www.rivers4recovery.org Open in urlscan Pro
198.49.23.145 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.rivers4recovery.org/
Submission: On February 19 via automatic, source certstream-suspicious (February 19th 2023, 7:10:43 pm UTC) — Scanned from DE

Summary HTTP 66 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 66 HTTP transactions. The main IP is 198.49.23.145, located in United States and belongs to SQUARESPACE, US. The main domain is www.rivers4recovery.org.
TLS certificate: Issued by R3 on February 19th 2023. Valid for: 3 months.

This is the only time www.rivers4recovery.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	198.49.23.145 198.49.23.145	53831 (SQUARESPACE) (SQUARESPACE)
1	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
9	151.101.0.237 151.101.0.237	54113 (FASTLY) (FASTLY)
4	151.101.0.238 151.101.0.238	54113 (FASTLY) (FASTLY)
1	13.32.27.75 13.32.27.75	16509 (AMAZON-02) (AMAZON-02)
2	23.50.131.77 23.50.131.77	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2600:9000:225... 2600:9000:2251:8000:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
6	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
1	2600:9000:20e... 2600:9000:20eb:e000:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.74.186.54 3.74.186.54	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.113 13.224.189.113	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:21f... 2600:9000:21f3:be00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
66	14

19 198.49.23.145 (United States)

ASN53831 (SQUARESPACE, US)

www.rivers4recovery.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.0.237 (United States)

ASN54113 (FASTLY, US)

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.238 (United States)

ASN54113 (FASTLY, US)

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-75.fra56.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.50.131.77 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-77.deploy.static.akamaitechnologies.com

images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2251:8000:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e000:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.186.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-186-54.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-113.fra2.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:be00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	rivers4recovery.org www.rivers4recovery.org	45 KB
13	gstatic.com fonts.gstatic.com	167 KB
13	squarespace.com assets.squarespace.com — Cisco Umbrella Rank: 5455 static1.squarespace.com — Cisco Umbrella Rank: 5282	970 KB
7	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4668 buttons-config.sharethis.com — Cisco Umbrella Rank: 6079 l.sharethis.com — Cisco Umbrella Rank: 4876 platform-cdn.sharethis.com — Cisco Umbrella Rank: 11210	49 KB
4	everyaction.com secure.everyaction.com — Cisco Umbrella Rank: 58202	10 KB
4	cloudfront.net d3rse9xjbp8270.cloudfront.net	351 KB
2	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 57063 fastaction.ngpvan.com — Cisco Umbrella Rank: 108947	2 KB
2	squarespace-cdn.com images.squarespace-cdn.com — Cisco Umbrella Rank: 4396	582 KB
1	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 35916	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
66	10

	Domain	Requested by
19	www.rivers4recovery.org	assets.squarespace.com
13	fonts.gstatic.com	fonts.googleapis.com
9	assets.squarespace.com	www.rivers4recovery.org static1.squarespace.com
4	platform-cdn.sharethis.com	www.rivers4recovery.org
4	secure.everyaction.com	d3rse9xjbp8270.cloudfront.net www.rivers4recovery.org
4	d3rse9xjbp8270.cloudfront.net	www.rivers4recovery.org d3rse9xjbp8270.cloudfront.net
4	static1.squarespace.com	www.rivers4recovery.org static1.squarespace.com
2	images.squarespace-cdn.com	www.rivers4recovery.org
1	fastaction.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	js.verygoodvault.com	d3rse9xjbp8270.cloudfront.net
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	platform-api.sharethis.com	www.rivers4recovery.org
1	fonts.googleapis.com	www.rivers4recovery.org
66	15

This site contains links to these domains. Also see Links.

Domain
fastaction.ngpvan.com
www.internationalrivers.org
www.transrivers.org
perangua.com

Subject Issuer	Validity	Valid
www.rivers4recovery.org R3	`2023-02-19` - `2023-05-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.squarespace.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-12` - `2023-03-25`	a year	crt.sh
sharethis.com Amazon	`2022-06-19` - `2023-07-18`	a year	crt.sh
*.squarespace-cdn.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-30` - `2023-05-03`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.ngpvan.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-12-09` - `2023-12-08`	a year	crt.sh
*.verygoodvault.com Amazon	`2023-01-18` - `2024-02-16`	a year	crt.sh
*.everyaction.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-11` - `2023-04-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.rivers4recovery.org/
Frame ID: 502614C9265FC74DF960FF79BC7A4A0A
Requests: 68 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rivers4Recovery

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

66
Requests

100 %
HTTPS

38 %
IPv6

10
Domains

15
Subdomains

14
IPs

3
Countries

2221 kB
Transfer

7436 kB
Size

10
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://www.internationalrivers.org/news/press-release-report-stronger-river-protections-vital-to-a-green-just-recovery/
Title: PRESS RELEASE| Report: Stronger river protections vital to a green, just recovery

