20-%20Official%20Site%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=2&o=30&fbp=fb.1.1628565994131.564448098&it=1628565993565&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 10 Aug 2021 03:26:34 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4008457755947380&ev=Microdata&dl=https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169&rl=&if=false&ts=1628565994640&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Crystal%C2%AE%20BTE%20-%20Official%20Site%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22bte%2C%20hearing%20aids%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fgo.thcmedical.org%2Fhosted%2Fimages%2F49%2F880e78df394aa9863b2c26d27b0013%2FMJ-crystal.png%22%2C%22og%3Atitle%22%3A%22Crystal%C2%AE%20BTE%20-%20Official%20Site%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgo.thcmedical.org%2Fcrystal0169%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=2&o=30&fbp=fb.1.1628565994131.564448098&it=1628565993565&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 10 Aug 2021 03:26:34 GMT

GET
H2 200 trusted-types-checker-9b6e874f149cc545c2c2335f8707fd1f.js Show response
js.stripe.com/v3/fingerprinted/js/ 172 B
322 B 31ms
31ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-9b6e874f149cc545c2c2335f8707fd1f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

544bc1adef126901075f00fb30f014fcbcb3b7284269c42d3c0bd0ad8c7b1087

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:26:37 GMT
content-encoding: br
vary: Accept-Encoding
age: 213
via: 1.1 varnish
x-cache: HIT
content-length: 118
x-amz-id-2: gfc5slRAKdsdwARTQRmBNSNHND8gIsB3JKsMem4BAWo7wmP3uSvlTGfTvOGu+b0u1+Mfqx+VfEE=
x-served-by: cache-fra19134-FRA
timing-allow-origin: *
last-modified: Tue, 01 Jun 2021 22:25:35 GMT
server: AmazonS3
etag: "061c04e6217c3eb8dc56a4f26937a7b7"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: XAY8S5EGGYFZF6PQ
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1

GET
H2 200 /
q.stripe.com/ Frame AB25 43 B
285 B 177ms
176ms Image
image/gif 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=elements.trusted_types_check&event_count=33&timestamp=1628565997085&event_id=d6683f0c-800d-4ac4-aa15-2fe1ab0aebe4&os=Windows&browserFamily=Chrome&version=4fed1d7c9&key=pk_live_51IwbGCAj3TwfJltg1wzYY5eGvU3woBtqKBs6lehNGPj02YwqwQoloa1emB2np5PclFWN5dR2bmTFd19VAM3Zg7IK00uvT1gzz2&referrer=https%3A%2F%2Fgo.thcmedical.org&stripe_js_id=a3dca1ab-c006-4d76-a123-2a94fecf9850&controller_load_time=1628565992041&wrapper=unknown&es_module=false&frame_width=1600&result=ALLOWED

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 03:26:37 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: image/gif
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length: 43
expires: 0

POST
H/1.1 200
OK NRJS-fc902efb332119fff33 Show response
bam-cell.nr-data.net/events/1/ 24 B
505 B 136ms
135ms XHR
image/gif 162.247.243.146
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/NRJS-fc902efb332119fff33?a=367981416&v=1210.e2a3f80&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=13252&ck=1&ref=https://go.thcmedical.org/crystal0169
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://go.thcmedical.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 10 Aug 2021 03:26:42 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://go.thcmedical.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 67c61fc7fa0dedfb-CDG
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

