www.api.headwatersforheroes.org Open in urlscan Pro
81.91.178.142 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.api.headwatersforheroes.org/
Submission: On July 25 via api (July 25th 2024, 6:38:49 pm UTC) from US — Scanned from NL

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 44 HTTP transactions. The main IP is 81.91.178.142, located in Amsterdam, Netherlands and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is www.api.headwatersforheroes.org.
TLS certificate: Issued by R10 on July 18th 2024. Valid for: 3 months.

This is the only time www.api.headwatersforheroes.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	81.91.178.142 81.91.178.142	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
7	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:f5cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	172.67.74.110 172.67.74.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:e663	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	66.175.41.113 66.175.41.113	30447 (INFB2-AS) (INFB2-AS)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
44	10

2 81.91.178.142 (Amsterdam, Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm4877054.1nvme.had.wf

www.api.headwatersforheroes.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 172.67.74.110 (United States)

ASN13335 (CLOUDFLARENET, US)

img-fl.nccdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0201.nccdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.nccdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
designs.nccdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:e663 (United States)

ASN13335 (CLOUDFLARENET, US)

instant.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.175.41.113 (Canada)

ASN30447 (INFB2-AS, CA)
PTR: wiredminds.carrierzone.com

count.carrierzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	nccdn.net img-fl.nccdn.net — Cisco Umbrella Rank: 651881 0201.nccdn.net — Cisco Umbrella Rank: 730401 fonts.nccdn.net — Cisco Umbrella Rank: 651362 designs.nccdn.net — Cisco Umbrella Rank: 823003	313 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	246 KB
2	carrierzone.com count.carrierzone.com — Cisco Umbrella Rank: 235437	36 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 1314	59 KB
2	headwatersforheroes.org www.api.headwatersforheroes.org	23 KB
1	instant.page instant.page — Cisco Umbrella Rank: 38837	1 KB
1	gstatic.com fonts.gstatic.com	42 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	924 B
44	8

	Domain	Requested by
12	img-fl.nccdn.net	www.api.headwatersforheroes.org
7	0201.nccdn.net	www.api.headwatersforheroes.org
7	pagead2.googlesyndication.com	www.api.headwatersforheroes.org pagead2.googlesyndication.com
4	designs.nccdn.net	img-fl.nccdn.net
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	count.carrierzone.com	www.api.headwatersforheroes.org
2	fonts.nccdn.net	img-fl.nccdn.net
2	unpkg.com	www.api.headwatersforheroes.org
2	www.api.headwatersforheroes.org	www.api.headwatersforheroes.org
1	instant.page	www.api.headwatersforheroes.org
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.api.headwatersforheroes.org
44	12

This site contains no links.

Subject Issuer	Validity	Valid
api.headwatersforheroes.org R10	`2024-07-18` - `2024-10-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
unpkg.com GTS CA 1P5	`2024-05-30` - `2024-08-28`	3 months	crt.sh
nccdn.net WE1	`2024-07-24` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
instant.page WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
*.carrierzone.com Sectigo RSA Domain Validation Secure Server CA	`2024-06-13` - `2025-06-13`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.api.headwatersforheroes.org/
Frame ID: CD18B7ED3138E647AF1A47EFA67E769A
Requests: 42 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240722/r20110914/zrt_lookup_fy2021.html
Frame ID: 1DD26935AB7DFF152C776B0DE74F29DB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5861136439014984&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720178832&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fwww.api.headwatersforheroes.org%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~27_14~30_19&aiixl=32_9~27_3~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721932724790&bpp=16&bdt=214&idt=268&shv=r20240722&mjsv=m202407220101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=8339007397825&frm=20&pv=2&ga_vid=110773122.1721932725&ga_sid=1721932725&ga_hid=434553297&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95334529%2C95334829%2C95337868%2C95338227%2C95338261%2C95337196%2C31084187%2C95337094%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2501045514813549&tmod=1187343756&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=296
Frame ID: 875C8D06402872AF21AD920AD6417E88
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F00A07755A4355C8FDF5A08F9314644C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Davis Insurance Agency LLP | Insurance Plans Ferriday, LA. Serving Clients in Louisiana and Mississippi

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

44
Requests

98 %
HTTPS

56 %
IPv6

8
Domains

12
Subdomains

10
IPs

4
Countries

781 kB
Transfer

1656 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.api.headwatersforheroes.org/ 135 KB
19 KB 897ms
337ms Document
text/html 81.91.178.142
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://www.api.headwatersforheroes.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 81.91.178.142 Amsterdam, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm4877054.1nvme.had.wf
Software: ddos-guard /
Resource Hash: 15cf25562ec79c8a1feafb385c0189e6fb7d20951548cc6db89c7fbae125c102

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 25 Jul 2024 18:38:44 GMT
etag: W/"21b31-61c7e583f6d3f"
last-modified: Fri, 05 Jul 2024 11:27:12 GMT
server: ddos-guard
vary: Accept-Encoding

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
52 KB 127ms
70ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5861136439014984

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

9f41c45b914f60ce242ada9e8e8cbb9a57c02c35681f384e66b80872fb371cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.api.headwatersforheroes.org/
Origin: https://www.api.headwatersforheroes.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53539
x-xss-protection: 0
server: cafe
etag: 14016171210017927405
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 25 Jul 2024 18:38:44 GMT

GET
H2 200 react.production.min.js Show response
unpkg.com/react@16.14.0/umd/ 12 KB
7 KB 107ms
35ms Script
application/javascript 2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@16.14.0/umd/react.production.min.js

