donate.heritageaction.com Open in urlscan Pro
2606:4700::6813:d359 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.heritage.org/ODI0LU1IVC0zMDQAAAGPkZUvUEAJoJuq3yIci84aMF6leqfOQsbSk2hzb0PTQ5NyaUz3obkYk2Px6m6NxLAoCxJ6FxY=
Effective URL:
https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_te...
Submission: On November 21 via manual (November 21st 2023, 7:17:49 pm UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 19 domains to perform 54 HTTP transactions. The main IP is 2606:4700::6813:d359, located in United States and belongs to CLOUDFLARENET, US. The main domain is donate.heritageaction.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2023. Valid for: a year.

This is the only time donate.heritageaction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2606:4700::68... 2606:4700::6813:d359	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:264... 2600:9000:2646:e200:0:7d26:ee00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	52.92.181.64 52.92.181.64	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6813:d459	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.228.215.240 44.228.215.240	16509 (AMAZON-02) (AMAZON-02)
54	23

1 104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)

click.heritage.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:d359 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

donate.heritageaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2646:e200:0:7d26:ee00:93a1 (United States)

ASN16509 (AMAZON-02, US)

d35ligi1n5bgzc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.181.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:d459 (United States)

ASN13335 (CLOUDFLARENET, US)

gtm.revv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.228.215.240 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-215-240.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	heritageaction.com 1 redirects donate.heritageaction.com	186 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 m.stripe.com — Cisco Umbrella Rank: 1249	158 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	440 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 393	175 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6862	669 B
3	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040	616 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	216 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	cloudfront.net d35ligi1n5bgzc.cloudfront.net	504 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 747	395 B
1	t.co t.co — Cisco Umbrella Rank: 607	379 B
1	amazonaws.com s3-us-west-2.amazonaws.com
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	revv.co app.revv.co Failed gtm.revv.co	978 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
1	heritage.org click.heritage.org — Cisco Umbrella Rank: 197605	2 KB
54	19

	Domain	Requested by
9	donate.heritageaction.com	1 redirects click.heritage.org donate.heritageaction.com static.cloudflareinsights.com
5	www.googletagmanager.com	donate.heritageaction.com www.google-analytics.com www.googletagmanager.com
4	maps.googleapis.com	donate.heritageaction.com maps.googleapis.com
3	www.google.de	donate.heritageaction.com
3	q.stripe.com	click.heritage.org
3	www.google-analytics.com	donate.heritageaction.com www.google-analytics.com
3	js.stripe.com	donate.heritageaction.com js.stripe.com
2	www.facebook.com	donate.heritageaction.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google.com	donate.heritageaction.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	connect.facebook.net	donate.heritageaction.com connect.facebook.net
2	d35ligi1n5bgzc.cloudfront.net	donate.heritageaction.com
1	region1.analytics.google.com	www.googletagmanager.com
1	m.stripe.com	m.stripe.network
1	gtm.revv.co	www.googletagmanager.com
1	analytics.twitter.com	donate.heritageaction.com
1	t.co	donate.heritageaction.com
1	s3-us-west-2.amazonaws.com	click.heritage.org
1	static.ads-twitter.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	static.cloudflareinsights.com	donate.heritageaction.com
1	click.heritage.org
0	app.revv.co Failed	donate.heritageaction.com
54	25

This site contains links to these domains. Also see Links.

Domain
revv.co
heritageaction.com
support.revv.co

Subject Issuer	Validity	Valid
donate.heritageaction.com Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-31` - `2023-11-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-08-03`	10 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-16` - `2024-10-14`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x
Frame ID: 133ECC0BCEDF418677909DD9587214AC
Requests: 44 HTTP requests in this frame

Frame: https://donate.heritageaction.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 208D0912E31C2F72C89F35192DACD156
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 42A5FE3559ACA46BE7291CD78647CE9A
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 65E6AA4D8F0D47F73C57E7E0AEC9CEDF
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Respond Today | Heritage Action for America

Page URL History Show full URLs

http://click.heritage.org/ODI0LU1IVC0zMDQAAAGPkZUvUEAJoJuq3yIci84aMF6leqfOQsbSk2hzb0PTQ5NyaUz3obkYk2Px... Page URL
https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

54
Requests

94 %
HTTPS

64 %
IPv6

19
Domains

25
Subdomains

23
IPs

4
Countries

1619 kB
Transfer

4404 kB
Size

20
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://revv.co/donor-terms/
Title: terms of use

Search URL Search Domain Scan URL

URL: https://revv.co/privacy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://heritageaction.com/state-registrations/
Title: State Registration Disclosures.

