urlscan.io logo urlscan.io
SecurityTrails logo

citizens.giveterra.com Open in urlscan Pro
2606:4700:3030::681c:10e1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://crushcovidphx.com/
Effective URL: https://citizens.giveterra.com/campaign/2116634053
Submission: On May 27 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3030::681c:10e1, located in United States and belongs to CLOUDFLARENET, US. The main domain is citizens.giveterra.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 25th 2020. Valid for: 7 months.
This is the only time citizens.giveterra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.168.131.241 26496 (AS-26496-...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 151.139.128.8 20446 (HIGHWINDS3)
1 23.111.9.35 33438 (HIGHWINDS2)
4 2a01:4a0:1338... 201011 (NETZBETRI...)
1 2a00:1450:400... 15169 (GOOGLE)
3 13.224.95.97 16509 (AMAZON-02)
1 2a02:26f0:10:... 20940 (AKAMAI-ASN1)
1 1 23.23.254.53 14618 (AMAZON-AES)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
19 9
1    184.168.131.241 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
crushcovidphx.com
4    2606:4700:3030::681c:10e1 (United States)

ASN13335 (CLOUDFLARENET, US)
citizens.giveterra.com
2    151.139.128.8 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
pro.fontawesome.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
4    2a01:4a0:1338:28::c38a:ff0a (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)
use.typekit.net
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    13.224.95.97 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-97.zrh50.r.cloudfront.net
js.stripe.com
1    2a02:26f0:10:2a9::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
p.typekit.net
1    23.23.254.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-254-53.compute-1.amazonaws.com
source.unsplash.com
1    2a04:4e42:1b::720 (Ascension Island)

ASN54113 (FASTLY, US)
images.unsplash.com
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
4 use.typekit.net citizens.giveterra.com
4 citizens.giveterra.com citizens.giveterra.com
3 js.stripe.com citizens.giveterra.com
js.stripe.com
2 www.google-analytics.com www.googletagmanager.com
citizens.giveterra.com
2 pro.fontawesome.com citizens.giveterra.com
1 images.unsplash.com citizens.giveterra.com
1 source.unsplash.com 1 redirects
1 p.typekit.net citizens.giveterra.com
1 www.googletagmanager.com citizens.giveterra.com
1 use.fontawesome.com citizens.giveterra.com
1 crushcovidphx.com 1 redirects
19 11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
citizenschurchphoenix.org
citizens.churchcenter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-25 -
2020-10-09		 7 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA		 2020-01-28 -
2022-02-01		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2020-05-14 -
2020-10-07		 5 months crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh
imgix2.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-11 -
2020-07-11		 a year crt.sh

This page contains 3 frames:

Primary Page: https://citizens.giveterra.com/campaign/2116634053
Frame ID: 09E030BF4086BA08EF8B71B5C2D00C0F
Requests: 17 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-8eaa7493dcc5b9b4300acef47ba09867.html
Frame ID: 1F34BEE9BAE3F6A9D9781B0EA74E2024
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
Frame ID: 46716033C405BBCF60E2A533DF712E05
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://crushcovidphx.com/ HTTP 301
    https://citizens.giveterra.com/campaign/2116634053 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

19
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

11
Subdomains

9
IPs

3
Countries

577 kB
Transfer

1447 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://crushcovidphx.com/ HTTP 301
    https://citizens.giveterra.com/campaign/2116634053 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://source.unsplash.com/PZjF2Hkv6Xo/1600x550 HTTP 302
  • https://images.unsplash.com/photo-1575499032276-a51e58f176bb?ixlib=rb-1.2.1&q=80&fm=jpg&crop=entropy&cs=tinysrgb&w=1600&h=550&fit=crop&ixid=eyJhcHBfaWQiOjF9