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11579917
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWFH9WQQGYX9QQ3X4B2PXPD-fra
server: cloudflare
etag: "30af-G0yLdpwwlM9Jmz5wcsN3bvOe0C0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a8e44c919404d55-FRA

GET
H2 200 react-dom.production.min.js Show response
unpkg.com/react-dom@16.14.0/umd/ 116 KB
52 KB 117ms
45ms Script
application/javascript 2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11588749
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRW73VQN5BA22Z8KWJK55K8B-fra
server: cloudflare
etag: "1cf80-NADCsuguidx6ZmGXUZs/qIwlw4Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a8e44c9193d4d55-FRA

GET
H3 200 fat_core.EN.js Show response
img-fl.nccdn.net/Shared/Scripts/ 92 KB
30 KB 110ms
54ms Script
application/javascript 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img-fl.nccdn.net/Shared/Scripts/fat_core.EN.js?V=67615d6b

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7135d624e5cb961183767c97e392d4792abf714386f5f4be6c23f1bd3823f558

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59749
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 16 Jul 2024 13:14:33 GMT
server: cloudflare
etag: W/"66967239-170bf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Js1rB3r6w8JTCGKKHwn0dlQjCpdO3vGzS1J5W5pp21fyXUooVy%2FXfItpoCN633aP0ZDuCUEqsS1BdHjoabPchwiW2RoXydD3rEi4vZZohj1hJ2WEKxfE9%2BFHE5volZsmiY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a8e44c90ab7693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 env.js Show response
img-fl.nccdn.net/DataFiles/ 693 B
1 KB 148ms
93ms Script
text/javascript 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img-fl.nccdn.net/DataFiles/env.js?token=eyJkb21haW4iOiJkYXZpc2luc3VyYW5jZWxscC5jb20iLCJwYWdlX25vZGVfaWQiOiIyODg4OTU2MCIsInVzZXJfaWQiOiIzMDgwMjAifQ

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c168e7a166343e881fa62b2bddfd11cc8588d2747e6a3c75121898863586601

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59749
cf-polished: origSize=1094
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 Jul 2024 02:02:55 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKl52ve%2BGQtVuJVR5KxN5eHVDQiT8XQVdvNfghfZOtnpvDfNcRFr8ouatC8mLqCgJMnjW8cEdygURRbafXD4WN1zuVFV44j5m1mpu3eA5QI5PuduxKpqp9SbPyNxR%2Fsqn5A%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a8e44c90aac693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 fat_eua.EN.js Show response
img-fl.nccdn.net/Shared/Scripts/ 88 KB
26 KB 128ms
73ms Script
application/javascript 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img-fl.nccdn.net/Shared/Scripts/fat_eua.EN.js?V=67615d6b

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e73d76edbe35c455543dfaf4f9cb40750a81b08b5d7a373105a627e0e62395

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59749
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 16 Jul 2024 13:14:33 GMT
server: cloudflare
etag: W/"66967239-15fe5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oSPlOBuJvW%2FGhglZ2X1TBWOklgnv30gdrqP7oUUuIokRKXDKm1Jg%2B9ByeH58%2BZ6CjwNppesbKwDvDObnvC44aBkgFBrhEuV9P6sTqTumSpmHvgBEUeUkMzBVJsr%2FetzY7iI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a8e44c90aa9693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 fat_freemona.css
img-fl.nccdn.net/Designs/Freemona/css/ 41 KB
8 KB 148ms
93ms Stylesheet
text/css 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img-fl.nccdn.net/Designs/Freemona/css/fat_freemona.css?V=67615d6b

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f6448cf510b04f63e94746ea1876b17c8d9e517a1f7b8f4e025949a6c68226e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59749
cf-polished: origSize=42200
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 16 Jul 2024 13:13:05 GMT
server: cloudflare
etag: W/"669671e1-a4d8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jZDT6o%2FHAaAR3yg1%2FavZhhTYuAUhFLye%2BM5intQ2FWLBFTGFvAcIG4Pb1OO2oLr%2B%2BJnad1KqvMjS2n7kvgRzjBSidw3iIZ4okxc1zAH%2FG5N1sEmGY5WSUgLDBGUEr9yZ%2FNQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a8e44c90ab2693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H2 200 css
fonts.googleapis.com/ 3 KB
924 B 106ms
31ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Signika:400,600,700

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83bd2427aa1bd8d3bbffe9d27ee7cbde54d149de9ff813e65b5b8489adc500cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jul 2024 18:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jul 2024 18:38:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jul 2024 18:38:44 GMT

GET
H3 200 fat_freemona.js Show response
img-fl.nccdn.net/Designs/Freemona/Scripts/ 6 KB
3 KB 113ms
73ms Script
application/javascript 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img-fl.nccdn.net/Designs/Freemona/Scripts/fat_freemona.js?V=67615d6b

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d09f845fbf3e14f91ecd50b585e79d29b7f66292cf1ddfc81a882cb17eb3234

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59749
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 16 Jul 2024 13:14:23 GMT
server: cloudflare
etag: W/"6696722f-1914"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hXmi3wkjk7KzpaD1vkglRYsGMYes0a%2BmUC4dx1EFA0nSbfLPEzIhSORUer8B%2B6KfrtdcXOwnUevnj8lYW%2FI0%2BgmSvB7qMZqnvZ3KOi%2FwBUdmOh4t%2BHTEeSylDr0%2BKpC2ckw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a8e44c90aa8693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H2 200 LOGO.png
www.api.headwatersforheroes.org/ 4 KB
4 KB 109ms
103ms Image
image/png 81.91.178.142
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.api.headwatersforheroes.org/LOGO.png
Requested by: Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 81.91.178.142 Amsterdam, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: vm4877054.1nvme.had.wf
Software: ddos-guard /
Resource Hash: 10eb5f8a5f7b4e5853ed77c0a847061362bae1ebc404b0f43f42f248ae996b38