Search URL Search Domain Scan URL

URL: https://revv.co/
Title: Powered by

Search URL Search Domain Scan URL

URL: https://support.revv.co/en/
Title: Questions about your charge? Go to our Support Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.heritage.org/ODI0LU1IVC0zMDQAAAGPkZUvUEAJoJuq3yIci84aMF6leqfOQsbSk2hzb0PTQ5NyaUz3obkYk2Px6m6NxLAoCxJ6FxY= Page URL
https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://donate.heritageaction.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://donate.heritageaction.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 302
Found ODI0LU1IVC0zMDQAAAGPkZUvUEAJoJuq3yIci84aMF6leqfOQsbSk2hzb0PTQ5NyaUz3obkYk2Px6m6NxLAoCxJ6FxY=
click.heritage.org/ 649 B
2 KB 767ms
204ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://click.heritage.org/ODI0LU1IVC0zMDQAAAGPkZUvUEAJoJuq3yIci84aMF6leqfOQsbSk2hzb0PTQ5NyaUz3obkYk2Px6m6NxLAoCxJ6FxY=

Protocol

HTTP/1.1

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-x/EFsaUZw9l8JtgzL0Qkmn4l5YFZKIF6gqnn9too9wM=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 829b463ce9873644-FRA
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
Date: Tue, 21 Nov 2023 19:17:42 GMT
Server: cloudflare
Transfer-Encoding: chunked
cache-control: private, no-cache, no-store, max-age=0
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-x/EFsaUZw9l8JtgzL0Qkmn4l5YFZKIF6gqnn9too9wM=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
referrer-policy: strict-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: ca0908c197f16caf

GET
H2 200 Primary Request / Show response
donate.heritageaction.com/update-contact-eme96810/ 16 KB
7 KB 232ms
157ms Document
text/html 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x

Requested by

Host: click.heritage.org
URL: http://click.heritage.org/ODI0LU1IVC0zMDQAAAGPkZUvUEAJoJuq3yIci84aMF6leqfOQsbSk2hzb0PTQ5NyaUz3obkYk2Px6m6NxLAoCxJ6FxY=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eadfd805a4fbf7e371cbd9f3fe370b2892eb655c13d7438ec5a4273db9682ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://click.heritage.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 829b463ebc2ebbbb-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 21 Nov 2023 19:17:42 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-rack-cors: miss; no-origin
x-request-id: 1ac1c793-d3a7-4283-a8f6-163022966dc1
x-revv-cache: Hit from Revv
x-runtime: 0.015719
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
js.stripe.com/v3/ 556 KB
154 KB 287ms
57ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1732b7da8db1c8b008f4702d43cd395a032af1b1bf9e48c8f7fdaedb32179304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 Nov 2023 19:17:43 GMT
via: 1.1 varnish
age: 50
x-cache: HIT
content-length: 157329
x-request-id: 728f2937-6465-4671-ba78-9521fd4a12ec
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Tue, 21 Nov 2023 18:45:31 GMT
server: Fastly
etag: "29234c36f4d48fc95162b3a6a3a4f8c0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 24

GET
H2 200 landing_page-b5085350195c50801834c19cd56b1cabc8b9ea2b81e3a74f8486f6b3e2ae2898.css
donate.heritageaction.com/assets/ 222 KB
34 KB 203ms
199ms Stylesheet
text/css 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.heritageaction.com/assets/landing_page-b5085350195c50801834c19cd56b1cabc8b9ea2b81e3a74f8486f6b3e2ae2898.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5085350195c50801834c19cd56b1cabc8b9ea2b81e3a74f8486f6b3e2ae2898

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
x-amz-version-id: kYOiLBiwUoC_15St6k4OUiCIi8NH_RfM
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: MISS
x-amz-request-id: 74YM339NR9136FRX
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Gf6Rz3gwp+3giLFRsXA2/+qX0k/MAwrMrZkNGYA960+J0GzXDXc4OTRyAowzaNZFwdThV0Lsa+g=
last-modified: Tue, 07 Nov 2023 01:47:10 GMT
server: cloudflare
etag: W/"57df3b6cebff9962c43c29347b45123f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 829b463fddd4bbbb-FRA
expires: Tue, 21 Nov 2023 23:17:43 GMT

GET
H2 200 1678304284.css
donate.heritageaction.com/stylesheets/rv_page_01gtmey7w2c3texc9jdqg9z58v/ 8 KB
2 KB 263ms
261ms Stylesheet
text/css 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.heritageaction.com/stylesheets/rv_page_01gtmey7w2c3texc9jdqg9z58v/1678304284.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8d3f7ebe46b930b5faa9193377f9bfeee6047515aae432f100148e02bf9a8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rack-cors: miss; no-origin
date: Tue, 21 Nov 2023 19:17:43 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: cc1296ab-2431-4edc-85ec-869e9fd5c594
x-runtime: 0.057721
last-modified: Tue, 21 Nov 2023 19:17:43 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=31556952
cf-ray: 829b463fddd8bbbb-FRA
expires: Thu, 21 Nov 2024 01:06:55 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 194 KB
65 KB 70ms
38ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ec6bdda661b7ea8124f3a715465fe4dd7242f36c16138aa8ebd4d263b7bffb57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66616
x-xss-protection: 0

GET
H2 200 application-landing-page-f2a5b42b4b21999654b53e07363d1a56587867548d00f9dd45c2af6c283da313.js Show response
donate.heritageaction.com/assets/ 486 KB
136 KB 182ms
180ms Script
application/javascript 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.heritageaction.com/assets/application-landing-page-f2a5b42b4b21999654b53e07363d1a56587867548d00f9dd45c2af6c283da313.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b0ee40c236b43959682dbfb183f1e573d475a20c1a8831055731403679aaa69