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2116634053
citizens.giveterra.com/campaign/
Redirect Chain
  • http://crushcovidphx.com/
  • https://citizens.giveterra.com/campaign/2116634053
92 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:10e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecca2ba025d98a3d7ebc73515864e8f1fb8b08c915321554076909fd9a859f02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
citizens.giveterra.com
:scheme
https
:path
/campaign/2116634053
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 27 May 2020 17:29:41 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df866c958c12bfec9f28bea743fbc85711590600581; expires=Fri, 26-Jun-20 17:29:41 GMT; path=/; domain=.giveterra.com; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6Ill6a1JOeXdQeW5WY2V4QTV4ZUtPYkE9PSIsInZhbHVlIjoiZ1pwWjhyalZMR0Fka1Y5OXBFVmlXXC9xNzBhenloUWRqcXFoZHErVE83ZHZjU1pqTUF6NlBnWks2WnFKQ3dETmIiLCJtYWMiOiI3ZTYzNWQ4YmU5MTgxYWExNTI2NWFkZjJmNWY0MjI5OTk3YWI5YjcyZjAxZWM3YzY3MjYwYzIyY2IwYzMwOTIxIn0%3D; expires=Wed, 27-May-2020 19:29:41 GMT; Max-Age=7200; path=/ citizens_church_session=eyJpdiI6ImtVNElpMGNpTUQzaVBBTDZCaDZSdVE9PSIsInZhbHVlIjoiNUdkdm5zKytXbzRwaXlyU1hWZllWeUtKWmpnZFwveEdpdG9PcWVoXC9KaEF1K2RzY1d0YkVqYnpSZUZIVVdvQjI5IiwibWFjIjoiZWVmZDg3M2E1OGI4OTJkZjU1YWU5NDMxNmRiZDVlNGFjNTgyNDNmZWFjMmE3ZDdmMjRlNjVlODJkMjY5YTVjMiJ9; expires=Wed, 27-May-2020 19:29:41 GMT; Max-Age=7200; path=/; httponly
vary
Accept-Encoding
cache-control
private, must-revalidate
pragma
no-cache
expires
-1
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
02f8c7d9680000175a34870200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
59a175a24d28175a-FRA
content-encoding
br

Redirect headers

Server
nginx/1.16.1
Date
Wed, 27 May 2020 17:29:41 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Location
https://citizens.giveterra.com/campaign/2116634053
style.css
citizens.giveterra.com/css/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citizens.giveterra.com/css/style.css?id=7b75ea215347f03aea5a
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:10e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd753ed71e68d38c6fc3fe6688091c794546385f0afeedd9ac22fa1604d60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citizens.giveterra.com/campaign/2116634053
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 17:29:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
cf-request-id
02f8c7db0f0000175a3489f200000001
last-modified
Tue, 19 May 2020 08:27:31 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ec39873-4f24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
cache-control
public, max-age=2592000
cf-ray
59a175a4ec87175a-FRA
expires
Fri, 26 Jun 2020 17:29:42 GMT
all.css
pro.fontawesome.com/releases/v5.2.0/css/ 		59 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.2.0/css/all.css
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d55e3385a8c2063d4b0f3a88c1acd01173f86009702067790613a08e55d7597f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://citizens.giveterra.com/campaign/2116634053
Origin
https://citizens.giveterra.com

Response headers

date
Wed, 27 May 2020 17:29:41 GMT
content-encoding
gzip
last-modified
Mon, 23 Jul 2018 17:24:43 GMT
status
200
etag
"5cf28d1228ccc67eef7ef1d2e4666093"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1590600581.cds109.am5.hn,1590600581.cds016.am5.c
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
access-control-allow-methods
GET
accept-ranges
bytes
content-length
12420
v4-shims.css
use.fontawesome.com/releases/v5.2.0/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/css/v4-shims.css
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
a87ada0ef6e37011f09cfd265e2fd4571edff7c7c981b20cdd9946ef616b06db

