urlscan.io logo urlscan.io
SecurityTrails logo

act.pfaw.org Open in urlscan Pro
54.67.2.165  Public Scan

Go To Rescan Add Verdict Report
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Submission: On December 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 14 domains to perform 43 HTTP transactions. The main IP is 54.67.2.165, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is act.pfaw.org.
TLS certificate: Issued by R3 on November 16th 2021. Valid for: 3 months.
This is the only time act.pfaw.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    54.67.2.165 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-2-165.us-west-1.compute.amazonaws.com
act.pfaw.org
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    143.204.98.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-84.fra50.r.cloudfront.net
js.braintreegateway.com
5    54.231.192.136 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com
www.paypalobjects.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.29.159.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-159-59.eu-central-1.compute.amazonaws.com
api.braintreegateway.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    35.157.21.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-21-114.eu-central-1.compute.amazonaws.com
client-analytics.braintreegateway.com
7    18.66.248.100 (United States)

ASN16509 (AMAZON-02, US)
assets.braintreegateway.com
1    35.81.31.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
ssl.kaptcha.com
Domain Requested by
7 assets.braintreegateway.com 1 redirects js.braintreegateway.com
assets.braintreegateway.com
6 www.google-analytics.com act.pfaw.org
www.google-analytics.com
5 s3.amazonaws.com act.pfaw.org
5 act.pfaw.org act.pfaw.org
4 client-analytics.braintreegateway.com js.braintreegateway.com
assets.braintreegateway.com
3 js.braintreegateway.com act.pfaw.org
2 www.facebook.com act.pfaw.org
2 connect.facebook.net act.pfaw.org
connect.facebook.net
1 ssl.kaptcha.com js.braintreegateway.com
1 www.google.de act.pfaw.org
1 www.google.com act.pfaw.org
1 stats.g.doubleclick.net www.google-analytics.com
1 api.braintreegateway.com js.braintreegateway.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.paypalobjects.com act.pfaw.org
1 ajax.googleapis.com act.pfaw.org
1 www.googletagmanager.com act.pfaw.org
1 fonts.googleapis.com act.pfaw.org
43 18

This site contains links to these domains. Also see Links.

Domain
www.pfaw.org
help.convio.net
Subject Issuer Validity Valid
www-default.actionkit.com
R3		 2021-11-16 -
2022-02-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
checkout.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-07-07 -
2022-08-07		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-11-03 -
2022-10-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
api.braintreegateway.com
DigiCert SHA2 Extended Validation Server CA		 2021-09-24 -
2022-10-25		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
client-analytics.braintreegateway.com
DigiCert SHA2 High Assurance Server CA		 2020-05-01 -
2022-05-06		 2 years crt.sh
ssl.kaptcha.com
Thawte RSA CA 2018		 2021-11-01 -
2022-11-27		 a year crt.sh

This page contains 5 frames:

Primary Page: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Frame ID: 5F139C48EA6481787E47B009B9C4F13E
Requests: 33 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=undefined&s=823fe6304e1f7d7c8290dfbfc9e2f8be
Frame ID: 8F3524966C3237EBC7D0620A547EE42F
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.5.0/html/hosted-fields-frame.min.html
Frame ID: 6925AC1AE094F59A85E627202539BFCB
Requests: 2 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.5.0/html/hosted-fields-frame.min.html
Frame ID: 45625F9DFE2F0CB20E56C116C26F203F
Requests: 2 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.5.0/html/hosted-fields-frame.min.html
Frame ID: 6C117880C8A63512F8048828DA228B78
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

This Giving Tuesday, Give to Save Democracy | PFAW

Page Statistics

43
Requests

100 %
HTTPS

56 %
IPv6

14
Domains

18
Subdomains

18
IPs

3
Countries

553 kB
Transfer

1454 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://assets.braintreegateway.com/data/logo.htm?m=undefined&s=823fe6304e1f7d7c8290dfbfc9e2f8be HTTP 302
  • https://ssl.kaptcha.com/logo.htm?m=undefined&s=823fe6304e1f7d7c8290dfbfc9e2f8be

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request renew-2022-givingtuesday-em1-r
act.pfaw.org/donate/ 		206 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.2.165 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-2-165.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
f65f964866b59ee0dab0e14606ce5df595d449cf9647daffb449675a71eba913