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 978OI8i6QFarFjUvfriEb5EFtcqK3zb9
cf-cache-status: REVALIDATED
x-amz-request-id: M47ZCYSM30XPE70E
cf-polished: origSize=497438
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kkc1ODv+EGL8sFdjdill91wK0iVV0dvDvClINBDmYHYgYXb5N7O0bbtfQCbI7WAo23evEXWxFK0=
cf-bgj: minify
last-modified: Tue, 07 Nov 2023 01:47:09 GMT
server: cloudflare
etag: W/"00507202ba7b3ee5cf79681b9afffc43"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 829b463fdddabbbb-FRA
expires: Tue, 21 Nov 2023 23:17:43 GMT

GET
H2 200 HAFA_-_border.png
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/026/224/large/ 10 KB
10 KB 36ms
9ms Image
image/png 2600:9000:2646:e200:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/026/224/large/HAFA_-_border.png
Requested by: Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:e200:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d8d3f9460488cb0cfe3a0f32a93c92f232992c607b49546ea220522889c0b04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 00:03:10 GMT
x-amz-version-id: 5YQEUSqxg_7aPoJQZnH0l52FKnjrUtSN
via: 1.1 b459d8cae3f218ce39711fc3ecdcc998.cloudfront.net (CloudFront)
last-modified: Sat, 17 Jul 2021 22:58:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 69273
etag: "5ddddb63cc714e068bb064ed6c89b7a3"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 9886
x-amz-cf-id: 4Y25NYcViF-1153yiHXh1Y_BjfZ8m6cg35RvWEGovDQ_Jc4JWfmFdw==

GET
H2 200 revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png
donate.heritageaction.com/assets/ 3 KB
3 KB 169ms
168ms Image
image/png 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.heritageaction.com/assets/revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
x-amz-version-id: BFI67EZrxkmDiotR8ylG94OmTwQuHmqy
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
cf-cache-status: MISS
x-amz-request-id: 74YX8RDPSTB235SX
alt-svc: h3=":443"; ma=86400
content-length: 2844
x-amz-id-2: RwVmaw2Er+1obPEG8BgE3NzvgUUTfVCfFuFB5fvVkO4/dsTarwrjBFUnpi63MjkplUuRaqJwbtw=
last-modified: Tue, 07 Nov 2023 01:47:10 GMT
server: cloudflare
etag: "0bdbab7164f21196bc848a313a9e20e6"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 829b463fdddbbbbb-FRA
expires: Tue, 21 Nov 2023 23:17:43 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 77ms
49ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://donate.heritageaction.com/
Origin: https://donate.heritageaction.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 829b4641df614dcd-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 421 KB
97 KB 78ms
54ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3ea40ac224d0cb3523e22c7617748ddf8cb6b9f0c8d6d50ec10179672a032c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99158
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Nov 2023 19:17:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 229 KB
82 KB 48ms
25ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9BTZ95

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9aaec04046015c63309184446f9a2e0c4734ab70652160eef5ada0ae9eeeca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83202
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Nov 2023 19:17:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 56ms
20ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Nov 2023 19:17:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: nrvnd+NT2oK1bvZfHcBlrJ6AlARpoiGzjGpxZOh/lVhWwYfq47q1sBv9+b81rE7msEep+wR2onZyOZLUBIszYw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Nov 2023 17:19:54 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7069
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 21 Nov 2023 19:19:54 GMT

GET
H2 200 HAFA_LP_2023-min_%281%29.png
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/562/156/large/ 493 KB
494 KB 9ms
8ms Image
image/png 2600:9000:2646:e200:0:7d26:ee00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/562/156/large/HAFA_LP_2023-min_%281%29.png
Requested by: Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/stylesheets/rv_page_01gtmey7w2c3texc9jdqg9z58v/1678304284.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:e200:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c68b14303666b0fe58ff59aaa7e2c86701927798207c8c63aee42995894bb0ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: Qok2_zslHHZNnCC2xLoRtRgEPgJGDLsu
date: Tue, 21 Nov 2023 06:31:42 GMT
via: 1.1 b459d8cae3f218ce39711fc3ecdcc998.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 45962
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 504359
last-modified: Tue, 14 Feb 2023 15:39:25 GMT
server: AmazonS3
etag: "16a4f7b480307a007912ab3ebf921257"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: KOlrpu94dWjilQS_3NERdwnzcTiorLsZFjKdukigTI5b8VN97msTEw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
227 B 15ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e4caed5b501091ffcdd32b8110abef32f8c2b35ebb008138503c21f978c1254e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.heritageaction.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 19:17:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 32ms
17ms XHR
application/json 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://donate.heritageaction.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET current_with_info
app.revv.co/api/v3/users/ 0
0

GET
H3

200

main.js Show response
donate.heritageaction.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 208D
Redirect Chain

https://donate.heritageaction.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://donate.heritageaction.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
3 KB

20ms
20ms

Script
application/javascript

2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.heritageaction.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Protocol

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19bea9507e1c8f4b74f5db44034e4aee4f9460983e669cc5bb5f6da06aa00350