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
last-modified: Wed, 29 May 2024 13:19:52 GMT
server: ddos-guard
etag: "66572b78-10e6"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4326
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fat_display.EN.js Show response
img-fl.nccdn.net/Core/Site/Logo/Scripts/ 6 KB
3 KB 85ms
84ms Script
application/javascript 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img-fl.nccdn.net/Core/Site/Logo/Scripts/fat_display.EN.js?V=67615d6b

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa9cb6d1396307e80d5fb0e99c874cc9111be0204dec4a179dbd74722e732418

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59748
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 16 Jul 2024 13:14:33 GMT
server: cloudflare
etag: W/"66967239-1680"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dUJyLYXZXriaFW6gJvCqPV%2Bur%2F8fHhmfGdLdJozFtmJeV%2BuxrFjbNAjtzCilZLtUjUd5iiGaeSL85k64W%2B2dp2h3EkyYES%2FKPIWE9G3euSFhXz3aR2mqE73HIhjmOYk6rTI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a8e44ca0bd9693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 fat_display.js Show response
img-fl.nccdn.net/Core/Elements/TextAndImage/Scripts/ 9 KB
3 KB 134ms
94ms Script
application/javascript 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img-fl.nccdn.net/Core/Elements/TextAndImage/Scripts/fat_display.js?V=67615d6b

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac58332c31b1359f15ec1e6e7a735a009d1751ed89683472d16cbbd4d81b7711

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59749
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 16 Jul 2024 13:13:50 GMT
server: cloudflare
etag: W/"6696720e-22ea"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=13M10Ets4osDaMZuaS8gUSNitxl4ndBzZdLT8go6T5Hs1y5yJthyzomwphw4rPvpgNm5J5vsOkSPCxbs9I73kmKH3afVw8lt9IxaCyha0DPMQ86VvXaVAlZClJHWbJecEzM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a8e44c90ab6693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 blank.gif
img-fl.nccdn.net/Shared/Images/ 43 B
675 B 58ms
58ms Image
image/gif 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-fl.nccdn.net/Shared/Images/blank.gif?V=67615d6b

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59748
cf-polished: origSize=49, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 43
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 Jul 2024 10:46:29 GMT
server: cloudflare
etag: "66964f85-31"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4wSKD1m5mGfCAAwkzC0h9nNye9%2B%2BbQo6CRDVMK1exkLcICB6f%2F85FWdZTfy8SL03j2OmZrrtdnwEbM9M%2B6Lhk3qT9XQ8ILITmjhg0cXBgt1hf1VpgSCf7uwQ8w7XJaf04k%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a8e44c98b25693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 fat_display.EN.js Show response
img-fl.nccdn.net/Core/Elements/SectionGroup/Section/Scripts/ 18 KB
5 KB 68ms
65ms Script
application/javascript 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img-fl.nccdn.net/Core/Elements/SectionGroup/Section/Scripts/fat_display.EN.js?V=67615d6b

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcb5da0b49e646227df3312103db192f65543f8d27c964b7ac92bf81adb2093a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59748
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 16 Jul 2024 13:14:33 GMT
server: cloudflare
etag: W/"66967239-4641"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P01Z6p4Md%2FlufZrinnnc%2BhE5xUI0Bx8wVsDbrdSNBUNKC4%2BYK6M1HK4tYqcFt%2FnTVB2MCUy13q0XgAQ9110o%2FhabVtGH%2FY62Soo6LCIERtH2Nu%2Bg7xwxFDLwgEcpDIV3xOo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a8e44ca1be5693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 fat_display.js Show response
img-fl.nccdn.net/Core/Elements/SectionGroup/Scripts/ 22 KB
6 KB 58ms
55ms Script
application/javascript 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img-fl.nccdn.net/Core/Elements/SectionGroup/Scripts/fat_display.js?V=67615d6b

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c39c1f6facf14e08ca6ba01e6f9138b60380361837aa3866f5a87fba4985f7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59748
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 16 Jul 2024 13:13:49 GMT
server: cloudflare
etag: W/"6696720d-5678"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ymCtj06OQ2kWoGDxRlWIkGM2KrH8WBEC2XsV%2FPoqOJEyz%2FMN49zk094boQjzG1JKNjgPrP67VXKj4E%2BWWphqcL9gIK5Ai0x40SfYItej%2FhcRI07ZAfTSaz9DLKOJP21oP%2BA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a8e44ca1be8693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 fat_styles.css
img-fl.nccdn.net/Core/Elements/SectionGroup/css/ 9 KB
2 KB 65ms
65ms Stylesheet
text/css 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img-fl.nccdn.net/Core/Elements/SectionGroup/css/fat_styles.css?V=67615d6b

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4e129888e2f1cd9eb91115f95ff76afa89ff4f842af12c32be9a39764aff79b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59748
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 16 Jul 2024 13:13:02 GMT
server: cloudflare
etag: W/"669671de-24d3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8qom86tIxv2sXQ9hVSifmcZ4HS0xyqsJ%2BwaubsUE978z8zUqLHCw4FTfhpj%2F6fKelJZvHfetDOgQQy1yD4H4pv5NrxkCAnyLb3Z23HANeaTIrgfy2IRMQaIZglXQAIIiiww%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a8e44ca0bd6693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 office2-320x240.jpg
0201.nccdn.net/1_2/000/000/18e/3c2/ 12 KB
13 KB 111ms
98ms Image
image/jpeg 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0201.nccdn.net/1_2/000/000/18e/3c2/office2-320x240.jpg