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 01 Dec 2021 16:01:46 GMT
content-type
text/html; charset=utf-8
server
openresty
vary
Accept-Encoding Cookie, Origin
content-encoding
gzip
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Sanchez%7CRoboto:100,300,400%7COswald:300,400
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af2c1b45edc61693db86860f5a01e446d69bd1c72e3d9e0ff59e4611817d1c12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 16:01:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 16:01:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Dec 2021 16:01:46 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3639
date
Wed, 01 Dec 2021 15:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 01 Dec 2021 17:01:07 GMT
gtm.js
www.googletagmanager.com/ 		151 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5J9DGJ
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bdeaad2a016882226f3739a952a717c81212fa60eb0bb3362b5a2826cc0c2dea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 16:01:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50471
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Dec 2021 16:01:47 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 18:54:59 GMT
x-content-type-options
nosniff
age
162407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93636
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Nov 2022 18:54:59 GMT
actionkit.js
act.pfaw.org/resources/ 		97 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.pfaw.org/resources/actionkit.js
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.2.165 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-2-165.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
58841f582350e995cdccb98ea4bd1104d1c82ea7be9afcc724ed4077a6f2c21b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 16:01:46 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 20:42:06 GMT
server
openresty
etag
W/"615e0a1e-18557"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Thu, 02 Dec 2021 16:01:46 GMT
client.min.js
js.braintreegateway.com/web/3.5.0/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.5.0/js/client.min.js
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-84.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
3ef54c231cdcb28f463621c356250b930c79a82360f6fe9ff9c3ff3c5992fbcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 14:02:04 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:02:57 GMT
server
nginx
age
7182
etag
W/"61a65941-3a8d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
rHXf2T5NUKiJY-ljuMmBfNiKreJEkTXEGKan9G5Ys0zGf8mBWbUqWw==
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
expires
Thu, 02 Dec 2021 14:02:04 GMT
hosted-fields.min.js
js.braintreegateway.com/web/3.5.0/js/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.5.0/js/hosted-fields.min.js
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-84.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
75af324bf5e8e312337b2b9a006ed99aed194e6fc22616105f2c2fe2d34f57f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 16:01:46 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:02:57 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
W/"61a65941-6a75"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
DBYBuMOoNarlRltj9ak6c-8NnJkZpUALGfBtWSBWxTbszCqq1THxZw==
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
expires
Thu, 02 Dec 2021 14:56:29 GMT
data-collector.min.js
js.braintreegateway.com/web/3.5.0/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.5.0/js/data-collector.min.js
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-84.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
4c101cbc6a4053fc048e5be9a5a588c9573489198d7ed0fbcfce4d9cc6a36362

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 16:01:46 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:02:57 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
W/"61a65941-5180"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
XY02Uv4hvHKLTbNH-Q9kygJsTW5UvpBJPEdOEbRySd57W-QpayFgOQ==
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
expires
Thu, 02 Dec 2021 15:39:34 GMT
ak_braintree_vzero.js
act.pfaw.org/resources/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.pfaw.org/resources/ak_braintree_vzero.js
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.2.165 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-2-165.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
b0e6490ff469608c304fd1b538dc48514df06c9938cb838a7839f61768aa5baf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 16:01:46 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 20:42:06 GMT
server
openresty
etag
W/"615e0a1e-4065"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Thu, 02 Dec 2021 16:01:46 GMT
pfaw_logo2017.png
s3.amazonaws.com/s3.pfaw.org/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.pfaw.org/images/pfaw_logo2017.png
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.192.136 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a1d0913c8f945b52958b5e5feb664218a5700926fa607b86bbbe7db1bd87a2f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 16:01:48 GMT
Last-Modified
Wed, 28 Jun 2017 13:26:56 GMT
Server
AmazonS3
x-amz-request-id
6M336CG662HBTKRH
ETag
"9fa81a5ec35759ff3eafbf5bcd778a22"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
17980
x-amz-id-2
euJaysuTy/qKPjUwfmGKTvY6+kbRVaXGqPQN/5tbFIuOHw+2Qt3dHPUp3rRLxOL7/rzTVT/SQVU=
PP_logo_h_100x26.png
www.paypalobjects.com/webstatic/en_US/i/buttons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/en_US/i/buttons/PP_logo_h_100x26.png
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
2c82de960251ec5c3961c8c90967be69692d6974f71f990af716aa66be8c12d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 16:01:47 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
1644
etag
"53d0461e-ada"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
last-modified
Tue, 26 Oct 2021 12:19:40 GMT
content-length
1052
server
Akamai Image Manager
expires
Thu, 02 Dec 2021 04:01:47 GMT
visa.png
s3.amazonaws.com/s3.pfaw.org/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.pfaw.org/images/visa.png
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.192.136 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1c8a64a8ad2af0dd7a27a4c3bb7d319f873c0caf2faf5f2f0587e1df6905a12d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 16:01:48 GMT
Last-Modified
Wed, 28 Jun 2017 13:19:55 GMT
Server
AmazonS3
x-amz-request-id
6M36BMR87RW6RFEE
ETag
"3ddc4a4d25c946e8ad7e6998f30fd4e3"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3182
x-amz-id-2
IgRLaeD/kY2/AGvFYhZq3aoLEO0FSwx8+ENbL3vKBmV/5G5aKiUvvLITH2ipQ/nKPECBTCPYmWI=
mastercard.png
s3.amazonaws.com/s3.pfaw.org/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.pfaw.org/images/mastercard.png
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.192.136 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
93da9e6de248ab67047f4d1af7c25a8dc683bc63503b02a00aa238ba31fa8508