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 829b4642e9ab4d1f-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 21 Nov 2023 19:17:43 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 829b4642b9504d1f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 42A5 200 B
818 B 17ms
17ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.heritageaction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6385984
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 21 Nov 2023 19:17:43 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 887151
x-content-type-options: nosniff
x-request-id: b883684b-37c4-4337-9bf7-0e62cb4e1e4d
x-served-by: cache-fra-eddf8230064-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
84 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B6KRKX65NF&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee20c184a969f1331cb4dd2f1961c76a1f9016db7da19d7e4034c040a1afe730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Nov 2023 19:17:43 GMT

GET
H2 200 521982118334171 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 153ms
152ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/521982118334171?v=2.9.138&r=stable&domain=donate.heritageaction.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fab87c1c832760ef2d6dc2fd17730ae19d89d553063408e5c8b26e7fc6ac6264

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Nov 2023 19:17:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: onNrZRIVF/jz9QYLnNnuKuAxCFO/wwNA98PwLeXDm9f+xDjHPXuigRng2/4nf6wlbysWhRNqOqN/yf+UR+k1Uw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 42A5 631 B
534 B 23ms
22ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 21 Nov 2023 19:17:43 GMT
via: 1.1 varnish
age: 6385985
x-cache: HIT
content-length: 399
x-request-id: 5f16c08b-6f05-44cd-8a11-b1344e84a1c7
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 845785

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
89 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8YPM861JHP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9BTZ95

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f7743e3239e49d98a5ca59d932151f6c787c4b1741545e3e7bfc60dae2f50e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91438
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Nov 2023 19:17:43 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/696485407/ 3 KB
2 KB 46ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/696485407/?random=1700594263517&cv=11&fst=1700594263517&bg=ffffff&guid=ON&async=1&gtm=45He3b81v813422795&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.heritageaction.com%2Fupdate-contact-eme96810%2F%3Futm_source%3Dheritageaction%26utm_campaign%3Deme96810%26utm_medium%3Demail%26utm_term%3Dimge%26utm_content%3Dhfile%26mkt_tok%3DODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x&ref=http%3A%2F%2Fclick.heritage.org%2F&label=YMHNCIb2v7MBEJ-MjswC&hn=www.googleadservices.com&frm=0&tiba=Respond%20Today%20%7C%20Heritage%20Action%20for%20America&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9BTZ95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c146705161ee20042a9a77b8d520e0e33c0e8a495e814539aa758386d19f693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 19:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1548
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 42ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9BTZ95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230117-FRA

GET
H/1.1 403
Forbidden ge.js
s3-us-west-2.amazonaws.com/jsstore/a/9G7HXGD/ 0
0 540ms
182ms Script
application/xml 52.92.181.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/jsstore/a/9G7HXGD/ge.js
Requested by: Host: click.heritage.org
URL: http://click.heritage.org/ODI0LU1IVC0zMDQAAAGPkZUvUEAJoJuq3yIci84aMF6leqfOQsbSk2hzb0PTQ5NyaUz3obkYk2Px6m6NxLAoCxJ6FxY=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.181.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
88 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4bdcc52a5f0c82a339fa4e868921cf5ccdb04d003d365d32143e37dc459ad2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89585
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Nov 2023 19:17:43 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 15ms
14ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=333599258&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.heritageaction.com%2Fupdate-contact-eme96810%2F%3Futm_source%3Dheritageaction%26utm_campaign%3Deme96810%26utm_medium%3Demail%26utm_term%3Dimge%26utm_content%3Dhfile%26mkt_tok%3DODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x&dr=http%3A%2F%2Fclick.heritage.org%2F&ul=en-us&de=UTF-8&dt=Respond%20Today%20%7C%20Heritage%20Action%20for%20America&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABBAAAACAEK~&jid=157834714&gjid=1568820205&cid=999078665.1700594263&tid=UA-73658561-7&_gid=627247141.1700594263&_slc=1&gtm=45He3b81n71NTQZ9Nv72410129&cd61=https%3A%2F%2Fdonate.heritageaction.com%2Fupdate-contact-eme96810%2F%3Futm_source%3Dheritageaction%26utm_campaign%3Deme96810%26utm_medium%3Demail%26utm_term%3Dimge%26utm_content%3Dhfile%26mkt_tok%3DODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1193057976

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.heritageaction.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 19:17:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 94ms
34ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73658561-7&cid=999078665.1700594263&jid=157834714&gjid=1568820205&_gid=627247141.1700594263&_u=aGDAiEABBAAAAGAEK~&z=1192826407

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.heritageaction.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Nov 2023 19:17:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 42A5 0
718 B 559ms
176ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: click.heritage.org
URL: http://click.heritage.org/ODI0LU1IVC0zMDQAAAGPkZUvUEAJoJuq3yIci84aMF6leqfOQsbSk2hzb0PTQ5NyaUz3obkYk2Px6m6NxLAoCxJ6FxY=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 21 Nov 2023 19:17:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700594264036870
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700594264035991
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 42A5 0
717 B 560ms
177ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: click.heritage.org
URL: http://click.heritage.org/ODI0LU1IVC0zMDQAAAGPkZUvUEAJoJuq3yIci84aMF6leqfOQsbSk2hzb0PTQ5NyaUz3obkYk2Px6m6NxLAoCxJ6FxY=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 21 Nov 2023 19:17:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700594264036608
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700594264035967
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 65E6 930 B
1 KB 28ms
16ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 280
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 21 Nov 2023 19:17:43 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 344
x-content-type-options: nosniff
x-request-id: 80071d3a-5fee-4839-8e80-c7a330b88402
x-served-by: cache-fra-eddf8230064-FRA
x-timer: S1700594264.599694,VS0,VE0

