events.childrens-specialized.org Open in urlscan Pro
2606:4700::6812:f62 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Submission: On January 30 via api (January 30th 2024, 4:37:59 pm UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 15 domains to perform 83 HTTP transactions. The main IP is 2606:4700::6812:f62, located in United States and belongs to CLOUDFLARENET, US. The main domain is events.childrens-specialized.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2023. Valid for: a year.

This is the only time events.childrens-specialized.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6812:f62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2606:4700::68... 2606:4700::6812:6f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:be27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	76.223.13.31 76.223.13.31	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
13	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	35.156.2.107 35.156.2.107	16509 (AMAZON-02) (AMAZON-02)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
1	2a04:4e42:400... 2a04:4e42:400::291	54113 (FASTLY) (FASTLY)
4	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
83	21

1 2606:4700::6812:f62 (United States)

ASN13335 (CLOUDFLARENET, US)

events.childrens-specialized.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700::6812:6f3 (United States)

ASN13335 (CLOUDFLARENET, US)

donordrivecontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:be27 (United States)

ASN13335 (CLOUDFLARENET, US)

static.donordrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.13.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.156.2.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-2-107.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	donordrivecontent.com donordrivecontent.com	315 KB
18	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 3015 c.paypal.com — Cisco Umbrella Rank: 7660 b.stats.paypal.com — Cisco Umbrella Rank: 6369 dub.stats.paypal.com — Cisco Umbrella Rank: 29378 c6.paypal.com — Cisco Umbrella Rank: 9116 t.paypal.com — Cisco Umbrella Rank: 3523	321 KB
11	braintreegateway.com js.braintreegateway.com — Cisco Umbrella Rank: 9167 client-analytics.braintreegateway.com — Cisco Umbrella Rank: 9471	45 KB
4	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2611	34 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	339 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 9839	904 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	69 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369 fonts.googleapis.com — Cisco Umbrella Rank: 28	32 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	357 B
1	gstatic.com fonts.gstatic.com	33 KB
1	donordrive.com static.donordrive.com	18 KB
1	childrens-specialized.org events.childrens-specialized.org	28 KB
0	watchthem.live Failed service.watchthem.live Failed
83	15

	Domain	Requested by
31	donordrivecontent.com	events.childrens-specialized.org donordrivecontent.com
8	client-analytics.braintreegateway.com	js.braintreegateway.com
8	www.paypal.com	donordrivecontent.com www.paypal.com www.paypalobjects.com
5	c.paypal.com	js.braintreegateway.com c.paypal.com
4	www.paypalobjects.com	events.childrens-specialized.org www.paypal.com www.paypalobjects.com
4	www.googletagmanager.com	events.childrens-specialized.org www.googletagmanager.com
3	js.braintreegateway.com	ajax.googleapis.com
2	t.paypal.com	events.childrens-specialized.org
2	region1.google-analytics.com	www.googletagmanager.com
2	payments.braintree-api.com	js.braintreegateway.com
2	connect.facebook.net	events.childrens-specialized.org connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	c6.paypal.com	events.childrens-specialized.org
1	dub.stats.paypal.com	events.childrens-specialized.org
1	b.stats.paypal.com	1 redirects
1	www.facebook.com	events.childrens-specialized.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	static.donordrive.com
1	ajax.googleapis.com	events.childrens-specialized.org
1	static.donordrive.com	events.childrens-specialized.org
1	events.childrens-specialized.org
0	service.watchthem.live Failed	www.googletagmanager.com
83	23

This site contains links to these domains. Also see Links.