360 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-20 00:41:57	Name: VISITOR_INFO1_LIVE Value: oa3LmbmG7oY
go.thcmedical.org/	1970-01-19 20:22:46	Name: outbrain_cid_fetch Value: true
.thcmedical.org/	1970-01-19 22:32:21	Name: _rdt_uuid Value: 1628565989988.07b4eff8-1a73-48d6-a80a-5d0cb5b82d29
go.thcmedical.org/	1970-01-20 05:08:21	Name: cf:NDcxNzY5MjI Value: :visited=true
go.thcmedical.org/	1970-01-20 05:08:21	Name: cf:source Value:
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: zKV_ss29iSs
go.thcmedical.org/	1970-01-20 05:08:21	Name: cf:aff_sub3 Value:
go.thcmedical.org/	1970-01-20 05:08:21	Name: cf:aff_sub Value:
go.thcmedical.org/	1970-01-20 05:08:21	Name: cf:name Value:
go.thcmedical.org/	1970-01-20 05:08:21	Name: cf:content Value:
go.thcmedical.org/	1970-01-20 05:08:21	Name: cf:cf_affiliate_id Value:
go.thcmedical.org/	1970-01-20 05:08:21	Name: cf:medium Value:
go.thcmedical.org/	1970-01-20 05:08:21	Name: cf:affiliate_id Value:
.thcmedical.org/	1970-01-19 22:32:21	Name: _gcl_au Value: 1.1.1099131455.1628565990
go.thcmedical.org/	1970-01-20 05:08:21	Name: cf:term Value:
go.thcmedical.org/	1970-01-20 05:08:21	Name: addevent_track_cookie Value: ad256004-ceaf-44bb-cd82-a37c1f1bb297
go.thcmedical.org/	1970-01-20 05:08:21	Name: cf:visitor_id Value: 112c928f-ac1f-4e9d-8d65-b99424744a47
go.thcmedical.org/	1970-01-20 05:08:21	Name: cf:aff_sub2 Value:
.go.thcmedical.org/	1970-01-19 20:22:47	Name: __cf_bm Value: 67fe8e9935ff5a7983111d9a5d3a0dee857e9393-1628565989-1800-ASUMIt1mOAm8kOaoDzvcy2vu1qoc09LG9svjiC2Ca0tob2rVsWB5qnpl7uCuMhLAgUGzTeYDdcTIm98dxDzYbGIPHR2/9rFwbssV3dV/ub6n