POST
H3 200 829b463ebc2ebbbb Show response
donate.heritageaction.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 208D 0
304 B 38ms
37ms XHR
text/plain 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.heritageaction.com/cdn-cgi/challenge-platform/h/g/jsd/r/829b463ebc2ebbbb

Requested by

Host: donate.heritageaction.com
URL: https://donate.heritageaction.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 21 Nov 2023 19:17:43 GMT
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 829b46442b7a4d1f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 74ms
46ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-73658561-7&cid=999078665.1700594263&jid=157834714&_u=aGDAiEABBAAAAGAEK~&z=1657377008

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 19:17:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 64ms
44ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-73658561-7&cid=999078665.1700594263&jid=157834714&_u=aGDAiEABBAAAAGAEK~&z=1657377008

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 19:17:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/696485407/ 42 B
455 B 51ms
25ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/696485407/?random=1700594263517&cv=11&fst=1700593200000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v813422795&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.heritageaction.com%2Fupdate-contact-eme96810%2F%3Futm_source%3Dheritageaction%26utm_campaign%3Deme96810%26utm_medium%3Demail%26utm_term%3Dimge%26utm_content%3Dhfile%26mkt_tok%3DODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x&ref=http%3A%2F%2Fclick.heritage.org%2F&label=YMHNCIb2v7MBEJ-MjswC&frm=0&tiba=Respond%20Today%20%7C%20Heritage%20Action%20for%20America&fmt=3&is_vtc=1&cid=CAQSGwDICaaNgSe_ydjNmHW-oxpEtxUT_4_YxDjnxg&random=1392194869&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 19:17:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/696485407/ 42 B
455 B 39ms
20ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/696485407/?random=1700594263517&cv=11&fst=1700593200000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v813422795&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.heritageaction.com%2Fupdate-contact-eme96810%2F%3Futm_source%3Dheritageaction%26utm_campaign%3Deme96810%26utm_medium%3Demail%26utm_term%3Dimge%26utm_content%3Dhfile%26mkt_tok%3DODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x&ref=http%3A%2F%2Fclick.heritage.org%2F&label=YMHNCIb2v7MBEJ-MjswC&frm=0&tiba=Respond%20Today%20%7C%20Heritage%20Action%20for%20America&fmt=3&is_vtc=1&cid=CAQSGwDICaaNgSe_ydjNmHW-oxpEtxUT_4_YxDjnxg&random=1392194869&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 19:17:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 66ms
24ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B6KRKX65NF&gtm=45je3b81v9125670932z8813422795&_p=1700594263035&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=999078665.1700594263&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1700594263&sct=1&seg=0&dl=https%3A%2F%2Fdonate.heritageaction.com%2Fupdate-contact-eme96810%2F%3Futm_source%3Dheritageaction%26utm_campaign%3Deme96810%26utm_medium%3Demail%26utm_term%3Dimge%26utm_content%3Dhfile%26mkt_tok%3DODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x&dr=http%3A%2F%2Fclick.heritage.org%2F&dt=Respond%20Today%20%7C%20Heritage%20Action%20for%20America&en=page_view&_fv=1&_ss=1&tfd=998
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B6KRKX65NF&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 19:17:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
379 B 257ms
204ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=1eb1ca4f-b0dc-4dde-af07-d588691ee299&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9cde5d8d-4e81-408a-bb56-78264f3eb412&tw_document_href=https%3A%2F%2Fdonate.heritageaction.com%2Fupdate-contact-eme96810%2F%3Futm_source%3Dheritageaction%26utm_campaign%3Deme96810%26utm_medium%3Demail%26utm_term%3Dimge%26utm_content%3Dhfile%26mkt_tok%3DODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0l5h&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 184
date: Tue, 21 Nov 2023 19:17:43 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 7a08897aa43b3845
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: b4dc5533ee4eb7baeecb57969c72ff63612defa3d16fc50af96a560dfe9cf581
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 177ms
122ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1eb1ca4f-b0dc-4dde-af07-d588691ee299&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9cde5d8d-4e81-408a-bb56-78264f3eb412&tw_document_href=https%3A%2F%2Fdonate.heritageaction.com%2Fupdate-contact-eme96810%2F%3Futm_source%3Dheritageaction%26utm_campaign%3Deme96810%26utm_medium%3Demail%26utm_term%3Dimge%26utm_content%3Dhfile%26mkt_tok%3DODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0l5h&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 21 Nov 2023 19:17:43 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: bffdcd5322c34f1e
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c0ed1a6eece36cf5465999d590c57cc7d738654269417dec9cb8edd509fbfedd
content-length: 43