Search URL Search Domain Scan URL

URL: https://www.internationalrivers.org/

Search URL Search Domain Scan URL

URL: http://www.transrivers.org/

Search URL Search Domain Scan URL

URL: https://perangua.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.rivers4recovery.org/ 383 KB
44 KB 570ms
196ms Document
text/html 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

87806e4e5cd6c84ec881e8f653231f3bb58893fd7f63fb4681bcd58a3db23651

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 159227
content-encoding: gzip
content-length: 44530
content-type: text/html;charset=utf-8
date: Fri, 17 Feb 2023 22:56:47 GMT
etag: W/"bc3fcd72c87a69937fe3f59e236e22bc--gzip"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: 2ZinnxU1/y0lqBZ9c

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 201ms
75ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Requested by

Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a3c9b278b3ae7db31f88840aa9de24cd915775e197162b8a828c495fcde348c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Feb 2023 19:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Feb 2023 19:10:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Feb 2023 19:10:36 GMT

GET
H2 200 modern.js Show response
assets.squarespace.com/@sqs/polyfiller/1.6/ 115 KB
42 KB 137ms
40ms Script
text/javascript 151.101.0.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
Requested by: Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75

Request headers

Referer: https://www.rivers4recovery.org/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 1, 54227
date: Sun, 19 Feb 2023 19:10:36 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6395472
x-cache: HIT, HIT
content-length: 42447
x-served-by: cache-iad-kiad7000073-IAD, cache-hhn-etou8220049-HHN
last-modified: Mon, 31 Oct 2022 21:19:57 GMT
server: UploadServer
x-timer: S1676833836.019277,VS0,VE0
etag: "fe0d53a94823df972dbf107bf190771a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 18:39:24 GMT

GET
H2 200 extract-css-runtime-c862b29dd7d241c4ece62-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 46 KB
16 KB 43ms
41ms Script
text/javascript 151.101.0.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-c862b29dd7d241c4ece62-min.en-US.js
Requested by: Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: dbb01fa20ed81ec86f470d1dd1472dee31b63ed58d0707d6cabb148e3a846415

Request headers

Referer: https://www.rivers4recovery.org/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 40, 9048
date: Sun, 19 Feb 2023 19:10:36 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 165967
x-cache: HIT, HIT
content-length: 15884
x-served-by: cache-iad-kiad7000167-IAD, cache-hhn-etou8220049-HHN
last-modified: Fri, 17 Feb 2023 20:57:10 GMT
server: UploadServer
x-timer: S1676833836.403917,VS0,VE0
etag: "69661b4aaeaf7ae2ae5654595844f236"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:04:29 GMT

GET
H2 200 extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 575 KB
86 KB 49ms
47ms Script
text/javascript 151.101.0.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js
Requested by: Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a59acd7a8cbaf68d5d628ac09c501f01a2f3f42c9affa8f3d101f2860d1cc3f7

Request headers

Referer: https://www.rivers4recovery.org/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 1, 51713
date: Sun, 19 Feb 2023 19:10:36 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 6918708
x-cache: HIT, HIT
content-length: 87950
x-served-by: cache-iad-kjyo7100028-IAD, cache-hhn-etou8220049-HHN
last-modified: Mon, 21 Nov 2022 16:44:05 GMT
server: UploadServer
x-timer: S1676833836.405188,VS0,VE0
etag: "c790849e8518999c8594a0bbb6597784"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 17:18:47 GMT

GET
H2 200 cldr-resource-pack-c6a38111aec507149cb3d-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 119 KB
18 KB 50ms
47ms Script
text/javascript 151.101.0.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-c6a38111aec507149cb3d-min.en-US.js
Requested by: Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cc24dd38ed85a67f17008d33a7131f4103302bd01b11126f9c8c2dcd6ae020e5

Request headers

Referer: https://www.rivers4recovery.org/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 25, 52982
date: Sun, 19 Feb 2023 19:10:36 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 2778858
x-cache: HIT, HIT
content-length: 18361
x-served-by: cache-iad-kiad7000057-IAD, cache-hhn-etou8220049-HHN
last-modified: Wed, 18 Jan 2023 14:53:08 GMT
server: UploadServer
x-timer: S1676833836.404766,VS0,VE0
etag: "1fb78cb0eb4ac17a64497e0e8847ddcc"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 15:16:18 GMT

GET
H2 200 common-vendors-stable-fd2acc815706e38fcfdf0-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 240 KB
69 KB 50ms
47ms Script
text/javascript 151.101.0.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-fd2acc815706e38fcfdf0-min.en-US.js
Requested by: Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 00010b2f3db222fc437b60b2f52a040809b21b18b44d3e9f548dbae2533d1e81