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6722ff96992c7435ec3a2bc059b16b5277c2e4f4d8d5c841ee4d4d7b8960f8a2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59748
cf-polished: origSize=13350, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 12687
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Jun 2016 19:53:34 GMT
server: cloudflare
etag: "575877be-3426"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0OkGAbZ5cnTYkZZo%2BOXbyZx4wOcuvUBxtRhJmPBq7aLh6y7DmraGcMRRCwPUEJC%2B1Qipls8GfSPRb6rF6PGb9khdjAeJxYC4omavQJrqmfczEzx6rlsomP4rVQwnJQkC"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a8e44ca2c07693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 address2.png
0201.nccdn.net/4_2/000/000/023/130/ 1 KB
2 KB 108ms
96ms Image
image/webp 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0201.nccdn.net/4_2/000/000/023/130/address2.png

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d7568ccaf09d2b4c397127d968b46802f900abf9e3ace43b6d2b4bed775c98b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59748
cf-polished: origFmt=png, origSize=2491
content-disposition: inline; filename="address2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1024
cf-bgj: imgq:85,h2pri
last-modified: Wed, 25 May 2016 16:20:23 GMT
server: cloudflare
etag: "5745d0c7-9bb"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMtr1EksqWT1qqcmaCS6l5XN6e16kCCzbtAZxs8XN2NlROA9GeV1T3ct45mDEAHmlQRVuWOhbM3bucxuqkzj3u5%2B8NuWn1AonfUJMFPqQaqaOGngw6DQbpT7qcfE9%2BZt"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a8e44ca2c09693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 phone-icon.png
0201.nccdn.net/1_2/000/000/136/614/ 2 KB
3 KB 110ms
98ms Image
image/webp 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0201.nccdn.net/1_2/000/000/136/614/phone-icon.png

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77da44772722d64cef9edb8bb535c949a4525fda243d097f9798bc26633b58eb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59748
cf-polished: origFmt=png, origSize=7581
content-disposition: inline; filename="phone-icon.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2204
cf-bgj: imgq:85,h2pri
last-modified: Wed, 25 May 2016 06:44:06 GMT
server: cloudflare
etag: "574549b6-1d9d"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zs5AqsX5%2Bwj%2FMqSb7Ac3oF1FSkdb%2Fuf1mm5Pnic85TK8u2jDuvkaFFxGdoZtXzLKas2lWm%2BT0OvjN0aHTJlZwPKoqywQbaQo9WvCU4%2BTs0ir8jowZXmnc%2Bh8i2A67FeI"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a8e44ca2c04693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 fax-icon.png
0201.nccdn.net/1_2/000/000/14a/f0a/ 2 KB
3 KB 101ms
90ms Image
image/webp 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0201.nccdn.net/1_2/000/000/14a/f0a/fax-icon.png

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d9daedb70021798a7f8ab55d203aadd7c96e72c7de93cfccc65b93557c5aa03

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59748
cf-polished: origFmt=png, origSize=8000
content-disposition: inline; filename="fax-icon.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2468
cf-bgj: imgq:85,h2pri
last-modified: Wed, 25 May 2016 06:44:28 GMT
server: cloudflare
etag: "574549cc-1f40"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLWXEgI1miV8fAiH%2Ffz%2BbagNZEGOC%2FVaxeul7svkH1niaDYiG%2FHp7U6Pq0cCRNx686hzyQbupvyXbWYgP1pVZSsRjUA4tUmGp%2FJujWpdusaLJhtp%2BFwtVZ8fSTIMMX8u"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a8e44ca2c01693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 email.png
0201.nccdn.net/1_2/000/000/155/c18/ 2 KB
3 KB 100ms
90ms Image
image/webp 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0201.nccdn.net/1_2/000/000/155/c18/email.png

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7c2b125ddc6be2b20859855b3d84bad729a21c8a28b22bb364ed04066612594

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59748
cf-polished: origFmt=png, origSize=7746
content-disposition: inline; filename="email.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2410
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Jun 2016 11:23:48 GMT
server: cloudflare
etag: "5756aec4-1e42"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MlPmCgyx1GA1Ht4aMpuHHLElyVE7mFRpZL5NEgRY1NpJ%2B9XRDY0jA5ZkbNaLTJ3jHD%2B7V6R1nGefRwOp3fnOFJSsGj754JrzbhmV%2F2XDYEHtHfSEpmSEDKDIi7pUmt9O"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a8e44ca2bfc693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407220101/ 88 KB
31 KB 103ms
60ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407220101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5861136439014984

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7e44e1c3fb1fd2ccbc4a9f96834395b808cb595a7394c524feefb7fd7e8cc603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31521
x-xss-protection: 0
server: cafe
etag: 29008103776887456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 18:38:44 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407220101/ 424 KB
143 KB 133ms
92ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5861136439014984&plah=www.api.headwatersforheroes.org&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5861136439014984

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8d3de5771c777312d06160aab86cee73ea69149f161e4d85eca954f61090a379

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146396
x-xss-protection: 0
server: cafe
etag: 789070032643155626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 Jul 2024 18:38:44 GMT