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 16:01:48 GMT
Last-Modified
Wed, 28 Jun 2017 13:19:55 GMT
Server
AmazonS3
x-amz-request-id
6M37AACB54YC8A64
ETag
"6f6cdc29ee2e22e06b1ac029cb52ef71"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4154
x-amz-id-2
bovjHcz83R38f62DUjCBsX38mo6Fv+39OfFM4x9fIIiutn4L0jZznvGtMePwdPbP0JfwRTzEoHY=
amex.png
s3.amazonaws.com/s3.pfaw.org/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.pfaw.org/images/amex.png
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.192.136 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1d28da434924222185b60f26a4129c23d0561e46ca9a012ecb36164ba3b04d9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 16:01:48 GMT
Last-Modified
Wed, 28 Jun 2017 13:19:57 GMT
Server
AmazonS3
x-amz-request-id
6M3BB731RJ50F92F
ETag
"c49a4247984b3732a4af50a3390aa978"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
6415
x-amz-id-2
PFnLt93GXW9BytV6kyXinz24yKsNsFDPbNQQwl7JjtnTidqZnhLzXsq40th7uUuGJCfAHaAQal4=
discover.png
s3.amazonaws.com/s3.pfaw.org/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.pfaw.org/images/discover.png
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.192.136 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
fe88bb3ee9b37758bd59ba19db61b82040f856507a1f70439c30fe495a56bea2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 16:01:48 GMT
Last-Modified
Wed, 28 Jun 2017 13:20:48 GMT
Server
AmazonS3
x-amz-request-id
6M333K0RCK91J2Q5
ETag
"6c0a386a00307f87db7bea366cca35f5"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3516
x-amz-id-2
eBT3dx4LxsKvKX5oj75fXLv4dZSARxBvHnoKvZi60XjbGf/3EmhSehXjy8uEgO0+ozTI5GvHf1U=
paypal-logo-1.svg
act.pfaw.org/media/modern/ 		15 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.pfaw.org/media/modern/paypal-logo-1.svg
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.2.165 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-2-165.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
7de5756f03a1c6def8c81d6c0efc4760f2380d25f1e87495b24d4d087394c2ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 16:01:47 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 20:42:06 GMT
server
openresty
etag
W/"615e0a1e-3dc9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
expires
Thu, 02 Dec 2021 16:01:47 GMT
js
www.google-analytics.com/gtm/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-5BNWG4X&cid=865140503.1638374507
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
160fab257d41715a623b40463dea7a2289f987d391b9331a02078a8afd46cc3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 16:01:47 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38342
x-xss-protection
0
expires
Wed, 01 Dec 2021 16:01:47 GMT
Ycm2sZJORluHnXbIfmlR_Q.woff2
fonts.gstatic.com/s/sanchez/v8/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sanchez/v8/Ycm2sZJORluHnXbIfmlR_Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Sanchez%7CRoboto:100,300,400%7COswald:300,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c48052417d438da7c04abe26d0c540551203d77097e86e81577bcb4306d2e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://act.pfaw.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 26 Nov 2021 13:42:54 GMT
x-content-type-options
nosniff
age
440333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12792
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 04:36:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 26 Nov 2022 13:42:54 GMT
renew-2022-givingtuesday-em1-r
act.pfaw.org/context/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.pfaw.org/context/renew-2022-givingtuesday-em1-r?callback=actionkit.forms.onContextLoaded&form_name=act&required=email&required=country&required=first_name&required=last_name&required=address1&required=city&required=state&required=zip&required=email&required=card_num&required=exp_date_month&required=exp_date_year&required=card_code&r=0.15060205005607696&url=https%3A%2F%2Fact.pfaw.org%2Fdonate%2Frenew-2022-givingtuesday-em1-r
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/resources/actionkit.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.2.165 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-2-165.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
649b253c75c6b602e536d7a13950b903bc14acd89e47a1b303b34d16240e6ba6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 16:01:47 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding, Cookie, Origin
content-type
text/javascript
configuration
api.braintreegateway.com/merchants/t7dfq8snccd87ysh/client_api/v1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.braintreegateway.com/merchants/t7dfq8snccd87ysh/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2Mzg0NjA5MDYsImp0aSI6IjAwYzVjMTNlLTgxZjgtNGYyNC05ODU2LWQ5YWI1Y2MyMGMwYiIsInN1YiI6InQ3ZGZxOHNuY2NkODd5c2giLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InQ3ZGZxOHNuY2NkODd5c2giLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnsibWVyY2hhbnRfYWNjb3VudF9pZCI6IlBlb3BsZUZvcnRoZUFtZXJpY2FuV2F5X2luc3RhbnQifX0.jJwaEAzpklDmCJVb-NUDMcyOfF0cTdtHZrTUYXr_gQmfAaY9eZacf5feolqulygSmx-xsHYCMajanp-fWvlJUQ&_meta%5BmerchantAppId%5D=act.pfaw.org&_meta%5Bplatform%5D=web&_meta%5BsdkVersion%5D=3.5.0&_meta%5Bsource%5D=client&_meta%5Bintegration%5D=custom&_meta%5BintegrationType%5D=custom&_meta%5BsessionId%5D=ef46c9ea-c439-4496-af85-0c4cf0435a4f&braintreeLibraryVersion=braintree%2Fweb%2F3.5.0&configVersion=3
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.5.0/js/client.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.29.159.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-159-59.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c2a584cfc7f328ce261b02f19552762ba5ef98de43be60ea54f3ddd0c771e06e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 16:01:47 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
server
nginx
X-Frame-Options
DENY
vary
Braintree-Version, Accept-Encoding
Content-Type
application/json
access-control-allow-origin
https://act.pfaw.org
Cache-Control
no-cache, no-store
braintree-version
2016-10-07
paypal-debug-id
f7b84c93353b4
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Length
1240
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