Request headers

Referer: https://www.rivers4recovery.org/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 23, 51232
date: Sun, 19 Feb 2023 19:10:36 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 2778856
x-cache: HIT, HIT
content-length: 70642
x-served-by: cache-iad-kcgs7200137-IAD, cache-hhn-etou8220049-HHN
last-modified: Wed, 18 Jan 2023 14:52:01 GMT
server: UploadServer
x-timer: S1676833836.404738,VS0,VE0
etag: "acbc32f393943567180ad813f45cee9d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 15:16:20 GMT

GET
H2 200 common-vendors-bd388a58725d27de3369b-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 733 KB
165 KB 50ms
48ms Script
text/javascript 151.101.0.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js
Requested by: Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ab472faf3b0d3dacc811aaee545add6f7114d16fb7800c752c39a9493a8e0652

Request headers

Referer: https://www.rivers4recovery.org/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 20, 27
date: Sun, 19 Feb 2023 19:10:36 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 268187
x-cache: HIT, HIT
content-length: 168760
x-served-by: cache-iad-kcgs7200084-IAD, cache-hhn-etou8220049-HHN
last-modified: Thu, 16 Feb 2023 16:34:07 GMT
server: UploadServer
x-timer: S1676833836.404733,VS0,VE0
etag: "4a560e784715fd1f2e52e4d7d75b077d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 16:40:48 GMT

GET
H2 200 common-1f085a4bf3d5845ab2a87-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 2 MB
374 KB 142ms
140ms Script
text/javascript 151.101.0.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-1f085a4bf3d5845ab2a87-min.en-US.js
Requested by: Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4b9f60e3b786e9991b4c5b035d8b75942c4e0df96270854f50fcb33db6ef5ceb

Request headers

Referer: https://www.rivers4recovery.org/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 38, 42
date: Sun, 19 Feb 2023 19:10:36 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 165966
x-cache: HIT, HIT
content-length: 382048
x-served-by: cache-iad-kiad7000111-IAD, cache-hhn-etou8220049-HHN
last-modified: Fri, 17 Feb 2023 20:49:21 GMT
server: UploadServer
x-timer: S1676833836.405472,VS0,VE1
etag: "77e8a08914ab0731e88a811c1289bf34"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:04:29 GMT

GET
H2 200 performance-2b31864e00dd18f9fadd4-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 244 KB
53 KB 85ms
83ms Script
text/javascript 151.101.0.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-2b31864e00dd18f9fadd4-min.en-US.js
Requested by: Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8083f0c138361a5fc69501988267c843870b84852254e3208d8aefc2cf9a1088

Request headers

Referer: https://www.rivers4recovery.org/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 15, 28731
date: Sun, 19 Feb 2023 19:10:36 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 1383410
x-cache: HIT, HIT
content-length: 53556
x-served-by: cache-iad-kjyo7100064-IAD, cache-hhn-etou8220049-HHN
last-modified: Fri, 03 Feb 2023 18:45:37 GMT
server: UploadServer
x-timer: S1676833836.405466,VS0,VE0
etag: "3928f4bc4d0491fcd58e38cb1abeccec"
vary: X-Goog-Allowed-Resources,Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Feb 2024 18:53:45 GMT

GET
H2 200 site.css
static1.squarespace.com/static/versioned-site-css/5fa99765815eb50f4e40f68a/145/5c5a519771c10ba3470d8101/5fa99765815eb50f4e40f6a5/1348/ 945 KB
99 KB 268ms
172ms Stylesheet
text/css 151.101.0.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/versioned-site-css/5fa99765815eb50f4e40f68a/145/5c5a519771c10ba3470d8101/5fa99765815eb50f4e40f6a5/1348/site.css

Requested by

Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

e252f297cfd817499b708d957f96a49caf09fa50ef4c12aa273f685849bc1e47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 5, 0
date: Sun, 19 Feb 2023 19:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 166949
x-cache: HIT, MISS
x-contextid: kStK099A/EDQDefoO
content-length: 100916
x-served-by: cache-dfw-kdfw8210086-DFW, cache-hhn-etou8220098-HHN
pragma: cache
server: Squarespace
x-timer: S1676833836.133069,VS0,VE132
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 197 KB
44 KB 144ms
45ms Script
text/javascript 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Resource Hash

4c762350bf5dcf159a3adfddb1c33d90a8d85daaf7c5de9ea82b5fd201dd2d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 19:04:38 GMT
content-encoding: gzip
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C2
age: 358
etag: W/"31224-Gf78CYYYtb3Uvr+/+bTpOi3PB9M"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: ljmF0bCwVgMLADza9yj3guaY4HrF3lsvMWGjLrT2LQnzFBSmW7hFSA==