Domain
ecbevents.com
one.bidpal.net
www.donordrive.com

Subject Issuer	Validity	Valid
childrens-specialized.org Cloudflare Inc ECC CA-3	`2023-07-16` - `2024-07-15`	a year	crt.sh
donordrivecontent.com E1	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.donordrive.com Thawte RSA CA 2018	`2023-02-13` - `2024-03-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-08` - `2024-02-06`	3 months	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2023-08-23` - `2024-09-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
client-analytics.braintreegateway.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-24` - `2025-01-23`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Frame ID: 578A8854CCC8548642C57015AAF96872
Requests: 65 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 6331D2CA6D9244AEE63FF3B123440245
Requests: 4 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=584aef81732b19b1bc98d3db955ad145&t=1706632674.067&a=14
Frame ID: C052C804FD23008F77AE7BA81DEAB5CE
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=checkout&style.layout=horizontal&style.color=blue&style.shape=pill&style.tagline=true&style.menuPlacement=below&sdkVersion=5.0.421&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpuN3U3b1liODJoOG1Ed19KMFZQcnhReFAxTnNGN2lMaXpnS3hlN2ZjSjNteExucUhGTUs3MEZiX3RIX2YwS1FCc09SQVdPUlIzWHQ4TDUmdmF1bHQ9dHJ1ZSZjb21taXQ9dHJ1ZSZpbnRlbnQ9Y2FwdHVyZSZkaXNhYmxlLWZ1bmRpbmc9cGF5bGF0ZXImY3VycmVuY3k9VVNEJmxvY2FsZT1lbl9VUyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xvYW5ucWt6YnBsanZ4cmFtcXFmenpqcnRpa2h4ZSJ9fQ&clientID=AZn7u7oYb82h8mDw_J0VPrxQxP1NsF7iLizgKxe7fcJ3mxLnqHFMK70Fb_tH_f0KQBsORAWORR3Xt8L5&sdkCorrelationID=f761689e37455&storageID=uid_7a6180c05d_mty6mzc6ntq&sessionID=uid_e83fa36cf7_mty6mzc6ntq&buttonSessionID=uid_9574523d80_mty6mzc6ntq&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=paylater&renderedButtons.0=paypal&clientMetadataID=uid_e83fa36cf7_mty6mzc6ntq&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
Frame ID: 8621C8EE0046CCBD5A75310CE3D2CB0C
Requests: 5 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-white.svg
Frame ID: 884B51F4A1782DF34520111E12A58A7F
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: B9AA1D35A950B4EC9F03C67CB1CA5123
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Children's Specialized Hospital Foundation - Make a Donation

Detected technologies

Adobe ColdFusion (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.cfm(?:$|\?)

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

83
Requests

98 %
HTTPS

65 %
IPv6

15
Domains

23
Subdomains

21
IPs

3
Countries

1255 kB
Transfer

4051 kB
Size

19
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://ecbevents.com/
Title: EAT CLEAN BRO Gala

Search URL Search Domain Scan URL

URL: https://one.bidpal.net/cshclays2/welcome
Title: Sporting Clays Classic at Hudson Farm

Search URL Search Domain Scan URL

URL: https://one.bidpal.net/open8/welcome
Title: 8th Annual Golf Open

Search URL Search Domain Scan URL

URL: http://www.donordrive.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=584aef81732b19b1bc98d3db955ad145&t=1706632674.067&a=14 HTTP 302
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=584aef81732b19b1bc98d3db955ad145&t=1706632674.067&a=14

83 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.cfm Show response
events.childrens-specialized.org/ 106 KB
28 KB 810ms
718ms Document
text/html 2606:4700::6812:f62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae35b70dd0112c55987cc2278dc7e39e624a86a419cf35c7e68847de6b97d357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84db2456ff8c2c55-FRA
content-encoding: gzip
content-language: en-US
content-type: text/html;charset=UTF-8
date: Tue, 30 Jan 2024 16:37:52 GMT
expires: {ts '2024-01-30 16:37:52'}
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin

GET
H2 200 dd-public.css
donordrivecontent.com/resources/css/ 166 KB
31 KB 114ms
32ms Stylesheet
text/css 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/css/dd-public.css?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55fe72b497a1654c020741e80a24f53e9c5d14f1df57998a43383afaaf62b7ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
x-amz-version-id: DmcShIuGTGmNmlg9RJN7wKIspgwyTGKy
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: C5GBJ77PNSWC1BYW
age: 1706
cf-polished: origSize=203600
alt-svc: h3=":443"; ma=86400
x-amz-id-2: TzB/evtKvs4cApHPaMPT+IY4nsH14Dji0xtlwMcBItS7HmsGUyhrCrmmkQk4EnvFn/CUbw/NWB4=
cf-bgj: minify
last-modified: Mon, 29 Jan 2024 16:31:26 GMT
server: cloudflare
etag: W/"c583df2456c1b02003f0fb02699b3bfd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 84db245c0af89b5e-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 master.css
static.donordrive.com/themes/ascend/css/ 113 KB
18 KB 344ms
233ms Stylesheet
text/css 2606:4700::6812:be27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.donordrive.com/themes/ascend/css/master.css?v=202401291124