Request headers

Referer
https://citizens.giveterra.com/campaign/2116634053
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 17:29:41 GMT
content-encoding
gzip
last-modified
Mon, 23 Jul 2018 17:07:01 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"4ee3c6f5911f21e55fef7b98b80c06f4"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
kwh0ouv.css
use.typekit.net/ 		3 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/kwh0ouv.css
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
5e8a37f4a588e3880e15dfa40391e3aad7fc342050281ece29f2c0aeee033957
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://citizens.giveterra.com/campaign/2116634053
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
status
200
date
Wed, 27 May 2020 17:29:42 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
669
js
www.googletagmanager.com/gtag/ 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162746452-1
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
72c95b5cb93d2ae3ae88750af6c076f25a2c7e3e6cd405cc7256a606c4cdabf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://citizens.giveterra.com/campaign/2116634053
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 17:29:42 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33289
x-xss-protection
0
last-modified
Wed, 27 May 2020 16:47:23 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 27 May 2020 17:29:42 GMT
email-decode.min.js
citizens.giveterra.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://citizens.giveterra.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:10e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://citizens.giveterra.com/campaign/2116634053
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 17:29:41 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 21 May 2020 15:08:42 GMT
server
cloudflare
etag
W/"5ec6997a-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
59a175a50cd9175a-FRA
cf-request-id
02f8c7db210000175a348a3200000001
expires
Fri, 29 May 2020 17:29:41 GMT
/
js.stripe.com/v3/ 		166 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-97.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3e6070a723a7fccae7a43a608f43d126f3029576f3256857a0cbd30b0b8015f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://citizens.giveterra.com/campaign/2116634053
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 17:27:27 GMT
content-encoding
gzip
vary
Accept-Encoding
age
136
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
status
200
x-amz-request-id
ADCDE5618E421546
x-amz-id-2
PdVABB4WdzjRj1i1z8p2P4nFxVilQKOkHQoUODW9sdY9IcXLjN8szp74aeRVm/KiaFepaXg/Og8=
last-modified
Thu, 21 May 2020 20:36:49 GMT
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
ZRH50-C1
timing-allow-origin
*
x-amz-cf-id
doxhgsnVX2almWqCrvu-aq6eAaKnYk72Dz8-cKCOp9uWmhzqhCJSvA==
app.js
citizens.giveterra.com/js/ 		718 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citizens.giveterra.com/js/app.js?id=88f140c9d2ee6a20733b
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:10e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe952e2f679d40c3760f5234d05b458d403118c0f67d18713e1c02eb70d8188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citizens.giveterra.com/campaign/2116634053
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 17:29:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
cf-request-id
02f8c7db210000175a348a4200000001
last-modified
Tue, 19 May 2020 08:27:31 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5ec39873-b37eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
public, max-age=2592000
cf-ray
59a175a50cdf175a-FRA
expires
Fri, 26 Jun 2020 17:29:42 GMT
p.css
p.typekit.net/ 		5 B
334 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=kwh0ouv&ht=tk&f=6846.6851.6852&a=11242374&app=typekit&e=css
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10:2a9::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://citizens.giveterra.com/campaign/2116634053
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 May 2020 17:29:42 GMT
Last-Modified
Fri, 18 Oct 2019 20:47:29 GMT
Server
nginx
ETag
"5daa24e1-5"
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5
Expires
Wed, 11 Dec 2019 16:45:14 GMT
photo-1575499032276-a51e58f176bb
images.unsplash.com/
Redirect Chain
  • https://source.unsplash.com/PZjF2Hkv6Xo/1600x550
  • https://images.unsplash.com/photo-1575499032276-a51e58f176bb?ixlib=rb-1.2.1&q=80&fm=jpg&crop=entropy&cs=tinysrgb&w=1600&h=550&fit=crop&ixid=eyJhcHBfaWQiOjF9
102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1575499032276-a51e58f176bb?ixlib=rb-1.2.1&q=80&fm=jpg&crop=entropy&cs=tinysrgb&w=1600&h=550&fit=crop&ixid=eyJhcHBfaWQiOjF9
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
5f8e62806dfd226b48ea08e3eba68ff4b34ee7136b2b9f1570e80dc6d382da79
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://citizens.giveterra.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 17:29:42 GMT
x-content-type-options
nosniff
last-modified
Sat, 16 May 2020 23:50:33 GMT
server
imgix
age
927549
x-cache
MISS, HIT
content-type
image/jpeg
status
200
cache-control
public, max-age=315360000
x-imgix-id
a64ea5100c3edcc2daeddf2f33fa9936cb109b73
accept-ranges
bytes
access-control-allow-origin
*
content-length
103964
x-served-by
cache-lax8630-LAX, cache-hhn4022-HHN

Redirect headers

Date
Wed, 27 May 2020 17:29:41 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
fb35f2be-29eb-44e2-ae65-1be6bfc93f80
X-Runtime
0.006884
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Vary
Origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/html; charset=utf-8
Location
https://images.unsplash.com/photo-1575499032276-a51e58f176bb?ixlib=rb-1.2.1&q=80&fm=jpg&crop=entropy&cs=tinysrgb&w=1600&h=550&fit=crop&ixid=eyJhcHBfaWQiOjF9
Cache-Control
no-cache
l
use.typekit.net/af/1b1b1e/00000000000000000001709e/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1b1b1e/00000000000000000001709e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
6d7866613a48e1d880b7cfacc00c4e2849a767bacfc93871d558e443c3129054

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.typekit.net/kwh0ouv.css
Origin
https://citizens.giveterra.com