kd9Sg4FgO7ZhSnJR/k++pTnOunWN39m2CphERX4buBbT/+ZMCgXOYPz6UnmnxAY9ND4HM5Gy4amZiUcBSgg+WA==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 01 Dec 2021 16:01:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=372757268&t=pageview&_s=1&dl=https%3A%2F%2Fact.pfaw.org%2Fdonate%2Frenew-2022-givingtuesday-em1-r&ul=en-us&de=UTF-8&dt=This%20Giving%20Tuesday%2C%20Give%20to%20Save%20Democracy%20%7C%20PFAW&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDACEADRAAAAC~&jid=870142188&gjid=640638569&cid=865140503.1638374507&tid=UA-3966415-1&_gid=743615207.1638374507&_r=1&_slc=1&z=1967498223
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.pfaw.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 16:01:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://act.pfaw.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=372757268&t=pageview&_s=1&dl=https%3A%2F%2Fact.pfaw.org%2Fdonate%2Frenew-2022-givingtuesday-em1-r&ul=en-us&de=UTF-8&dt=This%20Giving%20Tuesday%2C%20Give%20to%20Save%20Democracy%20%7C%20PFAW&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDACEADRAAAAC~&jid=1445284351&gjid=404901207&cid=865140503.1638374507&tid=UA-3966415-3&_gid=743615207.1638374507&_r=1&_slc=1&z=878767586
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.pfaw.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 16:01:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://act.pfaw.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=372757268&t=pageview&_s=1&dl=https%3A%2F%2Fact.pfaw.org%2Fdonate%2Frenew-2022-givingtuesday-em1-r&ul=en-us&de=UTF-8&dt=This%20Giving%20Tuesday%2C%20Give%20to%20Save%20Democracy%20%7C%20PFAW&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAAC~&jid=1231199326&gjid=136221529&cid=865140503.1638374507&tid=UA-3966415-3&_gid=743615207.1638374507&_r=1&gtm=2wgba15J9DGJ&z=1486843624
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.pfaw.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 16:01:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://act.pfaw.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=372757268&t=event&ni=0&_s=1&dl=https%3A%2F%2Fact.pfaw.org%2Fdonate%2Frenew-2022-givingtuesday-em1-r&ul=en-us&de=UTF-8&dt=This%20Giving%20Tuesday%2C%20Give%20to%20Save%20Democracy%20%7C%20PFAW&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Learn%20More&ea=Clicked&el=((Page%20path))&_u=aGHACEADRAAAAC~&jid=941311079&gjid=835402038&cid=865140503.1638374507&tid=UA-123453-1&_gid=743615207.1638374507&_r=1&gtm=2wgba15J9DGJ&z=1934857755
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.pfaw.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 16:01:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://act.pfaw.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3966415-1&cid=865140503.1638374507&jid=870142188&gjid=640638569&_gid=743615207.1638374507&_u=KGDACEACRAAAAC~&z=1282837682
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.pfaw.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 01 Dec 2021 16:01:47 GMT
content-type
text/plain
access-control-allow-origin
https://act.pfaw.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1519865758274638
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1519865758274638?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
692c78007d369790209c2ab39f71da99281294c314c153e08c9e5c996ab2bbf6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88922
x-xss-protection
0
pragma
public
x-fb-debug
QZJIVGTT8juDQ3p58sXwNN1KD6Nnn3T642up6zqBqAUykFWVvKi2rVF4zPMO5ywHi74B3N5bI8aIxnhNGT5WvQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 01 Dec 2021 16:01:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1519865758274638&ev=PageView&dl=https%3A%2F%2Fact.pfaw.org%2Fdonate%2Frenew-2022-givingtuesday-em1-r&rl=&if=false&ts=1638374507263&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638374507262.1125352192&it=1638374507216&coo=false&rqm=GET
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 16:01:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 01 Dec 2021 16:01:47 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3966415-1&cid=865140503.1638374507&jid=870142188&_u=KGDACEACRAAAAC~&z=1705398047
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 16:01:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3966415-1&cid=865140503.1638374507&jid=870142188&_u=KGDACEACRAAAAC~&z=1705398047
Requested by
Host: act.pfaw.org
URL: https://act.pfaw.org/donate/renew-2022-givingtuesday-em1-r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 16:01:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t7dfq8snccd87ysh
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t7dfq8snccd87ysh
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.21.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-21-114.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://act.pfaw.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://act.pfaw.org
Access-Control-Max-Age
3000
Date
Wed, 01 Dec 2021 16:01:47 GMT
Server
nginx
Content-Length
0
Connection
keep-alive
t7dfq8snccd87ysh
client-analytics.braintreegateway.com/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t7dfq8snccd87ysh
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.5.0/js/client.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.21.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-21-114.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://act.pfaw.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 01 Dec 2021 16:01:47 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://act.pfaw.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
logo.htm
ssl.kaptcha.com/ Frame 8F35
Redirect Chain
  • https://assets.braintreegateway.com/data/logo.htm?m=undefined&s=823fe6304e1f7d7c8290dfbfc9e2f8be
  • https://ssl.kaptcha.com/logo.htm?m=undefined&s=823fe6304e1f7d7c8290dfbfc9e2f8be
41 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.kaptcha.com/logo.htm?m=undefined&s=823fe6304e1f7d7c8290dfbfc9e2f8be
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.5.0/js/data-collector.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache no-store must-revalidate private
Content-Type
text/html
Expires
0
Pragma
no-cache
X-Correlation-Id
06e1cf77-427c-4ff1-ada4-adf4b4dbbd90
Date
Wed, 01 Dec 2021 16:01:48 GMT
Content-Length
41