GET
H3 200 Angelina-Regular.css
fonts.nccdn.net/Angelina/ 50 KB
38 KB 102ms
89ms Stylesheet
text/css 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.nccdn.net/Angelina/Angelina-Regular.css
Requested by: Host: img-fl.nccdn.net
URL: https://img-fl.nccdn.net/Shared/Scripts/fat_eua.EN.js?V=67615d6b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 586265c3db72f4dada2beed873578c37f1a9ecd494cd48d6dc570d37014ce3d4

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 551362
cf-polished: origSize=51715
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 26 Feb 2024 08:24:48 GMT
server: cloudflare
etag: W/"65dc4ad0-ca03"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aKgsaWoxYmK5cJewAEb5J0MDrGdB16OnI%2Bs7yOOOvnl4m3eai093b%2F0Rqnm8rfKPTBB87OXVMfBJTzWmzkVilbTL1CH8HFC7G3C3X433gCW6IfKaFR3DtiAjjE6DDzvsCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a8e44ca2bf8693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 OpenSans.css
fonts.nccdn.net/OpenSans/ 81 KB
61 KB 78ms
67ms Stylesheet
text/css 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.nccdn.net/OpenSans/OpenSans.css
Requested by: Host: img-fl.nccdn.net
URL: https://img-fl.nccdn.net/Shared/Scripts/fat_eua.EN.js?V=67615d6b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 686147df8efe2e22fb49b3cd0db50b01df2f8681c708a5595c9978dc7d3c3c02

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 584275
cf-polished: origSize=82683
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 26 Feb 2024 08:24:49 GMT
server: cloudflare
etag: W/"65dc4ad1-142fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PA0RsDryTUfstUILOlwGhzv4XgY8wMB5TQl%2Bg01cthRvpVBJiZqM5saokckIptHAH8VryeNe%2BUfwXstHgAoO2vo5fcCPYOZQDLE%2Fqj%2BhPoC4ehfn%2FSbNES3oOKDxQjCn8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a8e44ca2bf5693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 banner1.jpg
0201.nccdn.net/1_2/000/000/0cb/70d/ 43 KB
44 KB 108ms
106ms Image
image/webp 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0201.nccdn.net/1_2/000/000/0cb/70d/banner1.jpg

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

468f1400f58967019cfdee303f4dbf1dfb23fb2829435842d4fccfb862421150

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59748
cf-polished: qual=85, origFmt=jpeg, origSize=91771
content-disposition: inline; filename="banner1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 44024
cf-bgj: imgq:85,h2pri
last-modified: Wed, 25 May 2016 06:08:52 GMT
server: cloudflare
etag: "57454174-1667b"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QdllPqoixEpW6fq8S3aFKWhKTAdZNqV1a5qpXw%2FO2z8aB68aGS1FzrHl%2BaUa%2F2d9Pi1Qx%2FbNwoQkPUQRzfqf%2Fl09a1iEdFv92pML1Cgq%2Bas8Zs2OnDVkR9NLQPYiYZ1H"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a8e44ca2c0c693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 gradient-dark-left.png
designs.nccdn.net/Common/HorizontalLine/ 114 B
660 B 115ms
100ms Image
image/png 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://designs.nccdn.net/Common/HorizontalLine/gradient-dark-left.png
Requested by: Host: img-fl.nccdn.net
URL: https://img-fl.nccdn.net/Designs/Freemona/css/fat_freemona.css?V=67615d6b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e37adb70202e3e7068ab088be00fbed3cd524a5ec74dfea68e2007e928e5bcd

Request headers

Referer: https://img-fl.nccdn.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 380804
cf-polished: origSize=976, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 114
cf-bgj: imgq:85,h2pri
last-modified: Mon, 15 Jul 2024 05:16:34 GMT
server: cloudflare
etag: "6694b0b2-3d0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DehIsvfxTVuIGcGbWa6O%2BtWhjd%2BbIfeeV8W%2FfCCWhHUDy30ujRWjZSHENr%2Bs4mGfI0jch5M%2Fjm110RtyeNe%2Flfe546Zjd%2B6r90yqktpV1Kv2kbbCCifzj33iQFysvix7zGTO"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a8e44ca4c1a693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 gradient-dark-right.png
designs.nccdn.net/Common/HorizontalLine/ 117 B
660 B 115ms
100ms Image
image/png 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://designs.nccdn.net/Common/HorizontalLine/gradient-dark-right.png
Requested by: Host: img-fl.nccdn.net
URL: https://img-fl.nccdn.net/Designs/Freemona/css/fat_freemona.css?V=67615d6b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab9d3b3c78d7b32439010914e433cdddab3f83f737cf7610d049bf87d716cd2

Request headers

Referer: https://img-fl.nccdn.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 116973
cf-polished: origSize=980, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 117
cf-bgj: imgq:85,h2pri
last-modified: Mon, 22 Jul 2024 05:10:33 GMT
server: cloudflare
etag: "669de9c9-3d4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DsDmhbyoJjgBG%2BuaOdyji%2BqUWK3F0rpOAxuUYfh1NT9lkg8L1zyY3Icc1CDFXCfcsZ3zYE4a%2BB89w00SuGNfdQ98l72D0%2B81%2FbnTziuB8uWZzWOl4PCihjOMKkCjB37A88zQ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a8e44ca4c1d693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 parallax.jpg
0201.nccdn.net/1_2/000/000/176/a0e/ 55 KB
56 KB 99ms
99ms Image
image/webp 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0201.nccdn.net/1_2/000/000/176/a0e/parallax.jpg