Response headers

date
Wed, 27 May 2020 17:29:42 GMT
server
nginx
etag
"f507d4945327bf77fa226b6fef0f1c6a6af3bf09"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
24140
fa-brands-400.woff2
pro.fontawesome.com/releases/v5.2.0/webfonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
a0923a4c80c1a64629cd6da1298fa57714919564d09aaf25b2c657d0e358368f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pro.fontawesome.com/releases/v5.2.0/css/all.css
Origin
https://citizens.giveterra.com

Response headers

date
Wed, 27 May 2020 17:29:42 GMT
last-modified
Mon, 23 Jul 2018 17:24:56 GMT
status
200
etag
"3443cc888af3c04b49389a466cf74f0f"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
accept-ranges
bytes
content-length
64224
x-hw
1590600582.cds109.am5.hn,1590600582.cds095.am5.c
l
use.typekit.net/af/cafa63/00000000000000000001709a/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/cafa63/00000000000000000001709a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
99fba0fe3401283e9b1f8411381cf8dc49d61c410cabef03c4f132649f3bf907

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.typekit.net/kwh0ouv.css
Origin
https://citizens.giveterra.com

Response headers

date
Wed, 27 May 2020 17:29:42 GMT
server
nginx
etag
"1500587fffa9a4bb64d06e988493ea23a02a484a"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
24232
l
use.typekit.net/af/80c5d0/00000000000000000001709c/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/80c5d0/00000000000000000001709c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
nginx /
Resource Hash
260631120e38908780090a2c774b13900801fa1133f9accff8b630ace589dfff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.typekit.net/kwh0ouv.css
Origin
https://citizens.giveterra.com

Response headers

date
Wed, 27 May 2020 17:29:42 GMT
server
nginx
etag
"9852112d8099a97564f64224e106ceeffff9e7c4"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
24248
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162746452-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://citizens.giveterra.com/campaign/2116634053
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
2003
date
Wed, 27 May 2020 16:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Wed, 27 May 2020 18:56:19 GMT
controller-8eaa7493dcc5b9b4300acef47ba09867.html
js.stripe.com/v3/ Frame 1F34 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-8eaa7493dcc5b9b4300acef47ba09867.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-97.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/controller-8eaa7493dcc5b9b4300acef47ba09867.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://citizens.giveterra.com/campaign/2116634053
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://citizens.giveterra.com/campaign/2116634053

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
345
x-amz-id-2
uSGHJ65w2Byo0+vlf8iw5312BGoN9gSk27lGhHGscNwzIFasxIZzbEpfxzFeEQI1XLurRTHtZak=
x-amz-request-id
1BF619EB48A9AFDE
last-modified
Thu, 21 May 2020 20:36:49 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
date
Wed, 27 May 2020 17:28:54 GMT
etag
"8eaa7493dcc5b9b4300acef47ba09867"
cache-control
public, max-age=300
x-cache
Hit from cloudfront
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
5XKtpC_-0M4d2LFJ_YK5V3Ds84UdsgooIlWxJxOSj7WkcnKANAmaMA==
age
51
m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
js.stripe.com/v3/ Frame 4671 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-97.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://citizens.giveterra.com/campaign/2116634053
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://citizens.giveterra.com/campaign/2116634053

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
238
x-amz-id-2
H5M/3FfQYrlTc1RyMWJcQfXh9u5W6dLiwpEcHGE4LOikKuvoOTsWhq9AcSYXUFJ8buwrnDZRJOk=
x-amz-request-id
98842839D93D2B44
last-modified
Fri, 28 Feb 2020 23:42:06 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date
Wed, 27 May 2020 17:28:44 GMT
etag
"a0f6c1465b8d9aab778cf2913d1d3c86"
cache-control
public, max-age=300
x-cache
Hit from cloudfront
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
BYNIwX1OEr8rg7SBrToeZCnXs55cuCrQ467Bgzeiccl1S9ytOYcKow==
age
59
collect
www.google-analytics.com/r/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1213048677&t=pageview&_s=1&dl=https%3A%2F%2Fcitizens.giveterra.com%2Fcampaign%2F2116634053&ul=en-us&de=UTF-8&dt=Pick%20a%20Team%20and%20Help%20Raise%20%2420%2C000%20to%20Crush%20COVID-19&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=2054443373&gjid=485946973&cid=1959021210.1590600582&tid=UA-162746452-1&_gid=238206546.1590600582&_r=1&gtm=2ou5e1&z=1341493730
Requested by
Host: citizens.giveterra.com
URL: https://citizens.giveterra.com/campaign/2116634053
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://citizens.giveterra.com/campaign/2116634053
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 May 2020 17:29:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| Spark function| Stripe object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| URI function| axios function| _ function| moment function| Popper function| __ function| jQuery function| $ function| setImmediate function| clearImmediate function| Vue object| Bus function| SparkForm function| SparkFormErrors object| braintreeCheckout object| gaplugins object| gaGlobal object| gaData