GET
H/1.1 200
OK Website+Logo+V2.png
images.squarespace-cdn.com/content/v1/5fa99765815eb50f4e40f68a/1605298660111-XGFO5TNDSRDXVTTINLTE/ 36 KB
37 KB 2527ms
2327ms Image
image/png 23.50.131.77
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5fa99765815eb50f4e40f68a/1605298660111-XGFO5TNDSRDXVTTINLTE/Website+Logo+V2.png?format=1500w
Requested by: Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-77.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9f26e03ee0b34d06c9222301a510846a012b3a1792c8db072b4bcc68d67fe39f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 19:10:38 GMT
ETag: CODcl8SrgO0CEAE=
Vary: "Accept-Encoding"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 37315
Tracepoint: "Akamai"

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 816 KB
231 KB 167ms
48ms Script
application/javascript 2600:9000:2251:8000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:8000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fca4987bc96c0aa6cc5fb39831cd48be7fcc533d00214f87a0d1564d9d69094

Request headers

Referer: https://www.rivers4recovery.org/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 15:38:16 GMT
content-encoding: gzip
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 47442
x-cache: Hit from cloudfront
content-length: 235538
last-modified: Tue, 14 Feb 2023 15:37:34 GMT
server: AmazonS3
etag: "face3f081c0007bdf94b8af1d890580b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: CnivqEUwNmTUHvVQU4EHpISfQ589xjRSnlEE0k05M239KkRGbXUipQ==

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 59 KB
12 KB 128ms
45ms Stylesheet
text/css 2600:9000:2251:8000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:8000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5672f8c157db43e8f0627053b278d92a205c9604ff727abdea1d44d517ca2a8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 10:15:35 GMT
content-encoding: gzip
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 32106
x-cache: Hit from cloudfront
content-length: 11468
last-modified: Tue, 14 Feb 2023 15:37:34 GMT
server: AmazonS3
etag: "2eebe367acc4b7329e6187cb8d62d9c5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: F7h43cobV6WpxRpr3VjRVrhZZswG2qmmSz96VBb-roX2q1hajBc6Mg==

GET
H2 200 site-bundle.44ff1d66174cc80799b6f548cd1732e3.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 174 KB
43 KB 41ms
39ms Script
application/javascript 151.101.0.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.44ff1d66174cc80799b6f548cd1732e3.js

Requested by

Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

0238bb3cf7480c7d5696f23a8bcdc50d5b33e78374591060226e05c9bc3e2f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 16, 10513
date: Sun, 19 Feb 2023 19:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 184621
x-cache: HIT, HIT
x-contextid: DfnX7NrS/HLRKQ36q
content-length: 43388
x-served-by: cache-dfw-kdfw8210124-DFW, cache-hhn-etou8220098-HHN
pragma: cache
server: Squarespace
x-timer: S1676833836.404526,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 293ms
159ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:40:31 GMT
x-content-type-options: nosniff
age: 279005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 13:40:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 188ms
55ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:13:56 GMT
x-content-type-options: nosniff
age: 280600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 13:13:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 315ms
185ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 00:36:30 GMT
x-content-type-options: nosniff
age: 239646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 00:36:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 286ms
180ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:43:54 GMT
x-content-type-options: nosniff
age: 282402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 12:43:54 GMT

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 20 KB
21 KB 220ms
129ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6454829f91def11ae630252985f686e8553c439ee0ee4d20b0e6dda0429fd30d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:56:24 GMT
x-content-type-options: nosniff
age: 512052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20968
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:02:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Feb 2024 20:56:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 218ms
127ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 12:23:05 GMT
x-content-type-options: nosniff
age: 283651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 12:23:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 300ms
213ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:02:06 GMT
x-content-type-options: nosniff
age: 281310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9576
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 13:02:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 290ms
205ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:17:20 GMT
x-content-type-options: nosniff
age: 258796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11796
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 19:17:20 GMT

GET
H/1.1 200
OK pexels-johannes-plenio-1126379.jpg
images.squarespace-cdn.com/content/v1/5fa99765815eb50f4e40f68a/1605298572383-85924Y0BXA6CUHIC58YF/ 545 KB
546 KB 635ms
500ms Image
image/jpeg 23.50.131.77
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5fa99765815eb50f4e40f68a/1605298572383-85924Y0BXA6CUHIC58YF/pexels-johannes-plenio-1126379.jpg?format=2500w
Requested by: Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.131.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-131-77.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e6e268b24e232700678bb3606ab94fece471596bbd8633bbc7ec5221df3c3d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 19:10:37 GMT
ETag: COvDrZurgO0CEAE=
Vary: "Accept-Encoding"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Timing-Allow-Origin
Cache-Control: max-age=604799
Connection: keep-alive
Accept-Ranges: bytes
Timing-allow-origin: *
Content-Length: 558220
Tracepoint: "Akamai"

GET
H2 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 126ms
125ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:42:36 GMT
x-content-type-options: nosniff
age: 257280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17508
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 19:42:36 GMT