Requested by

Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc647b33000fda79e12ee364f02aa2e735cae29dd90edc0eee6665fb4101eb3b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59748
cf-polished: qual=85, origFmt=jpeg, origSize=150694
content-disposition: inline; filename="parallax.webp"
alt-svc: h3=":443"; ma=86400
content-length: 56210
cf-bgj: imgq:85,h2pri
last-modified: Wed, 25 May 2016 07:42:43 GMT
server: cloudflare
etag: "57455773-24ca6"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjmukqQwWeuCePfBA9a5UKMBoIr7DW4yvc8zWUgPgMZXtqTviPEq%2Fq9Sq9gxAZ8KqjaHY%2F4%2BHi%2FXVW%2BXuj4UC%2F%2BbbwOJoWZtJvaJNjHi%2BQBurC%2FZ%2Bda%2FeF5bDdRUtnf3"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a8e44ca4c1f693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H2 200 vEFO2_JTCgwQ5ejvMV0Ox_Kg1UwJ0tKfX6bBjM4.woff2
fonts.gstatic.com/s/signika/v25/ 41 KB
42 KB 79ms
26ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/signika/v25/vEFO2_JTCgwQ5ejvMV0Ox_Kg1UwJ0tKfX6bBjM4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Signika:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62ed24193dec79bf10b6e96ef38c2f63a9cbc8f5ec4413bf26f4c3d81401b478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.api.headwatersforheroes.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 21:46:26 GMT
x-content-type-options: nosniff
age: 247938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42304
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:47:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Jul 2025 21:46:26 GMT

GET
H3 200 gradient-light-left.png
designs.nccdn.net/Common/HorizontalLine/ 103 B
646 B 63ms
63ms Image
image/png 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://designs.nccdn.net/Common/HorizontalLine/gradient-light-left.png
Requested by: Host: img-fl.nccdn.net
URL: https://img-fl.nccdn.net/Designs/Freemona/css/fat_freemona.css?V=67615d6b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37d6a1affa4430ae68e9661f8c401922ebeaa5287f86e149265dbd398855569c

Request headers

Referer: https://img-fl.nccdn.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 586813
cf-polished: origSize=963, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 103
cf-bgj: imgq:85,h2pri
last-modified: Mon, 15 Jul 2024 05:16:34 GMT
server: cloudflare
etag: "6694b0b2-3c3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OR5QAPh9%2B1kst%2BU2ArvtXBhPXXGfRwGd77WVViwplMpDdeOyHvpmZL7MNdLWL8jROyKqlsjPBVQZmcbIKi1HnYSX0%2BhOKM0bihRsE8lthU3LTlN1dSPpoftXfvvZ1ZnLhzml"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a8e44ca8c66693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H3 200 gradient-light-right.png
designs.nccdn.net/Common/HorizontalLine/ 107 B
680 B 73ms
73ms Image
image/webp 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://designs.nccdn.net/Common/HorizontalLine/gradient-light-right.png
Requested by: Host: img-fl.nccdn.net
URL: https://img-fl.nccdn.net/Designs/Freemona/css/fat_freemona.css?V=67615d6b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aaebe5e89139d5c8dc8ee638d1a17bbb96dc24c655380a7707d507c9aa16dfd

Request headers

Referer: https://img-fl.nccdn.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 129912
cf-polished: origFmt=png, origSize=967
content-disposition: inline; filename="gradient-light-right.webp"
alt-svc: h3=":443"; ma=86400
content-length: 107
cf-bgj: imgq:85,h2pri
last-modified: Mon, 22 Jul 2024 05:10:33 GMT
server: cloudflare
etag: "669de9c9-3c7"
vary: Accept
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LxCGxofq65bstOG0nfz2jyzBiCojzGrI1vlGtZbKB80aGy%2FABnDNejlHlaRzC92wTwkVnw41WVavhmn9H8vgPsFjq0XQFPxYHRbvkEpHQU0ZSdXbqKot7NFw1Pp%2Bn6f9vUo3"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8a8e44ca8c6e693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
DATA 200
OK truncated
/ 60 KB
60 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 706d4a2198a3bd5775565973fa96f23e99ba7617fb6ed627098b55c0476f9fc4

Request headers

Referer
Origin: https://www.api.headwatersforheroes.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240722/r20110914/ Frame 1DD2 0
0 65ms
20ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240722/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5861136439014984&plah=www.api.headwatersforheroes.org&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.api.headwatersforheroes.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age: 71841
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4142
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jul 2024 22:41:24 GMT
etag: 2738592464165616
expires: Wed, 07 Aug 2024 22:41:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 875C 0
0 64ms
45ms Document
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5861136439014984&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720178832&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fwww.api.headwatersforheroes.org%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_18~27_14~30_19&aiixl=32_9~27_3~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1721932724790&bpp=16&bdt=214&idt=268&shv=r20240722&mjsv=m202407220101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=8339007397825&frm=20&pv=2&ga_vid=110773122.1721932725&ga_sid=1721932725&ga_hid=434553297&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95334529%2C95334829%2C95337868%2C95338227%2C95338261%2C95337196%2C31084187%2C95337094%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2501045514813549&tmod=1187343756&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=296

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.api.headwatersforheroes.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jul 2024 18:38:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5861136439014984
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 5.1.0 Show response
instant.page/ 3 KB
1 KB 88ms
30ms Script
text/javascript 2606:4700::6813:e663
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://instant.page/5.1.0
Requested by: Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:e663 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f

Request headers

Referer: https://www.api.headwatersforheroes.org/
Origin: https://www.api.headwatersforheroes.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:45 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 8a8e44ccbce36aec-FRA