Requested by

Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:be27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b6ca21331b109f8d9f45457385df75e2bb48b3c5ecb13b86b9f78867063de35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
cf-polished: origSize=137711
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 29 Jan 2024 15:32:33 GMT
server: cloudflare
etag: W/"65b7c511-219ef"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=14400
cf-ray: 84db245c3a313681-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 dd.themeAutoColorContrastChecker.js Show response
donordrivecontent.com/resources/js/ 5 KB
2 KB 398ms
317ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/js/dd.themeAutoColorContrastChecker.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13fe4db9e94a26068ea4dab084ded55554d71a7f1f5161cd05d6231d04856e27

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
x-amz-version-id: vmvFDdM5ysHBTeE9mgI1d2eS55egSh99
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: CPKCPDYN76WZJPCY
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Tj2hXwckj4+bouIUasCen029gNz4KiE1aPSMN4G7LmhzeJhb3HHRu594sz3Gz5BSKCTzd8QFgX8=
last-modified: Mon, 29 Jan 2024 16:31:33 GMT
server: cloudflare
etag: W/"bea633def8531e71f278f8cae205828b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245c0d449b40-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 webfont.js Show response
donordrivecontent.com/resources/js/ 13 KB
6 KB 443ms
362ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/js/webfont.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a9fc07ffaa1b91bb3f7b583161d2b8ff860233fd2421625b21c66e6bfb7355e

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
x-amz-version-id: MBmWs9iOMN50TMXHL15FR7lIjTPNjnxw
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: CPKC6RJ1H2AA29YE
alt-svc: h3=":443"; ma=86400
x-amz-id-2: aM9AD5diDHcG0PHPYM/fP8XHsGjP4h1qHjEYFOHWI0dbqBhe3S8AC4Uq2C76CK6a8Uhqr8qd4/o=
last-modified: Mon, 29 Jan 2024 16:31:34 GMT
server: cloudflare
etag: W/"8ca4b1ecbbce85217250cfc10ec5245b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245c0d509b40-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 design-system.css
donordrivecontent.com/themes/_design-system/public/css/ 349 KB
42 KB 119ms
38ms Stylesheet
text/css 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/themes/_design-system/public/css/design-system.css?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f4f424d2e48d289c254977609bd846b2402b7e515a616d0bed405fe0554e147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
x-amz-version-id: Gxeru4TwDpc2FWQe5MhvRlMWo4a8x9l9
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: YNKD8F7BFPD555ME
age: 4879
cf-polished: origSize=454301
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Xo/Ga88Y7PAlZiSFvq7peloF2QZppXs7rsHNAMsaRZd+0konfA8Fhrgt/WXi7vHiHBaD1quPZuA=
cf-bgj: minify
last-modified: Mon, 29 Jan 2024 16:33:39 GMT
server: cloudflare
etag: W/"0bc6ca58e99f349041945590e20fbeff"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 84db245c0af99b5e-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 13:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 13:08:17 GMT

GET
H2 200 jquery-migrate-3.4.0.min.js Show response
donordrivecontent.com/resources/js/ 13 KB
5 KB 368ms
287ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/js/jquery-migrate-3.4.0.min.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f2939d3343ece8aaad6c2c4a399ae28921fa844b9f9add5dde17c87599df82

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
x-amz-version-id: QCK.12awAvWGoTjFBQr0m.74iV8m4V5I
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: CPKBWBMWG0036N67
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PzQFCOj62oQVDhWG24rj2kNbMNThcNRfdNvBPOi0mzAPftsa5ffFPwqYiT40FhwugeHNJsGWWho=
last-modified: Mon, 29 Jan 2024 16:31:33 GMT
server: cloudflare
etag: W/"feb0a0a848bf63a6533ba8348ae85203"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245c0d469b40-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 dd.min.js Show response
donordrivecontent.com/resources/js/ 87 KB
26 KB 592ms
512ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/js/dd.min.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3a466a1573f0db2f665b71bdb48873e630cd104e7a453acc362e617dd9c6b31