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 32ms
24ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8YPM861JHP&gtm=45je3b81v9104605396z8813422795&_p=1700594263035&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=999078665.1700594263&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700594263&sct=1&seg=0&dl=https%3A%2F%2Fdonate.heritageaction.com%2Fupdate-contact-eme96810%2F%3Futm_source%3Dheritageaction%26utm_campaign%3Deme96810%26utm_medium%3Demail%26utm_term%3Dimge%26utm_content%3Dhfile%26mkt_tok%3DODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x&dr=http%3A%2F%2Fclick.heritage.org%2F&dt=Respond%20Today%20%7C%20Heritage%20Action%20for%20America&en=page_view&_fv=1&_ss=1&tfd=1033
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8YPM861JHP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 19:17:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 65E6 0
491 B 331ms
177ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: click.heritage.org
URL: http://click.heritage.org/ODI0LU1IVC0zMDQAAAGPkZUvUEAJoJuq3yIci84aMF6leqfOQsbSk2hzb0PTQ5NyaUz3obkYk2Px6m6NxLAoCxJ6FxY=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 21 Nov 2023 19:17:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700594264036878
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1700594264035979
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 65E6 87 KB
15 KB 49ms
49ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 21 Nov 2023 19:17:43 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 223
x-cache: HIT
content-length: 15509
x-request-id: 4db04ef0-2fb0-455d-aa8b-55eba519fc48
x-served-by: cache-fra-eddf8230064-FRA
server: Fastly
x-timer: S1700594264.809322,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 277

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 25ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=521982118334171&ev=PageView&dl=https%3A%2F%2Fdonate.heritageaction.com%2Fupdate-contact-eme96810%2F%3Futm_source%3Dheritageaction%26utm_campaign%3Deme96810%26utm_medium%3Demail%26utm_term%3Dimge%26utm_content%3Dhfile%26mkt_tok%3DODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x&rl=http%3A%2F%2Fclick.heritage.org%2F&if=false&ts=1700594263814&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700594263813.1576192581&ler=other&it=1700594263490&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Nov 2023 19:17:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=521982118334171&ev=CompleteRegistration&dl=https%3A%2F%2Fdonate.heritageaction.com%2Fupdate-contact-eme96810%2F%3Futm_source%3Dheritageaction%26utm_campaign%3Deme96810%26utm_medium%3Demail%26utm_term%3Dimge%26utm_content%3Dhfile%26mkt_tok%3DODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x&rl=http%3A%2F%2Fclick.heritage.org%2F&if=false&ts=1700594263816&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700594263813.1576192581&ler=other&it=1700594263490&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Nov 2023 19:17:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 collect Show response
gtm.revv.co/g/ 778 B
978 B 550ms
530ms XHR
text/plain 2606:4700::6813:d459
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.revv.co/g/collect?v=2&tid=G-X6H0114PDF&gtm=45je3b81v867905447z872410129&_p=1700594263035&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=999078665.1700594263&ul=en-us&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=11l1l1l1l1&sst.tft=1700594263035&_s=1&sid=1700594263&sct=1&seg=0&dl=https%3A%2F%2Fdonate.heritageaction.com%2Fupdate-contact-eme96810%2F%3Futm_source%3Dheritageaction%26utm_campaign%3Deme96810%26utm_medium%3Demail%26utm_term%3Dimge%26utm_content%3Dhfile%26mkt_tok%3DODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x&dr=http%3A%2F%2Fclick.heritage.org%2F&dt=Respond%20Today%20%7C%20Heritage%20Action%20for%20America&en=page_view&_fv=1&_ss=1&ep.pagepath=%2Fupdate-contact-eme96810%2F&ep.pagehostname=donate.heritageaction.com&ep.parsedurl=https%3A%2F%2Fdonate.heritageaction.com%2Fupdate-contact-eme96810&epn.load_time_sec=-1700594262.8&epn.event_fire_time=1700594263529&ep.event_uuid=8b8282e0-ea9b-4a05-b051-957b6d142188&ep.isVideoPage=f&ep.referrer=http%3A%2F%2Fclick.heritage.org%2F&tfd=1090&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d459 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac20e7908a19f1dc60635894d3559a5eac82f311c8b332584a7064e7a03e331a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:17:44 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://donate.heritageaction.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 829b46453dc618b9-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 6 Show response
m.stripe.com/ Frame 65E6 156 B
670 B 545ms
176ms XHR
application/json 44.228.215.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-215-240.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5ecf760d68f335cfe3e0290d6a1e22466b61ae06b84e7c3f43501b4b04637e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 21 Nov 2023 19:17:44 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700594264367362
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1700594264367163
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 204 rum Show response
donate.heritageaction.com/cdn-cgi/ 0
147 B 13ms
12ms XHR
text/plain 2606:4700::6813:d359
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.heritageaction.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:d359 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Tue, 21 Nov 2023 19:17:44 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://donate.heritageaction.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 829b46467e9d4d1f-FRA

POST
H2 204 collect
region1.analytics.google.com/g/s/ 0
54 B 26ms
24ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=sypham&gtm=45j91e3b81v867905447z872410129z9867900975&_gsid=X6H0114PDFvKuwTrZk7Ty7yFUALDn0MQ
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 19:17:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 31ms
29ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=1&dma_cps=sypham&tid=G-X6H0114PDF&cid=7A9yBDtnvY7wGnUVLP%2FqPGiGHb7gs1oSW5Q%2Bw9mh4FQ%3D.1700594263&gtm=45j91e3b81v867905447z872410129z9867900975&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6H0114PDF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 19:17:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donate.heritageaction.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 47ms
47ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=sypham&tid=G-X6H0114PDF&cid=7A9yBDtnvY7wGnUVLP%2FqPGiGHb7gs1oSW5Q%2Bw9mh4FQ%3D.1700594263&gtm=45j91e3b81v867905447z872410129z9867900975&aip=1&z=1646971660