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://go.thcmedical.org/assets/lander.js(Line 112) Message: keen.io could not be loaded
console-api	log	URL: https://app.funnelish.com/xapp.js(Line 6) Message: apps:
console-api	log	URL: https://app.funnelish.com/xapp.js(Line 6) Message: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
amplify.outbrain.com
analytics.tiktok.com
app.clickfunnels.com
app.funnelish.com
assets.clickfunnels.com
bam-cell.nr-data.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
funnelish.com
go.thcmedical.org
googleads.g.doubleclick.net
i.ytimg.com
images.clickfunnels.com
js-agent.newrelic.com
js.stripe.com
lakeeriehearing.com
m.stripe.com
m.stripe.network
q.stripe.com
r.stripe.com
res.cloudinary.com
static.cloudflareinsights.com
static.doubleclick.net
tr.outbrain.com
track.addevent.com
use.fontawesome.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
www.youtube.com
yt3.ggpht.com
142.250.185.66
151.101.12.176
151.101.13.140
151.101.13.27
151.101.194.132
162.247.243.146
2.16.186.234
2.18.234.190
2600:9000:2181:4000:19:7d10:bd80:93a1
2606:4700:3035::6815:929
2606:4700:3037::6815:4e07
2606:4700::6810:10c2
2606:4700::6810:5e41
2606:4700::6810:cc2
2606:4700::6810:ec2
2a00:1450:4001:802::200a
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:808::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:829::2016
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::393
34.211.191.133
50.28.57.25
54.186.23.98
54.187.159.182
54.72.172.153
70.42.32.127
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
025a1f3418f665e36c16a74898c3ca0c378a4a1de1c281c58df0fda4bb8e2894
02ca80e9907fbda560c7d8ea3e13ebeb2404e3ace34a1a36cd092880ea2176ee
0a4454ac29efc8af49d07575cb3f70acabdfb0eaae471ee5b7d675fc87a7634e
0b2ea9e7931851f990381b912341a664b88f71c0c15e2cca600e9379fd3b0813
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
0db8b05a70801f5932fdf0026e1118d5444333a760719162a47d2ff8cf1e23ac
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
123ab9cfae34b4888d9d464b1a0fafdcf425a1d24c4c85474870e510f3d60328
14b8139d7060dc4d9f9f8750a2d9b34b45e73fde7e4dade88c1123aa77054ee8
174d7e0f62965d5cb134444b3f2a0d1c512d47b46b1dd37d937f622ccb6a5cd3
183afe18037906b8851a262e0f5d0ee14aa17e8df162856db96b77fcd45a9f15
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
21c656c6aae5babedb87b7511e29fad50499615042bf7fdf35667dfcbbf19acb
248bd5c873744a1ba01f31cb2c9f9ee1866587602f8ea370c9ad8d11ae2cd7ca
2b01d55bd8dddfa1f9b2af932c04769bac28c5d60b6ca5e5112a92e8d1348c40
2d020a4778eec4184fa266127ee9e5afed4eec119438d394d7b29a63973285e8
2d49301904638bf0f1f02b4f4d81e4c20d7f221366f1ae6efb73e3f1dd1fd464
32f66af2d3567ad74cffa251ec900b9382d7e01952fda08929edf5a64ca1a062
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
35866d83a80616ce273085d197a896851d43475fbcc173d0ef6dd49d0ad22aa3
39ed5a64e7eeac321bfeba3caf7bcee31ba5cf84ef9486e100aabdfb875cd233
3dae1b95ac9519f0f65a5c36764597d4f506f942bf33c3ded5983293737486fd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40473a2facef1262f5b8b7fe7c8e3a57a2590566d82dc330324c11252c4b5cd6
4078d6c6556899876249bc5306487f4ae5c9d74caab15ade4e3061a6df90aa61
40bf68f1d329c839b7b39db9040a441d3d2e0284fe26f0511b8943dc46b3ef6f
45581b032ca205802df1bb238b85d94f91ff0f4e6454dee986c84f9e828fd979
47175b1daa58725f19ffe6baa072761eeb7e1c80cb30e4c6ba0e58b0605915aa
4de975f97fecd028e959b36ad8636ff6b418f8894caa2ec16cf18581643ece47
50cf3499f3f3e660c8d1a6001308c32306961043c33df07163b8f817b63c930e
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
5239cd9f74667cbff04cdf9a13b9b7aa493ef43c5aac34dfecbcfac0496bf92c
52b9219d2b341d9d2fccca96c63895f1ce8b22d6b7b6d0896102b5b4e297bd88
52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
54340e3f1f44609c0b3285866bcc5514d69e1f67640ed6c853c2dbf4eff2ef88
544bc1adef126901075f00fb30f014fcbcb3b7284269c42d3c0bd0ad8c7b1087
5a44e43ff3f2cfb7a9a2d6f97f72b89ce4c228161f48c874a6b3e76f71644868
5b1bdbb340a0c14464fdd00c1a15e11326263ae38bf44e3f0a80107f1e2b0bd7
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5d0c0dc2681a1250a3b84acba8493f89591f7b9630a1ef795d9df052db229500
63d41983cb11cb819383ae7d42101f22005b612b02e3cfab3ca39a7208778a2c
676bc309b8bc0ec69966f658246b44efec584753a6b53138578a9f193f087343
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6af581d327e437e21da4b082c8cffbee6aa0dc0ac7ea3352ec95855f54d4ee27
7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
75f92bf579e015b79a1ff6668c2e5957288e53cd92020fb2104361c9b41be6ae
78ccfa0fba5ab2cfef812fff3452cfdc73b6573900a9613b2828dfa691535b57