GET
H2 200 play-button.png
assets.squarespace.com/universal/images-v6/damask/ 1 KB
2 KB 122ms
41ms Image
image/png 151.101.0.237
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.squarespace.com/universal/images-v6/damask/play-button.png
Requested by: Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/versioned-site-css/5fa99765815eb50f4e40f68a/145/5c5a519771c10ba3470d8101/5fa99765815eb50f4e40f6a5/1348/site.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c8e214c8a689800e4083b385274bb0dc12ced5d3e08ec4c4e93da64a56b671a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static1.squarespace.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 1, 2
date: Sun, 19 Feb 2023 19:10:36 GMT
via: 1.1 varnish, 1.1 varnish
age: 4457005
x-cache: HIT, HIT
content-length: 1219
x-served-by: cache-iad-kjyo7100169-IAD, cache-hhn-etou8220075-HHN
last-modified: Wed, 17 Apr 2019 22:28:01 GMT
server: UploadServer
x-timer: S1676833837.733476,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 19:08:44 GMT

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDTbtPY_Q.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 12 KB
12 KB 105ms
104ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDTbtPY_Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef5e7cd56b57ab335d1b0062e4c6a8d1cab1fe267b50bef1c6284f9c344146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 13:06:24 GMT
x-content-type-options: nosniff
age: 281052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 13:06:24 GMT

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 78 KB
14 KB 55ms
54ms Stylesheet
text/css 2600:9000:2251:8000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:8000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 946d7c6b995aa6c43fecbce40b461be182fecb8902868a1dcd9da455cbb4dc65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 15:38:32 GMT
content-encoding: gzip
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 46740
x-cache: Hit from cloudfront
content-length: 14219
last-modified: Tue, 14 Feb 2023 15:37:34 GMT
server: AmazonS3
etag: "099da37cab7ee72dd657de9099760b78"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: -bqIliZPA8x2ahBF7BjmwkH_9K1y4jCPW2cy4YDZDxqM7f4PUDg_cw==

GET
H2 204 identity Show response
profile.ngpvan.com/ 0
767 B 520ms
403ms Script
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 19:10:36 GMT
reason: Returned 204 - No Content. Referrer not whitelisted
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express, ASP.NET
x-iinfo: 2-78714401-78714411 NNNN CT(87 179 0) RT(1676833836664 42) q(0 0 2 0) r(3 3) U24
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 5f442cbd12340c0012eef212.js Show response
buttons-config.sharethis.com/js/ 381 B
804 B 578ms
468ms Script
text/javascript 2600:9000:20eb:e000:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5f442cbd12340c0012eef212.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:e000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ddf044aa42a6a947fb98a4cd9066430c377d5468e90d6846fc39550db48adb1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 19:10:38 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 24 Aug 2020 21:10:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "61f5403207d65459ae0de876b3c3c44d"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 381
x-amz-cf-id: uDsHSHh1CU4Umvz1NFNN4oKAbGxByh3PvnSGovdhvzPBRr3mGwCNIg==

GET
H2 200 settings Show response
www.rivers4recovery.org/api/1/performance/ 53 B
153 B 163ms
163ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rivers4recovery.org/api/1/performance/settings
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-1f085a4bf3d5845ab2a87-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 6dc701a3182816f96e0249adfbd83bc4db58308ad73777c7dfc1ab9fa91d2307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 19:10:36 GMT
x-contextid: 2ZinnxU1/NOKk1vDU
server: Squarespace
content-length: 53
vary: Accept-Encoding, User-Agent
content-type: application/json

GET
H2 200 gallery-grid.8c479117e60930f83573.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 14 KB
4 KB 39ms
39ms Script
application/javascript 151.101.0.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/gallery-grid.8c479117e60930f83573.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.44ff1d66174cc80799b6f548cd1732e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

c64f711070e933da40f305b5a5a6098c0c6c6901b51fa4a2ba9274babbc74520

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 3501, 6
date: Sun, 19 Feb 2023 19:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 997367
x-cache: HIT, HIT
x-contextid: RMH6ReVp/0pOkKac6
content-length: 4046
x-served-by: cache-dfw-kdfw8210028-DFW, cache-hhn-etou8220098-HHN
pragma: cache
server: Squarespace
x-timer: S1676833837.966053,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

POST
H2 200 RecordHit Show response
www.rivers4recovery.org/api/census/ 17 B
59 B 210ms
209ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/eic8X75a
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
59 B 215ms
215ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/KPXOaCaW
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
59 B 212ms
211ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/NARKFCR4
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
134 B 207ms
207ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/zyjClQrM
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
59 B 212ms
211ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/Xvp7F0nf
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
58 B 227ms
226ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/b0JcgCoE
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
59 B 209ms
208ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/JF7yxNJi
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
59 B 225ms
225ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/R6QjKbcn
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
59 B 356ms
356ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/1fC2SlRQ
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
58 B 352ms
352ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/W4te1rLU
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
59 B 356ms
356ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/JjuNQRkG
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
59 B 349ms
349ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/Gvhi3TwY
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
59 B 352ms
351ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/CKok1G0E
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
59 B 353ms
353ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/84MjLCKK
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
58 B 353ms
353ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/xwaaSck0
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
59 B 349ms
349ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/uuq0BQb3
content-length: 17