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 19:17:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/1/intl/de_ALL/ 254 KB
56 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/1/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8d0361875766e2eac1408257eba8a466d88673f21f670838910b8b0b2c4d666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 417651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57033
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 19:21:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:16:57 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/1/intl/de_ALL/ 173 KB
54 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/1/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf1edb6cfc3058eee77bad80648eeed112a2e804f39786d55c385050d4e63da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donate.heritageaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:15:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 522133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54988
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 19:21:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 18:15:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.revv.co
URL: https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_JQ28V5gcHvdmN4emYjiF8vGQ&redirect=https://donate.heritageaction.com/update-contact-eme96810?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heritageaction.com/	1969-12-31 23:59:59	Name: _revv_v3_session Value: eWExQ2tJRXJob2hENVV4aGdDOGpHYjM3eDQ2OWNuaFBkTGd5cm5kU0JUVU5yUTNFbnJRUXpPbHZ6MUh4cnVERmdTV1VDeUJVK0lQZGdtUEl3WFd5Z0h3aENNRXRsdml0c3JJVDgyVCtpcGVuM0R3Vy8vZ1F5eEVmSk5CRjFNbldsTDFuNGRZWkFPaGxud0xPRTMranlNL2Y0UWtIREEwKy9nM2FYZ0swRzBwYlJZQTl2VVZZdXNLZ3dKeDBsajVlQWxjQUFQU1A3c2FZVXM2aTYwZXpxbzd1L0ZhQW9Da0QvY1V4QW9hRmtlbDhKVWpRcWJQc0RtNW1YSDdha1h1TmpCNnR2NHZwdGhmZGNjN0JRNTVyc3dkZTFiU3ZLOHZEQTBobldZdG8rVmp3YWFLY0oxdDNzazhTUGhFTE94OTIzRWNXQldIdHN1ME5MNmVTZGRYd3pCYmY5Z2FXU3pXWE1MdmRpbEd6c1k0PS0tbjUwQnZld2VkMElKNVlqY3IwZWp3dz09--6eff39a4c8a41f0feb7aed5315705c0e55a9a986
.donate.heritageaction.com/	1970-01-20 16:23:16	Name: __cf_bm Value: 2Z82dMquimkU3Ch1sLwB3scjxtyEhwTJLGk9snyeA.w-1700594262-0-AZNHADGOsMuyaRnAaFLgKdwf7yrTcEIkBflrMiVMZ+0Jg4D9UDWi+ZaZ2FOA0T8pmoXZ+X9gFdaXnXYdYu5+Z80=
.heritageaction.com/	1970-01-20 16:24:40	Name: _gid Value: GA1.2.627247141.1700594263
.heritageaction.com/	1970-01-20 16:23:14	Name: _gat Value: 1
donate.heritageaction.com/	1969-12-31 23:59:59	Name: origin_url Value: https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x
.revv.co/	1970-01-20 16:23:16	Name: __cf_bm Value: 2HMD0h4bQs59eBw3mZeijM2S.nZkN8DVUnbivPTTsQQ-1700594263-0-AaRVOPT0CdnvgLJry1vBbSYoZexOlRQqCSyY3X54aGLJqfcEVvNiWTBFNU638MNLux3m7tA79dXRjtxRSsNl61M=
.heritageaction.com/	1970-01-20 18:32:50	Name: _gcl_au Value: 1.1.113974789.1700594264
.heritageaction.com/	1970-01-20 16:23:14	Name: _dc_gtm_UA-73658561-7 Value: 1
.doubleclick.net/	1970-01-20 16:23:15	Name: test_cookie Value: CheckForPermission
.donate.heritageaction.com/	1970-01-21 01:08:50	Name: cf_clearance Value: J6BrXnFIr0f_FcgoPNPERvRor.hvmdxO0p5nPG7_5Xo-1700594263-0-1-24407743.f4ff9f56.246b7649-0.2.1700594263
.heritageaction.com/	1970-01-21 01:59:14	Name: _ga_B6KRKX65NF Value: GS1.1.1700594263.1.0.1700594263.0.0.0
.heritageaction.com/	1970-01-21 01:59:14	Name: _ga Value: GA1.1.999078665.1700594263
.heritageaction.com/	1970-01-21 01:59:14	Name: _ga_8YPM861JHP Value: GS1.1.1700594263.1.0.1700594263.0.0.0
.heritageaction.com/	1970-01-20 18:32:50	Name: _fbp Value: fb.1.1700594263813.1576192581
.heritageaction.com/	1970-01-21 01:59:14	Name: _ga_X6H0114PDF Value: GS1.1.1700594263.1.0.1700594263.0.0.0
.twitter.com/	1970-01-21 01:59:14	Name: personalization_id Value: "v1_jHpnBHSyZdanPt4PsH1PWw=="
.t.co/	1970-01-21 01:59:14	Name: muc_ads Value: d82b8824-ff9b-4a2c-a83d-925a99605f17
m.stripe.com/	1970-01-21 01:59:14	Name: m Value: 9b201690-b304-4c64-b340-86a1497114e4cb0d47
.donate.heritageaction.com/	1970-01-21 01:08:50	Name: __stripe_mid Value: c490444d-9ef6-48ac-a75b-1fda6871b4234a4394
.donate.heritageaction.com/	1970-01-20 16:23:16	Name: __stripe_sid Value: 81865c32-6ae8-418e-bb8d-33c4e3969195b63645