Redirect headers

content-type
text/html
content-length
154
location
https://ssl.kaptcha.com/logo.htm?m=undefined&s=823fe6304e1f7d7c8290dfbfc9e2f8be
server
nginx
date
Wed, 01 Dec 2021 16:01:48 GMT
expires
Thu, 02 Dec 2021 16:01:48 GMT
cache-control
max-age=86400
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
3M86VL7N5kpK_jUZ0i6ANrj4n6Bsm2lo06MEk9FQW_J6ztOZ9X29CQ==
hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.5.0/html/ Frame 6925 		570 B
962 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.5.0/html/hosted-fields-frame.min.html
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.5.0/js/hosted-fields.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
67f20a9a136012a0c8c0e51d7117670df3cf1422429192ea5fdb33f217c0936b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/

Response headers

content-type
text/html
content-length
570
server
nginx
date
Wed, 01 Dec 2021 10:21:38 GMT
last-modified
Tue, 30 Nov 2021 17:02:57 GMT
etag
"61a65941-23a"
expires
Thu, 02 Dec 2021 10:21:38 GMT
cache-control
max-age=86400
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-cache
Hit from cloudfront
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
VoIbV480NM607FPMKqMoLa3XCSYeqOyybS_uOOba_fvz8QHomSoKgQ==
age
20409
hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.5.0/html/ Frame 4562 		570 B
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.5.0/html/hosted-fields-frame.min.html
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.5.0/js/hosted-fields.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
67f20a9a136012a0c8c0e51d7117670df3cf1422429192ea5fdb33f217c0936b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/

Response headers

content-type
text/html
content-length
570
server
nginx
date
Wed, 01 Dec 2021 10:21:38 GMT
last-modified
Tue, 30 Nov 2021 17:02:57 GMT
etag
"61a65941-23a"
expires
Thu, 02 Dec 2021 10:21:38 GMT
cache-control
max-age=86400
strict-transport-security
max-age=31536000
accept-ranges
bytes
x-cache
Hit from cloudfront
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
orbDdENjlbc9HzFZVVRRA4n5TdCkgcgWG9KwPVOleQgACCwud6xC-Q==
age
20409
hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.5.0/html/ Frame 6C11 		570 B
955 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.5.0/html/hosted-fields-frame.min.html
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.5.0/js/hosted-fields.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
67f20a9a136012a0c8c0e51d7117670df3cf1422429192ea5fdb33f217c0936b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/