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: .wIDXh7bLQ38kdSfNGrjRZ9cAP9vgwss
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: CPKCARD3BSDWM0Q3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: yyQ1EQNLVCq7porwk5AulZLi4rYmubG0D2qfnsuAzik3Vvwa7NF+stUPT2DcBeSkfCEnVljayd4=
last-modified: Mon, 29 Jan 2024 16:31:33 GMT
server: cloudflare
etag: W/"3e5381cc8b27c30931b11cce3cdb85d1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245c0d489b40-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 donordrive.widget.js Show response
donordrivecontent.com/resources/js/ 7 KB
3 KB 348ms
267ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/js/donordrive.widget.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16878b6eb79de5f968795761ee52262e28ea268527e11a43a32f29d31d508bea

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
x-amz-version-id: B.6SWlH3xwbjneLhHuwQzxPXt1pNuRCj
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: CPK4CCS4DTM41K77
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 7xvfwVGZc52V/B/n4AFWLi3IhkmjMdi8f53yp3r7jjTRYJ5Cz1Dasbg9N9F9E1QF27ei6W2alvY=
last-modified: Mon, 29 Jan 2024 16:31:33 GMT
server: cloudflare
etag: W/"cf9074ea238ba18cf2423478ce070c1b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245c0d4a9b40-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 donordrive.api.js Show response
donordrivecontent.com/resources/js/ 9 KB
2 KB 358ms
277ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/js/donordrive.api.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97f6fa30a57a27509854418dc7a03b209710905fa8258fe0ee9c7c928b8d881b

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
x-amz-version-id: TmR4qxjTyl2CPNZnBjdwb_YKAJOkLaKZ
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: CPK1VZ6J94MVCTKC
alt-svc: h3=":443"; ma=86400
x-amz-id-2: HGUbJRdI7y3K0d3NEjXE50X7rn0UQHDA/eauBmUXG99tcVD6/2SSqmstM0ukLTjDDHsOW1t2ps8=
last-modified: Mon, 29 Jan 2024 16:31:33 GMT
server: cloudflare
etag: W/"7154bc1cbf4f28aa8730c033ba8426f7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245c0d4e9b40-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 banner-image.js Show response
donordrivecontent.com/themes/resources/js/ 2 KB
896 B 267ms
265ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/themes/resources/js/banner-image.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5954ccdf65ec3251f44a6d1c9e7d61545c881f6d5e26030cdd3a1ddab9d4664

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: e4iEWWoTP8VXhBDAO5AZmzwIVTiFt9Wh
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: AV0Q2ZBQWR99D799
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ReiKQGVHHZFJt3MnntKP8FwW9ZZPnRR7qF4ioKaPEQwxQupFLpxCFguUwBD9e3djtaA9ZlMJdco=
last-modified: Mon, 29 Jan 2024 16:34:50 GMT
server: cloudflare
etag: W/"58f7104e430a2798ab64768a40ab352c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245f59cb9b40-FRA
expires: Tue, 30 Jan 2024 20:37:53 GMT

GET
H2 200 dd-forms.css
donordrivecontent.com/resources/css/ 21 KB
5 KB 112ms
31ms Stylesheet
text/css 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/css/dd-forms.css?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49372277b06129abc97f3ff18112073b1cd1d49a2f81be2f038391b9b0d8e550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
x-amz-version-id: QiP8YvZ7AiSvXUw_1yj1IUjdVQWPlJJV
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: XB56BK4RYPKKV8CF
age: 1705
cf-polished: origSize=26329
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pkLEG0rtPAyrn28sGgrJgKI8Hsc7DpWjFTpmONZC6RdFYO+gM3M3Qlr/BIIq1rqc3IpwMG9bqIo=
cf-bgj: minify
last-modified: Mon, 29 Jan 2024 16:31:26 GMT
server: cloudflare
etag: W/"2ad6ec2550fd8b8045ccf593e728bcfb"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 84db245c0afa9b5e-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 jquery.validate.min.js Show response
donordrivecontent.com/resources/js/ 21 KB
7 KB 470ms
390ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/js/jquery.validate.min.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a7c96501f556cdde432cef2c9340c0d9c69c501d534bb3390dc648e93b3a52d