GET
H/1.1 200
OK count.js Show response
count.carrierzone.com/track/ 35 KB
35 KB 549ms
124ms Script
text/javascript 66.175.41.113
INFB2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://count.carrierzone.com/track/count.js
Requested by: Host: www.api.headwatersforheroes.org
URL: https://www.api.headwatersforheroes.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.175.41.113 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS: wiredminds.carrierzone.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f418e6b5416f03cbc22b24f481582e2d55ee0f7ca6989c562b59f12c9229214e

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Jul 2024 18:38:40 GMT
Last-Modified: Fri, 08 Jun 2012 10:17:02 GMT
Server: Apache/2.2.15 (CentOS)
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 36029

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 66ms
65ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240722&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8e904228a010bb6c193ecc08a4ee609fb4fafc3b1e9b8b54ae9ef3735e4f50aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0

GET
H3 200 favicon.ico
img-fl.nccdn.net/Shared/Html/ 318 B
698 B 48ms
47ms Other
image/x-icon 172.67.74.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://img-fl.nccdn.net/Shared/Html/favicon.ico?V=67615d6b

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.110 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

467f3d85cdf7bf5b57cb7eb270fd99c628bdc8d688b2132cc203229e311eb609

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none';
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 59747
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 Jul 2024 10:46:29 GMT
server: cloudflare
etag: W/"66964f85-13e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/x-icon
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iDjMX5TDYal%2FavI2HUio%2FKI0K0W1IgrBSKrv4mG1y%2Fr4tO9xft5Z1Jdf3k2Yr%2FKcHYB%2F4xShpQ4t50hhtl6lAA%2BbQq9ApBZFMDIIqIvpp%2FRxO5THMqHztasWNkVhP54Eux4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 8a8e44cc6ede693a-FRA
access-control-allow-headers: accept, x-request, x-requested-with

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 169ms
38ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 18:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Jul 2024 18:38:45 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F00A 0
0 68ms
20ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.api.headwatersforheroes.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 150938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jul 2024 00:43:07 GMT
expires: Thu, 24 Jul 2025 00:43:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK ctin.php
count.carrierzone.com/track/ 42 B
609 B 156ms
155ms Image
image/gif 66.175.41.113
INFB2-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://count.carrierzone.com/track/ctin.php?t=1721932725980&custnum=5982069590e03583&sname=www.api.headwatersforheroes.org&pagename=&group=&version=%24Rev%3A%207840%20%24&js=1&jv=0&resolution=1600x1200&color_depth=24&referrer=&page_url=https%253A%252F%252Fwww.api.headwatersforheroes.org%252F&plugins=PDF%20Viewer%3BChrome%20PDF%20Viewer%3BChromium%20PDF%20Viewer%3BMicrosoft%20Edge%20PDF%20Viewer%3BWebKit%20built-in%20PDF%3B
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.175.41.113 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS: wiredminds.carrierzone.com
Software: Apache/2.2.15 (CentOS) / PHP/5.2.17
Resource Hash: 5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947

Request headers

Referer: https://www.api.headwatersforheroes.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jul 2024 18:38:40 GMT
Last-Modified: Thu, 25 Jul 2024 18:38:40 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.2.17
P3P: CP="NOI NID ADMa OUR IND UNI COM NAV"
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=10, max=99
Content-Length: 42
Expires: Thu, 01 Jan 1970 01:23:45 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240722&jk=2501045514813549&bg=!Dg2lDULNAAYaZPuaOmQ7ADQBe5WfOHuQBHZmCqsAhWVPFAGuoQdjupRdp7jkO5pVYdILaXdWTxWgXJ691rb_8kVXQNF7AgAAAMRSAAAABGgBB34ANiYv7QlTNpqDISCJBqCiaqMYAjbc1iyZPCeTwKHqPN0rH1fKh-rD5R2jcB1myvPYqZ_l2aLufpkCyGFtah-PZt5mxtC0CCKvzdc3kLoEC4pmuraGLq28CnZya92WwoCri5ggw-F0pJoErmcw9rjpBOP9LJG8rP-BuHnq4Dp6EIEkGnzosyBj-yh2g8LdNs3Y1VkdClMEyl-GlQn96dR6wHdxUBH7UJ48STOS-XLGzKmIhfzgDO52YTXHRFKw7RSoriN6_pLmtqeu-kU0UDsYo05f07g2dnx368FxzJNnZQ3YEXEUcy0LLM2fyC9Vkiv-DUjbaQOncFspZQrwZ0vSKWM3SHcvd2P0u0kZrdUyteJLrSY9BNXHApgtbqH-zBvBxdby8F9JzArn09yEAaW0xmYXpFOwWUuFT0V_jgN_bRkeKXMHohtctTFLAkRC1t2Jss3uqqxdub1gMHQe-RWIPJXc6rEwkfBpYuXkcH0JHyHKcLKjAf9tzS0WyfDU1lX21YgRlFoNXPdTf4AdPPACH4qcmE9-MlzklXoW4WTQQVaLxMsSBhzhmzIcmBRqoQxlgc8I-xCLhpzvuA_BRjF7-foymckhMUKps1CKnpTfU85EjbSYniIsK8QB_2MT3DcR9n9_Lgxd5g8uV1VZCzw5grnI317xTBUN-CGhN0xRKfKI9dB1STtf2zRTfNlsnranQg4jddOU-Qu8t8dvi7JK7u6Lz85welSMeSKB1tjXZmsOQP-rJtavQ4WL631m8qZUQUwwCSha9zS4LG8RsbXYDodt-QGw0unIqJyauL0gN7qzOGCF6xOEtWq4XgXpDmxrvsnTJpwcqfjWRRKyvizM-d2aSBnkBDoLlHX1_lLM5A1ZzE49mEPELJYPlCYTwanqrvAOVS12kdwB3Y8S8WvxgRTn7Ib8TQ6bgcB3vq4O08ucT-cpQvYJVLfUlGtxmvxYqMket6rrgg4WoioF8szyS3ZsGvrmu60ANUqDQPeypc7sZkMM37Eg1Vjj2BBg6AtdGMw