Response headers

content-type
text/html
content-length
570
server
nginx
last-modified
Tue, 30 Nov 2021 17:02:57 GMT
strict-transport-security
max-age=31536000
accept-ranges
bytes
date
Wed, 01 Dec 2021 16:01:47 GMT
expires
Thu, 02 Dec 2021 10:21:38 GMT
cache-control
max-age=86400
etag
"61a65941-23a"
x-cache
Hit from cloudfront
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
uxrT7GaWsVBix4Q2WvinYZPmQIwmvUZ_SXYWuUZmM4HMwP3QYORDHg==
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1519865758274638&ev=Microdata&dl=https%3A%2F%2Fact.pfaw.org%2Fdonate%2Frenew-2022-givingtuesday-em1-r&rl=&if=false&ts=1638374507765&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22This%20Giving%20Tuesday%2C%20Give%20to%20Save%20Democracy%20%7C%20PFAW%22%2C%22meta%3Adescription%22%3A%22ALL%20DONATIONS%203X-MATCHED!%20Please%20use%20this%20Giving%20Tuesday%20to%20give%20the%20gift%20of%20democracy%20to%20future%20generations%20...%20the%20gift%20of%20securing%20and%20protecting%20fundamental%20rights%20...%20the%20gift%20of%20ensuring%20that%20our%20nation%20rejects%20hate%20in%20favor%20of%20the%20values%20that%20unite%20us%20and%20make%20America%20truly%20great.%20YES!%20Renew%20my%202022%20support%20with%20my%20membership%20donation%20right%20now.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22This%20Giving%20Tuesday%2C%20Give%20to%20Save%20Democracy%22%2C%22og%3Adescription%22%3A%22ALL%20DONATIONS%203X-MATCHED!%20Please%20use%20this%20Giving%20Tuesday%20to%20give%20the%20gift%20of%20democracy%20to%20future%20generations%20...%20the%20gift%20of%20securing%20and%20protecting%20fundamental%20rights%20...%20the%20gift%20of%20ensuring%20that%20our%20nation%20rejects%20hate%20in%20favor%20of%20the%20values%20that%20unite%20us%20and%20make%20America%20truly%20great.%20YES!%20Renew%20my%202022%20support%20with%20my%20membership%20donation%20right%20now.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fact.pfaw.org%2Fdonate%2Frenew-2022-givingtuesday-em1-r%22%2C%22og%3Asite_name%22%3A%22PFAW%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638374507262.1125352192&it=1638374507216&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.pfaw.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 16:01:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 01 Dec 2021 16:01:47 GMT
hosted-fields-internal.min.js
assets.braintreegateway.com/web/3.5.0/js/ Frame 6925 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.5.0/js/hosted-fields-internal.min.js
Requested by
Host: assets.braintreegateway.com
URL: https://assets.braintreegateway.com/web/3.5.0/html/hosted-fields-frame.min.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4cd76fc849b450935dc8742967e6bb8ea02e7b87f085644f455faf8a0d52bc1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.braintreegateway.com/web/3.5.0/html/hosted-fields-frame.min.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 08:03:17 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:02:57 GMT
server
nginx
age
28710
etag
W/"61a65941-ff46"
vary
Accept-Encoding
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
wpWW7qtXuIOwljNA88iPc5tsUyRKxuXUnCgYWHrwYD2u5uADEL-OXA==
expires
Thu, 02 Dec 2021 08:03:17 GMT
hosted-fields-internal.min.js
assets.braintreegateway.com/web/3.5.0/js/ Frame 4562 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.5.0/js/hosted-fields-internal.min.js
Requested by
Host: assets.braintreegateway.com
URL: https://assets.braintreegateway.com/web/3.5.0/html/hosted-fields-frame.min.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4cd76fc849b450935dc8742967e6bb8ea02e7b87f085644f455faf8a0d52bc1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.braintreegateway.com/web/3.5.0/html/hosted-fields-frame.min.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 08:03:17 GMT
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:02:57 GMT
server
nginx
age
28710
etag