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript	error	URL: https://donate.heritageaction.com/update-contact-eme96810/?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x Message: Access to XMLHttpRequest at 'https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_JQ28V5gcHvdmN4emYjiF8vGQ&redirect=https://donate.heritageaction.com/update-contact-eme96810?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x' from origin 'https://donate.heritageaction.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_JQ28V5gcHvdmN4emYjiF8vGQ&redirect=https://donate.heritageaction.com/update-contact-eme96810?utm_source=heritageaction&utm_campaign=eme96810&utm_medium=email&utm_term=imge&utm_content=hfile&mkt_tok=ODI0LU1IVC0zMDQAAAGPkZUvUOjKF-R-rhWJmyvwfJRY6g2b91GvRaIJUr31JX1PxgJ7G8upQ4uAUWIGysWV2saflaMIFyX4dXV14AMEDYteDcxqkBufQX5c3nrvJv7ZDP1x Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://s3-us-west-2.amazonaws.com/jsstore/a/9G7HXGD/ge.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-x/EFsaUZw9l8JtgzL0Qkmn4l5YFZKIF6gqnn9too9wM=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
app.revv.co
click.heritage.org
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
donate.heritageaction.com
googleads.g.doubleclick.net
gtm.revv.co
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
q.stripe.com
region1.analytics.google.com
region1.google-analytics.com
s3-us-west-2.amazonaws.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
app.revv.co
104.17.73.206
104.244.42.133
104.244.42.195
146.75.116.157
151.101.192.176
2001:4860:4802:34::36
2600:9000:2646:e200:0:7d26:ee00:93a1
2606:4700::6810:3965
2606:4700::6813:d359
2606:4700::6813:d459
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a00:1450:400c:c06::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
44.228.215.240
52.92.181.64
54.187.119.242
0f7743e3239e49d98a5ca59d932151f6c787c4b1741545e3e7bfc60dae2f50e7
1732b7da8db1c8b008f4702d43cd395a032af1b1bf9e48c8f7fdaedb32179304
19bea9507e1c8f4b74f5db44034e4aee4f9460983e669cc5bb5f6da06aa00350
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4b0ee40c236b43959682dbfb183f1e573d475a20c1a8831055731403679aaa69
5c146705161ee20042a9a77b8d520e0e33c0e8a495e814539aa758386d19f693
5ecf760d68f335cfe3e0290d6a1e22466b61ae06b84e7c3f43501b4b04637e97
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
7d8d3f9460488cb0cfe3a0f32a93c92f232992c607b49546ea220522889c0b04
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
ac20e7908a19f1dc60635894d3559a5eac82f311c8b332584a7064e7a03e331a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5085350195c50801834c19cd56b1cabc8b9ea2b81e3a74f8486f6b3e2ae2898
bf1edb6cfc3058eee77bad80648eeed112a2e804f39786d55c385050d4e63da8
c4bdcc52a5f0c82a339fa4e868921cf5ccdb04d003d365d32143e37dc459ad2c
c68b14303666b0fe58ff59aaa7e2c86701927798207c8c63aee42995894bb0ee
c8d0361875766e2eac1408257eba8a466d88673f21f670838910b8b0b2c4d666
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d3ea40ac224d0cb3523e22c7617748ddf8cb6b9f0c8d6d50ec10179672a032c8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4caed5b501091ffcdd32b8110abef32f8c2b35ebb008138503c21f978c1254e
eadfd805a4fbf7e371cbd9f3fe370b2892eb655c13d7438ec5a4273db9682ba0
ec6bdda661b7ea8124f3a715465fe4dd7242f36c16138aa8ebd4d263b7bffb57
ee20c184a969f1331cb4dd2f1961c76a1f9016db7da19d7e4034c040a1afe730
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f8d3f7ebe46b930b5faa9193377f9bfeee6047515aae432f100148e02bf9a8c3
f9aaec04046015c63309184446f9a2e0c4734ab70652160eef5ada0ae9eeeca7
fab87c1c832760ef2d6dc2fd17730ae19d89d553063408e5c8b26e7fc6ac6264

donate.heritageaction.com Open in urlscan Pro 2606:4700::6813:d359 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

94 %HTTPS

64 %IPv6

19 Domains

25 Subdomains

23 IPs

4 Countries

1619 kBTransfer

4404 kBSize

20 Cookies

5 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

donate.heritageaction.com Open in urlscan Pro
2606:4700::6813:d359 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

94 %
HTTPS

64 %
IPv6

19
Domains

25
Subdomains

23
IPs

4
Countries

1619 kB
Transfer

4404 kB
Size

20
Cookies

54 HTTP transactions
0 data transactions