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.headwatersforheroes.org/	1970-01-21 07:04:28	Name: __ddg1_ Value: F8G4nWP4A5hCSygNiZxc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0201.nccdn.net
count.carrierzone.com
designs.nccdn.net
fonts.googleapis.com
fonts.gstatic.com
fonts.nccdn.net
img-fl.nccdn.net
instant.page
pagead2.googlesyndication.com
tpc.googlesyndication.com
unpkg.com
www.api.headwatersforheroes.org
pagead2.googlesyndication.com
142.250.186.130
172.67.74.110
2606:4700::6811:f5cb
2606:4700::6813:e663
2a00:1450:4001:81d::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
66.175.41.113
81.91.178.142
10eb5f8a5f7b4e5853ed77c0a847061362bae1ebc404b0f43f42f248ae996b38
15cf25562ec79c8a1feafb385c0189e6fb7d20951548cc6db89c7fbae125c102
1d7568ccaf09d2b4c397127d968b46802f900abf9e3ace43b6d2b4bed775c98b
2d09f845fbf3e14f91ecd50b585e79d29b7f66292cf1ddfc81a882cb17eb3234
2d9daedb70021798a7f8ab55d203aadd7c96e72c7de93cfccc65b93557c5aa03
2f6448cf510b04f63e94746ea1876b17c8d9e517a1f7b8f4e025949a6c68226e
37d6a1affa4430ae68e9661f8c401922ebeaa5287f86e149265dbd398855569c
467f3d85cdf7bf5b57cb7eb270fd99c628bdc8d688b2132cc203229e311eb609
468f1400f58967019cfdee303f4dbf1dfb23fb2829435842d4fccfb862421150
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
4ab9d3b3c78d7b32439010914e433cdddab3f83f737cf7610d049bf87d716cd2
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
586265c3db72f4dada2beed873578c37f1a9ecd494cd48d6dc570d37014ce3d4
59e73d76edbe35c455543dfaf4f9cb40750a81b08b5d7a373105a627e0e62395
5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
5e37adb70202e3e7068ab088be00fbed3cd524a5ec74dfea68e2007e928e5bcd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ed24193dec79bf10b6e96ef38c2f63a9cbc8f5ec4413bf26f4c3d81401b478
6722ff96992c7435ec3a2bc059b16b5277c2e4f4d8d5c841ee4d4d7b8960f8a2
686147df8efe2e22fb49b3cd0db50b01df2f8681c708a5595c9978dc7d3c3c02
706d4a2198a3bd5775565973fa96f23e99ba7617fb6ed627098b55c0476f9fc4
7135d624e5cb961183767c97e392d4792abf714386f5f4be6c23f1bd3823f558
77da44772722d64cef9edb8bb535c949a4525fda243d097f9798bc26633b58eb
7e44e1c3fb1fd2ccbc4a9f96834395b808cb595a7394c524feefb7fd7e8cc603
83bd2427aa1bd8d3bbffe9d27ee7cbde54d149de9ff813e65b5b8489adc500cb
8c168e7a166343e881fa62b2bddfd11cc8588d2747e6a3c75121898863586601
8d3de5771c777312d06160aab86cee73ea69149f161e4d85eca954f61090a379
8e904228a010bb6c193ecc08a4ee609fb4fafc3b1e9b8b54ae9ef3735e4f50aa
9aaebe5e89139d5c8dc8ee638d1a17bbb96dc24c655380a7707d507c9aa16dfd
9f41c45b914f60ce242ada9e8e8cbb9a57c02c35681f384e66b80872fb371cfb
aa9cb6d1396307e80d5fb0e99c874cc9111be0204dec4a179dbd74722e732418
ac58332c31b1359f15ec1e6e7a735a009d1751ed89683472d16cbbd4d81b7711
bcb5da0b49e646227df3312103db192f65543f8d27c964b7ac92bf81adb2093a
d0c39c1f6facf14e08ca6ba01e6f9138b60380361837aa3866f5a87fba4985f7
dc647b33000fda79e12ee364f02aa2e735cae29dd90edc0eee6665fb4101eb3b
e7c2b125ddc6be2b20859855b3d84bad729a21c8a28b22bb364ed04066612594
f418e6b5416f03cbc22b24f481582e2d55ee0f7ca6989c562b59f12c9229214e
f4e129888e2f1cd9eb91115f95ff76afa89ff4f842af12c32be9a39764aff79b
fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f

www.api.headwatersforheroes.org Open in urlscan Pro 81.91.178.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

56 %IPv6

8 Domains

12 Subdomains

10 IPs

4 Countries

781 kBTransfer

1656 kBSize

1 Cookies

0 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.api.headwatersforheroes.org Open in urlscan Pro
81.91.178.142 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

56 %
IPv6

8
Domains

12
Subdomains

10
IPs

4
Countries

781 kB
Transfer

1656 kB
Size

1
Cookies

44 HTTP transactions
1 data transactions