W/"61a65941-ff46"
vary
Accept-Encoding
strict-transport-security
max-age=31536000
content-type
application/javascript
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
4Te9oGDdBWhUdsAFLrYqWfOzg-YAnFqTzH_IvRV3EpCNRSAKCkjdgg==
expires
Thu, 02 Dec 2021 08:03:17 GMT
hosted-fields-internal.min.js
assets.braintreegateway.com/web/3.5.0/js/ Frame 6C11 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.5.0/js/hosted-fields-internal.min.js
Requested by
Host: assets.braintreegateway.com
URL: https://assets.braintreegateway.com/web/3.5.0/html/hosted-fields-frame.min.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4cd76fc849b450935dc8742967e6bb8ea02e7b87f085644f455faf8a0d52bc1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.braintreegateway.com/web/3.5.0/html/hosted-fields-frame.min.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 30 Nov 2021 17:02:57 GMT
server
nginx
x-amz-cf-pop
DUS51-P1
etag
W/"61a65941-ff46"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 01 Dec 2021 16:01:47 GMT
x-amz-cf-id
P8OAYVGN14h135fNrpbI_MhYstnDkX73m6Hc9u597EeDnYDcN1sAqg==
expires
Thu, 02 Dec 2021 08:03:17 GMT
t7dfq8snccd87ysh
client-analytics.braintreegateway.com/ Frame 6C11 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t7dfq8snccd87ysh
Requested by
Host: assets.braintreegateway.com
URL: https://assets.braintreegateway.com/web/3.5.0/js/hosted-fields-internal.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.21.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-21-114.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://assets.braintreegateway.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 01 Dec 2021 16:01:47 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://assets.braintreegateway.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
t7dfq8snccd87ysh
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/t7dfq8snccd87ysh
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.21.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-21-114.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://assets.braintreegateway.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://assets.braintreegateway.com
Access-Control-Max-Age
3000
Date
Wed, 01 Dec 2021 16:01:47 GMT
Server
nginx
Content-Length
0
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| startTime object| dataLayer string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| actionkit function| country_change function| actionkit_recaptcha_loaded function| actionkit_recaptcha_completed function| tmpl object| jQuery1830897734940676562 function| clear_radio_buttons function| clear_other function| product_info function| update_total function| highlight_selected_amount_button function| redraw_currency_symbol object| address_fields function| toggle_shipping function| clear_shipping function| sync_to_shipping number| three_step_initialized function| three_step_reveal function| focus_field_if_blank boolean| step_has_errors function| three_step_advance function| three_step_goto function| validate_product_count boolean| doing_step_validation object| validate_fields function| validate_step function| do_validate_credit_card function| step_3_validation function| step_2_validation function| step_1_validation function| actionkitValidationErrors function| three_step_initialize function| product_ids function| product_infos function| calculate_product_subtotals function| valid_credit_card function| valid_credit_card_code object| email_regExp function| valid_email function| submit_paypal function| submit_cc object| braintree function| unesc object| pair object| global_error function| getParam string| key function| esc object| Fx object| fx object| mr object| Mr boolean| upsellSwitch boolean| upsellAnnual function| showUpsell function| actionkitFormReady object| google_tag_manager object| google_optimize function| fbq function| _fbq object| optimizely