8 Cookies

Domain/Path Name / Value
.giveterra.com/ Name: _gat_gtag_UA_162746452_1
Value: 1
.citizens.giveterra.com/ Name: __stripe_sid
Value: 932d2eae-dc15-4124-a14b-0d913f74c518
.citizens.giveterra.com/ Name: __stripe_mid
Value: 542dddba-3d08-473d-aaf3-0e9417a680d1
.giveterra.com/ Name: _gid
Value: GA1.2.238206546.1590600582
citizens.giveterra.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Ill6a1JOeXdQeW5WY2V4QTV4ZUtPYkE9PSIsInZhbHVlIjoiZ1pwWjhyalZMR0Fka1Y5OXBFVmlXXC9xNzBhenloUWRqcXFoZHErVE83ZHZjU1pqTUF6NlBnWks2WnFKQ3dETmIiLCJtYWMiOiI3ZTYzNWQ4YmU5MTgxYWExNTI2NWFkZjJmNWY0MjI5OTk3YWI5YjcyZjAxZWM3YzY3MjYwYzIyY2IwYzMwOTIxIn0%3D
citizens.giveterra.com/ Name: citizens_church_session
Value: eyJpdiI6ImtVNElpMGNpTUQzaVBBTDZCaDZSdVE9PSIsInZhbHVlIjoiNUdkdm5zKytXbzRwaXlyU1hWZllWeUtKWmpnZFwveEdpdG9PcWVoXC9KaEF1K2RzY1d0YkVqYnpSZUZIVVdvQjI5IiwibWFjIjoiZWVmZDg3M2E1OGI4OTJkZjU1YWU5NDMxNmRiZDVlNGFjNTgyNDNmZWFjMmE3ZDdmMjRlNjVlODJkMjY5YTVjMiJ9
.giveterra.com/ Name: _ga
Value: GA1.2.1959021210.1590600582
.giveterra.com/ Name: __cfduid
Value: df866c958c12bfec9f28bea743fbc85711590600581

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

citizens.giveterra.com
crushcovidphx.com
images.unsplash.com
js.stripe.com
p.typekit.net
pro.fontawesome.com
source.unsplash.com
use.fontawesome.com
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
13.224.95.97
151.139.128.8
184.168.131.241
23.111.9.35
23.23.254.53
2606:4700:3030::681c:10e1
2a00:1450:4001:800::2008
2a00:1450:4001:81b::200e
2a01:4a0:1338:28::c38a:ff0a
2a02:26f0:10:2a9::19fd
2a04:4e42:1b::720
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
260631120e38908780090a2c774b13900801fa1133f9accff8b630ace589dfff
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
5e8a37f4a588e3880e15dfa40391e3aad7fc342050281ece29f2c0aeee033957
5f8e62806dfd226b48ea08e3eba68ff4b34ee7136b2b9f1570e80dc6d382da79
6d7866613a48e1d880b7cfacc00c4e2849a767bacfc93871d558e443c3129054
72c95b5cb93d2ae3ae88750af6c076f25a2c7e3e6cd405cc7256a606c4cdabf2
7fe952e2f679d40c3760f5234d05b458d403118c0f67d18713e1c02eb70d8188
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
99fba0fe3401283e9b1f8411381cf8dc49d61c410cabef03c4f132649f3bf907
a0923a4c80c1a64629cd6da1298fa57714919564d09aaf25b2c657d0e358368f
a87ada0ef6e37011f09cfd265e2fd4571edff7c7c981b20cdd9946ef616b06db
ccd753ed71e68d38c6fc3fe6688091c794546385f0afeedd9ac22fa1604d60bc
d55e3385a8c2063d4b0f3a88c1acd01173f86009702067790613a08e55d7597f
e3e6070a723a7fccae7a43a608f43d126f3029576f3256857a0cbd30b0b8015f
ecca2ba025d98a3d7ebc73515864e8f1fb8b08c915321554076909fd9a859f02