7c5c2990f03ef6c4d792dcd61a36cc79e2598165506295ae16e6b2040a6c9866
7c6e305c1bddb2ea3bf2a8ab3ede818e849aa360629d46f3569c301aec314d13
80398af9331a338ed258fa05e07de4cdca2d835d9f2a5259f44f2f4abb1ca165
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
82f57af64c9ae441f0a2418e9dbcf1241ebf14b1671818d445334e4fe8080a01
847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb
854eeab54c92762230493a02ad6c7227d0ae34a0605605b5fd5f668f0310d241
90bb64a713453635950bd1ac500d4f3216f76ba8eb80b2fc2d340da6b9a7c92e
91e6a69efe63f3800a792794c1defed43b6d5a7d360d7693323bad4285422ce5
9211133b27c829b1af6d5e654a7287001caf220d0732d2394fb5db8212a840b0
987902c6c8d34bc663e2406589e9c26e9118839c9aefccc8616299ed524dbf29
98ae18e334a5a6d336d0664019463bcf83de8d5d7eaa9c6a04b1f8e4542d375f
99c1949864ce5857840e26e8f83d0e782eda8032acd8c7f4ee602cb1a16e07ed
99c6891cfe8465f228ac06812f8ccfb4da8e7bf714bea19c5e723533f20ee7df
99f12ec8d9b317ba4645090cd2ecb5090e9c92a6cf96e267aba883be04514273
9d871061bcfb3b45d78456e425ea00cec29e3b52c1136f7ea0071102a75f30e4
a0ab6d8039987392a26c6a97d1998987fc0ab10fb69e1879d026368e79ac833b
a23eb4f5098fe57f0d4ba0780ed87ff80bf4d31f0ad50c4cf50996827989d9ee
a3e859b8149a06247853276aa0b4c79c4f3d0d63e91baf88bf96b76fbfc1b492
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
acc97e3c52e9194fe62df0bd86012bdbebd90cf07ff83c1073038ed4c9eeff8c
b04d6741a8f47e4dce61eb8428741041365bd9b25e0e791508a6ac151ee43f46
b64d2142784b8cc71bd71e8c94ab14a82b6ea4f02238428405ac90f2969a2517
b686605a148483c5911dfc62c8992bdcb183ec9242c87d0a0e0bdd73651b1522
b7ca428be132f8c54867ebcafb286de18204b9cd42adb06b1548c468fb6e781b
b9bba452bd7ab92885415d470d81e75e322f9c2f1b061999db930fb6c7606b18
b9cf652fa4cfc3b7d5cfcc57fed17d0c4780061e6c643fd03141e94426f26936
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c6165976ca61008ac1e9c6adbabb842e33c765d14094dddac0ad6ba76f0de1d2
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c98893b44af705c8da0b5c2d2bd625e668b5095e5911a76a5fd10faf5caffad5
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cc1967c55b7815465d4e44e67c18f1bacf8e0a8bf732e390d97c15da6177d0c1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc88bda4ce653c1508f11cf4a69da4859e87952d3c74b3278fdf7c98aa7156d5
cd36bbb453736ae048e6aa4c698588c733f11b071bb8c7e7d8b97e9e02a7cf06
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cdc35d6b1038cf84ec8cf61abff81ee6ff36f57438f0ed9229b86a43386f56e3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d515187ce3e6d79c513ed3dbe1f75d90f7706a3afad7c81c2bb55ac0df850373
d717c22b73d39caf59c4d46c23774ac2386bfc80937b90fd09ab56c0f2e7b072
d7466c19dbfc7d5dbd2fcf9bace33d03eb2ad72ad75ddb464f6faefd3abdec57
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dfe04b96dbef162fa7d26af2eb20ee1c28e404aa4eb08f860a77ba4f58c139a3
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
e01e0fb5ccbc983bcaaa9e324e1469c11ee941c27f057b7602e007caf8437d8f
e26b31b609e44e401e93111cd65784f23b93e73320a17ad7c0aa21389c118758
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7125a121c31e5e343abe97b1972b452dc1b44d94a9ab3380abf4106d334cdb7
e8312763f657406a0328d9901f05e3c28611700e3408a56a5ec993acdd70f2aa
ea670ae855f2f2a2b3719efe146218a19418b0e8684c1e95b1ed0da5f32d1a9c
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12b1080681ef1069d36cc32369b45fa4c6cbc3f473d1cd79c5e172f4eee4a16
f2cd4d088520163ba2b2a56b7e9c9eead3dcd7567febccf1ef66d86e46cf0871
f736cfabd6270c7bb0910483a8752601f6154744e542021253eb43b136aabb41
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
f8954ed4844fc130b3f2aa636de6b18ea3431738a9d3b45146497a17210d450c
fa9c56b62694aaf4b9d1d1a24b19224d496d8568109917aa90153f5c7dc0fad6
fb4aa8813c39eee69d2f1fb178019a3a449698a224fcabc219b118225bbcc218
fc0cbaf945a159758b1e56536890cd2d929d45c74f5c1a0b22a66daf3d8c246a
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad
ff243a1a71ffdb02522db7c5dd1e37bc4d82d3ff60ba76a926a5c5301fb9b7a2
ff8d04a3074dac7a0a26127c704090c455e0af5cf5869c033c4cb95d430aaaca

go.thcmedical.org Open in urlscan Pro 2606:4700::6810:ec2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

262 Requests

100 %HTTPS

62 %IPv6

28 Domains

37 Subdomains

37 IPs

3 Countries

17633 kBTransfer

32093 kBSize

19 Cookies

6 Outgoing links

Page URL History

Redirected requests

262 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

go.thcmedical.org Open in urlscan Pro
2606:4700::6810:ec2 Public Scan

Screenshot
Live screenshot

Full Image

262
Requests

100 %
HTTPS

62 %
IPv6

28
Domains

37
Subdomains

37
IPs

3
Countries

17633 kB
Transfer

32093 kB
Size

19
Cookies

262 HTTP transactions
4 data transactions