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: Syd.U0GxmSswQmq7UbUppbBQF0vj41t8
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: CPKC8Q2ST429CXYE
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ybn7FXb0DvUqIoalsTVsrm3iTmVlzG+lQq5W2/MOm5GXxrTl9czn8jrbyVP4C4v3HicQrhwNC5A=
last-modified: Mon, 29 Jan 2024 16:31:33 GMT
server: cloudflare
etag: W/"0574b3f332cc48d5a443314e780d378f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245c1d659b40-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 donordrive.form.js Show response
donordrivecontent.com/resources/js/ 14 KB
4 KB 458ms
378ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/js/donordrive.form.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d755d9fffee2857ccf6a2d489659d92548dcef512824ffcf95f1330b46915d91

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: IkcyV17BZ8aYV7FOuV2mQdnnQ_Kr40l3
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: CPK1PQ0ZY2A9HQB8
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Cnkm5J9GAmZLUUzAR9Q1V57OWEuetQBcXA/qKthyGPs8CfTGpVKtGkDAuCrcrmlgeS7Bv2Kg1Ks=
last-modified: Mon, 29 Jan 2024 16:31:33 GMT
server: cloudflare
etag: W/"927cd7d3e1c02ad1cbf5234cfc03591a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245c1d649b40-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 payment.js Show response
donordrivecontent.com/resources/js/payment/ 19 KB
5 KB 457ms
377ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/js/payment/payment.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14c6e372c745f05c1c982ccdb4040aeb8d5a5b6bbb27d4cf731ec2bb5458b1a3

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: 7jDe585XIjdNFoWrEYDiigH4XVjZJYDj
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: CPK2ZXG2QT96JSZV
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ygUi0KuugV+WSPPP6ucujZOMwVcW97aUHT4MqiAwr5zymR85w+ZZkR5CKBiwmkWqQY2C1oTguN8=
last-modified: Mon, 29 Jan 2024 16:31:33 GMT
server: cloudflare
etag: W/"a2e2a8b156a523138393c87832db4a36"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245c0d539b40-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 cc.js Show response
donordrivecontent.com/resources/js/payment/ 4 KB
2 KB 356ms
276ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/js/payment/cc.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d48d2fc15eaa0af1c30f7cd8f02961a04f9fef428ad9aad94198da638fd8e77

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
x-amz-version-id: PiBkatFpZiFrD1RyP.CSTR13Lbk.Iwgw
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: CPK5S3X6TATTE5NC
alt-svc: h3=":443"; ma=86400
x-amz-id-2: rOEqPKwkWfP3wGf7shjgbEDMO4W+gyMpz/fim/DiAVpqJCKMldnaDkVsp5mG4z2yt3IYTNzgKB0=
last-modified: Mon, 29 Jan 2024 16:31:33 GMT
server: cloudflare
etag: W/"4069fd0085d7ffa5ecc25696101eb1d8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245c0d529b40-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 paypal.paypal.js Show response
donordrivecontent.com/resources/js/payment/ 4 KB
2 KB 358ms
278ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/js/payment/paypal.paypal.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dee16cf4a80c95df5642ff0d4171ce0330075d05dbb3094cffc1d21fddffb17

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
x-amz-version-id: inSaTIOqKHELz6Nts3EM.OpvI2vgfnv7
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: CPKBS50C7M6495V2
alt-svc: h3=":443"; ma=86400
x-amz-id-2: WiyvIg65Cr8EbG9wMnTCAX2pKCz4tkWjisBG827uAgwJuhiSdymEIi6ic2jPn+tKDPjyN5jvs1Y=
last-modified: Mon, 29 Jan 2024 16:31:33 GMT
server: cloudflare
etag: W/"fe07196376ab65ac274846e616e0c789"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245c1d629b40-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 venmo.braintree.js Show response
donordrivecontent.com/resources/js/payment/ 8 KB
2 KB 349ms
270ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/js/payment/venmo.braintree.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1625a05067bfc0cf0ad4bffefe38f678fb6dc2eb789e7fa2df196c39362b7945

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
x-amz-version-id: nqE7eH_6V7V_qqfIL7NKjBw3LxCQdGTp
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: CPKEAP87K2B9216E
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PZ1uTHyno7xKl1zGhpff1489qft9VlJ+lX6HCSmcj2Y6wKYbuKaUOCjU0tErqnnZ7BkIDWstL4Y=
last-modified: Mon, 29 Jan 2024 16:31:34 GMT
server: cloudflare
etag: W/"dbc70d1acab7b3ef09346794ae479a91"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245c1d609b40-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 numeral.min.js Show response
donordrivecontent.com/resources/js/ 7 KB
3 KB 380ms
300ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/js/numeral.min.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbf89a33c155d951884b2f5c3687a46cff4fc85f8b595000cb0a2795d4918476