9 Cookies

Domain/Path Name / Value
.pfaw.org/ Name: _ga
Value: GA1.2.865140503.1638374507
.pfaw.org/ Name: _gid
Value: GA1.2.743615207.1638374507
.pfaw.org/ Name: _gat
Value: 1
.pfaw.org/ Name: _gat_GlobalTracker
Value: 1
.act.pfaw.org/ Name: _ga
Value: GA1.3.865140503.1638374507
.act.pfaw.org/ Name: _gid
Value: GA1.3.743615207.1638374507
.act.pfaw.org/ Name: _gat_UA-3966415-3
Value: 1
.act.pfaw.org/ Name: _gat_UA-123453-1
Value: 1
.pfaw.org/ Name: _fbp
Value: fb.1.1638374507262.1125352192

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.pfaw.org
ajax.googleapis.com
api.braintreegateway.com
assets.braintreegateway.com
client-analytics.braintreegateway.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js.braintreegateway.com
s3.amazonaws.com
ssl.kaptcha.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.paypalobjects.com
104.111.228.123
143.204.98.84
18.66.248.100
2a00:1450:4001:801::200a
2a00:1450:4001:810::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.157.21.114
35.81.31.24
52.29.159.59
54.231.192.136
54.67.2.165
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160fab257d41715a623b40463dea7a2289f987d391b9331a02078a8afd46cc3c
1c8a64a8ad2af0dd7a27a4c3bb7d319f873c0caf2faf5f2f0587e1df6905a12d
1d28da434924222185b60f26a4129c23d0561e46ca9a012ecb36164ba3b04d9e
2c82de960251ec5c3961c8c90967be69692d6974f71f990af716aa66be8c12d2
3ef54c231cdcb28f463621c356250b930c79a82360f6fe9ff9c3ff3c5992fbcc
4c101cbc6a4053fc048e5be9a5a588c9573489198d7ed0fbcfce4d9cc6a36362
4cd76fc849b450935dc8742967e6bb8ea02e7b87f085644f455faf8a0d52bc1c
58841f582350e995cdccb98ea4bd1104d1c82ea7be9afcc724ed4077a6f2c21b
5c48052417d438da7c04abe26d0c540551203d77097e86e81577bcb4306d2e9b
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
649b253c75c6b602e536d7a13950b903bc14acd89e47a1b303b34d16240e6ba6
67f20a9a136012a0c8c0e51d7117670df3cf1422429192ea5fdb33f217c0936b
692c78007d369790209c2ab39f71da99281294c314c153e08c9e5c996ab2bbf6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75af324bf5e8e312337b2b9a006ed99aed194e6fc22616105f2c2fe2d34f57f6
7de5756f03a1c6def8c81d6c0efc4760f2380d25f1e87495b24d4d087394c2ae
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
93da9e6de248ab67047f4d1af7c25a8dc683bc63503b02a00aa238ba31fa8508
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d0913c8f945b52958b5e5feb664218a5700926fa607b86bbbe7db1bd87a2f7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2c1b45edc61693db86860f5a01e446d69bd1c72e3d9e0ff59e4611817d1c12
b0e6490ff469608c304fd1b538dc48514df06c9938cb838a7839f61768aa5baf
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bdeaad2a016882226f3739a952a717c81212fa60eb0bb3362b5a2826cc0c2dea
c2a584cfc7f328ce261b02f19552762ba5ef98de43be60ea54f3ddd0c771e06e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f65f964866b59ee0dab0e14606ce5df595d449cf9647daffb449675a71eba913
fe88bb3ee9b37758bd59ba19db61b82040f856507a1f70439c30fe495a56bea2