POST
H2 200 button-render Show response
www.rivers4recovery.org/api/census/ 17 B
59 B 351ms
351ms XHR
application/json 198.49.23.145
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rivers4recovery.org/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-bd388a58725d27de3369b-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.145 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.rivers4recovery.org/
X-CSRF-Token: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: 2ZinnxU1/9bXj4CZx
content-length: 17

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
410 B 182ms
41ms XHR
text/plain 3.74.186.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=www.rivers4recovery.org&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fwww.rivers4recovery.org%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Rivers4Recovery&cms=unknown&publisher=5f442cbd12340c0012eef212&sop=true&version=st_sop.js&lang=en&description=Join%20International%20Rivers%2C%20Rivers%20Without%20Boundaries%2C%20and%20Perangua%20in%20a%20global%20call%20to%20protect%20rivers%20and%20rights%20as%20essential%20for%20a%20just%20and%20green%20recovery.&ua=&ua_mobile=false&ua_full_version_list=

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.74.186.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-74-186-54.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sun, 19 Feb 2023 19:10:37 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://www.rivers4recovery.org
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.14.0/ 134 KB
44 KB 179ms
50ms Script
application/javascript 13.224.189.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-113.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: uQF6CVoMnT1mOHvFavSn8ur6rXtO9Qh9
Content-Encoding: gzip
Via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
Date: Sun, 19 Feb 2023 19:10:37 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 28
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2022 01:07:52 GMT
Server: AmazonS3
ETag: W/"2eb620d1b4f90db03c929f89d188cf80"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: llYc82CnqokQhemQp3fv8gG20DupOZ74XqXjpe4KE8nXa070YYjZoQ==

GET
H2 200 5x27RHx860aXo35-wHaOiA2 Show response
secure.everyaction.com/v1/Forms/ 12 KB
5 KB 543ms
444ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/v1/Forms/5x27RHx860aXo35-wHaOiA2

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8648a7a8b1492a7940802c2b0d0099099cecb68e5a14a48b8b88013980737647

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.rivers4recovery.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 19:10:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 7-94193299-94193304 NNNN CT(86 177 0) RT(1676833837046 42) q(0 0 3 0) r(4 4) U18
content-length: 4025
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rivers4recovery.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true

GET
H2 200 3s7mVOBFJEmpcfDAezAdwA2 Show response
secure.everyaction.com/v1/Forms/ 11 KB
5 KB 500ms
408ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/v1/Forms/3s7mVOBFJEmpcfDAezAdwA2

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a60ef8ba32269996559890d366a67bbcb571dcf59218c3e825c8cb0ad1b3cf76

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.rivers4recovery.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 7-94193299-94193304 PNNN RT(1676833837046 43) q(0 0 3 3) r(4 4) U18
content-length: 3874
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rivers4recovery.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true

GET
H3 200 KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
5 KB 53ms
53ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51f3f41805329fb8341beb56ded833eae6c7a8a1a0a1d7e78960e1390fe928b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 14:17:08 GMT
x-content-type-options: nosniff
age: 190409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5468
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 14:17:08 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
5 KB 53ms
53ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 01:57:49 GMT
x-content-type-options: nosniff
age: 407568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5560
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 01:57:49 GMT

GET
H2 200 floating-cart.4814fbbf54a92e38c18f.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 451 B
461 B 40ms
39ms Script
application/javascript 151.101.0.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.4814fbbf54a92e38c18f.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.44ff1d66174cc80799b6f548cd1732e3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

44730fefcc42a6a30ff8e5e876522fa745b60bf0744414838d9de76eeb705c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-cache-hits: 6, 22693
date: Sun, 19 Feb 2023 19:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 352413
x-cache: HIT, HIT
x-contextid: oPK1wQdd/qON8V75p
content-length: 302
x-served-by: cache-dfw-kdfw8210096-DFW, cache-hhn-etou8220098-HHN
pragma: cache
server: Squarespace
x-timer: S1676833837.233696,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
725 B 164ms
41ms Image
image/svg+xml 2600:9000:21f3:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 10:00:18 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 2452220
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 301
x-amz-cf-id: JztMYwjuwahS5CjFrhBNeFsPf-1TwHljx_uqif-AqPzraej040JCOQ==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 165ms
41ms Image
image/svg+xml 2600:9000:21f3:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 01:32:33 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 2309884
etag: "0af2fb38987598376c99e21af17ade45"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 731
x-amz-cf-id: AJop7MfQTpzxVlR0WfXmP7cli3OodK-WqMzaPFkAp7xvfHzLIiK7Hw==

GET
H2 200 linkedin.svg
platform-cdn.sharethis.com/img/ 456 B
897 B 165ms
42ms Image
image/svg+xml 2600:9000:21f3:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/linkedin.svg

Requested by

Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 01:37:47 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 235986
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 456
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "fa43b4ede18498b114fc7185993f6da7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: -Mrc_4BMR5H4hdpxN6HiJooqAWXY0XPOR9FVgKtB2us4g_HQa-5msg==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
785 B 166ms
43ms Image
image/svg+xml 2600:9000:21f3:be00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/email.svg

Requested by

Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:be00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 01:20:42 GMT
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 668996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 343
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
etag: "5977437466e857c7ddcadda6f6d88c2a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: oR49OvuOluZXP-OY68aTA2YJ149l_cHlZfSn2Z_8j5zSabnDAkOBAw==

GET
H2 200 identity Show response
fastaction.ngpvan.com/api/v1/ 182 B
865 B 428ms
394ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1676833837614=

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

66df3eec5cd79e1a3d825b4d7289821a8f6729408fc98a1e00750088796fc98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 19:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"b6-i9L7utGofgoNG21g54xVGbuNRXw"
x-powered-by: Express, ASP.NET
vary: Accept-Encoding,Accept-Encoding
content-type: text/javascript; charset=utf-8
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo: 2-78714401-78714476 NNNN CT(85 176 0) RT(1676833836664 873) q(0 0 3 0) r(3 3) U4
content-length: 295
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/ 94 KB
95 KB 57ms
56ms Font
application/font-woff2 2600:9000:2251:8000:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/fonts/glyphicons-regular.woff2
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:8000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 09:02:00 GMT
via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 36518
x-cache: Hit from cloudfront
content-length: 96388
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "aca35251952e72d9e32d41217f0f97ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: LXHqNFR8PduxMvtutouCDO3qRXSbDgKlYv7qxHzT3UcJm419MxP-_Q==

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 52ms
52ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,700;1,700&family=Roboto:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rivers4recovery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:58:20 GMT
x-content-type-options: nosniff
age: 425537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 20:58:20 GMT

GET
H2 200 3s7mVOBFJEmpcfDAezAdwA2
secure.everyaction.com/v1/Track/ 0
143 B 138ms
137ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.everyaction.com/v1/Track/3s7mVOBFJEmpcfDAezAdwA2?formSessionId=9bd2e6ee-1c15-4123-86c6-76b7cf991855&bName=chrome&dType=desktop&fUrl=aHR0cHM6Ly93d3cucml2ZXJzNHJlY292ZXJ5Lm9yZy8%3D&fRef=

Requested by

Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Sun, 19 Feb 2023 19:10:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 7-94193299-94193304 PNNN RT(1676833837046 501) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 5x27RHx860aXo35-wHaOiA2
secure.everyaction.com/v1/Track/ 0
119 B 146ms
145ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.everyaction.com/v1/Track/5x27RHx860aXo35-wHaOiA2?formSessionId=86a03661-88d3-422b-ba8e-8681ef637f31&bName=chrome&dType=desktop&fUrl=aHR0cHM6Ly93d3cucml2ZXJzNHJlY292ZXJ5Lm9yZy8%3D&fRef=

Requested by

Host: www.rivers4recovery.org
URL: https://www.rivers4recovery.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rivers4recovery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Sun, 19 Feb 2023 19:10:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 7-94193299-94193304 PNNN RT(1676833837046 529) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.rivers4recovery.org/	1969-12-31 23:59:59	Name: crumb Value: BYa4YQUQAcbCYjhlOGI1NDIyZDFmMTgyYjI3YTg2ZjVkNDIxY2Uz
www.rivers4recovery.org/	1970-01-20 19:23:13	Name: ss_cvr Value: 69b76795-cf4a-422d-b8ad-577c1206fac0\|1676833837007\|1676833837007\|1676833837007\|1
www.rivers4recovery.org/	1970-01-20 09:47:15	Name: ss_cvt Value: 1676833837007
.profile.ngpvan.com/	1970-01-20 09:47:17	Name: TiPMix Value: 75.56521805840232
.profile.ngpvan.com/	1970-01-20 09:47:17	Name: x-ms-routing-name Value: self
.everyaction.com/	1970-01-20 18:31:37	Name: visid_incap_823975 Value: /O769HWtStqsaBsZ8e34YC108mMAAAAAQUIPAAAAAAAiRDrX/bTX9T2+uXM7abLH
.secure.everyaction.com/	1970-01-20 09:47:17	Name: x-ms-routing-name Value: self
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_823975 Value: pUTVfynvFDVk93UZxwoUeQAAAAA0NkRRFbOJXBsb55M8nDlI
.everyaction.com/	1969-12-31 23:59:59	Name: incap_ses_473_823975 Value: Ar8faBS4+UJatMZry2+QBi108mMAAAAA59/DnyPH0QTv2ku39NXawA==
.secure.everyaction.com/	1970-01-20 09:47:17	Name: TiPMix Value: 45.67003399746853

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.squarespace.com
buttons-config.sharethis.com
d3rse9xjbp8270.cloudfront.net
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
images.squarespace-cdn.com
js.verygoodvault.com
l.sharethis.com
platform-api.sharethis.com
platform-cdn.sharethis.com
profile.ngpvan.com
secure.everyaction.com
static1.squarespace.com
www.rivers4recovery.org
13.224.189.113
13.32.27.75
151.101.0.237
151.101.0.238
198.49.23.145
23.50.131.77
2600:9000:20eb:e000:c:abe:f440:93a1
2600:9000:21f3:be00:1d:85c3:6640:93a1
2600:9000:2251:8000:12:303c:8700:21
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2003
3.74.186.54
45.60.33.183
00010b2f3db222fc437b60b2f52a040809b21b18b44d3e9f548dbae2533d1e81
0238bb3cf7480c7d5696f23a8bcdc50d5b33e78374591060226e05c9bc3e2f3d
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
1e6e268b24e232700678bb3606ab94fece471596bbd8633bbc7ec5221df3c3d2
29ef5e7cd56b57ab335d1b0062e4c6a8d1cab1fe267b50bef1c6284f9c344146
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
44730fefcc42a6a30ff8e5e876522fa745b60bf0744414838d9de76eeb705c23
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b9f60e3b786e9991b4c5b035d8b75942c4e0df96270854f50fcb33db6ef5ceb
4c762350bf5dcf159a3adfddb1c33d90a8d85daaf7c5de9ea82b5fd201dd2d5b
51f3f41805329fb8341beb56ded833eae6c7a8a1a0a1d7e78960e1390fe928b6
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75
5672f8c157db43e8f0627053b278d92a205c9604ff727abdea1d44d517ca2a8c
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
6454829f91def11ae630252985f686e8553c439ee0ee4d20b0e6dda0429fd30d
66df3eec5cd79e1a3d825b4d7289821a8f6729408fc98a1e00750088796fc98f
6dc701a3182816f96e0249adfbd83bc4db58308ad73777c7dfc1ab9fa91d2307
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
7a3c9b278b3ae7db31f88840aa9de24cd915775e197162b8a828c495fcde348c
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
8083f0c138361a5fc69501988267c843870b84852254e3208d8aefc2cf9a1088
8648a7a8b1492a7940802c2b0d0099099cecb68e5a14a48b8b88013980737647
87806e4e5cd6c84ec881e8f653231f3bb58893fd7f63fb4681bcd58a3db23651
946d7c6b995aa6c43fecbce40b461be182fecb8902868a1dcd9da455cbb4dc65
9f26e03ee0b34d06c9222301a510846a012b3a1792c8db072b4bcc68d67fe39f
9fca4987bc96c0aa6cc5fb39831cd48be7fcc533d00214f87a0d1564d9d69094
a59acd7a8cbaf68d5d628ac09c501f01a2f3f42c9affa8f3d101f2860d1cc3f7
a60ef8ba32269996559890d366a67bbcb571dcf59218c3e825c8cb0ad1b3cf76
ab472faf3b0d3dacc811aaee545add6f7114d16fb7800c752c39a9493a8e0652
b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
c64f711070e933da40f305b5a5a6098c0c6c6901b51fa4a2ba9274babbc74520
c8e214c8a689800e4083b385274bb0dc12ced5d3e08ec4c4e93da64a56b671a3
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff
cc24dd38ed85a67f17008d33a7131f4103302bd01b11126f9c8c2dcd6ae020e5
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dbb01fa20ed81ec86f470d1dd1472dee31b63ed58d0707d6cabb148e3a846415
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
ddf044aa42a6a947fb98a4cd9066430c377d5468e90d6846fc39550db48adb1b
e252f297cfd817499b708d957f96a49caf09fa50ef4c12aa273f685849bc1e47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

www.rivers4recovery.org Open in urlscan Pro 198.49.23.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

38 %IPv6

10 Domains

15 Subdomains

14 IPs

3 Countries

2221 kBTransfer

7436 kBSize

10 Cookies

10 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rivers4recovery.org Open in urlscan Pro
198.49.23.145 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

38 %
IPv6

10
Domains

15
Subdomains

14
IPs

3
Countries

2221 kB
Transfer

7436 kB
Size

10
Cookies

66 HTTP transactions
2 data transactions