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
x-amz-version-id: L9t_IwnVY1flBUYivMfC7EVuJI0wvjUs
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: CPK1P6ZWQQPZJFR8
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1tYXQvFaUoxoJC+j5rABpW8BPlQEVCszuZPYg25MHxLL29I95kBjvFgcYgRA5/bzvWBYgIL8WWY=
last-modified: Mon, 29 Jan 2024 16:31:33 GMT
server: cloudflare
etag: W/"27afcfdd6e4d0d774951d371eae9e85c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245c1d619b40-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 270 KB
93 KB 84ms
37ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRJTH5C

Requested by

Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce8fb09b51cf2cc34007f104776957263e37644c40667b8704c348097f883851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94692
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jan 2024 16:37:53 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
65 KB 104ms
57ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5CL8LLP

Requested by

Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c65e9bee064369d49586b4f1934dd236d18c876862a7a2ff93e4d96aadff9e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66605
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Jan 2024 16:37:53 GMT

GET
H2 200 logoImage.png
donordrivecontent.com/cshf/images/$event503$/ 94 KB
95 KB 515ms
515ms Image
image/png 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donordrivecontent.com/cshf/images/$event503$/logoImage.png
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af72b09c45f21a261ed48ec3e8f9be3ee08b66a82523d3272c8c7ea06a1ec0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: EpFFxP_4eglJ0_pG.N_sdYqqJBwuSmne
cf-cache-status: MISS
x-amz-request-id: CPK1JFZSV15VMCVA
alt-svc: h3=":443"; ma=86400
content-length: 96541
x-amz-id-2: ZcIAkNgAGezM356U0BzttZTtuzX9A/uMcK662oX1CjofJXAZaAeVN4c1UgYN5DTT/bfHj9ltPN0=
last-modified: Thu, 11 Jan 2024 21:15:16 GMT
server: cloudflare
etag: "354e7fb2f48a33607b02e5059c197a80"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84db245c1b0d9b5e-FRA
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 apple-pay-mark.svg
donordrivecontent.com/resources/img/ 9 KB
4 KB 261ms
261ms Image
image/svg+xml 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donordrivecontent.com/resources/img/apple-pay-mark.svg?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 378a11dc9726c4d22c15856e2933867e1626a9de06bb5742b5c57d0d302d03bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:52 GMT
x-amz-version-id: jKjS3Mz8rjOqRo37XILA3mZyOl.PJ7_R
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 29 Jan 2024 16:31:26 GMT
server: cloudflare
x-amz-request-id: HSSKDF4NEKQDB7HC
etag: W/"3f98ee673874236288f3840608fa1503"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84db245c1b0f9b5e-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: rX70hoY+NWV7KVHDhNRRPYs28QnENgK9CZGmw3aSWdEQrAufQKBmEuknJdxK0Kaa4mdAMcWP51M=
expires: Tue, 30 Jan 2024 20:37:52 GMT

GET
H2 200 cc_gen.svg
donordrivecontent.com/resources/img/ 871 B
627 B 257ms
257ms Image
image/svg+xml 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donordrivecontent.com/resources/img/cc_gen.svg?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde097816ef79381d5bcf732cf9db4d9ba79fbe8df907a977e41a25a04bc02d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: c2MukykTpa7itBfyHwLAwdZQtJPqr5XV
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 29 Jan 2024 16:31:26 GMT
server: cloudflare
x-amz-request-id: VY1J7QDFEBX87ANT
etag: W/"0d684bb27d1c1fd55fec338d5b547e62"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84db245dbd5f9b5e-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 4UxUJCY3akFDKV2qOfgrj3fy0gYsL/x9Qr0Sd4w2g78oEfQiAmuv6KGcwI77220M+PyPeoLi1J8=
expires: Tue, 30 Jan 2024 20:37:53 GMT

GET
H3 200 cc_visa.svg
donordrivecontent.com/resources/img/ 3 KB
2 KB 39ms
36ms Image
image/svg+xml 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donordrivecontent.com/resources/img/cc_visa.svg?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95e3277ccaf4f0927c966b1f639783f7c2360d3a7c8d73c18a4c7cefe54918f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: lXKCQeXUt27J6nCkpyg.wttv9sclNUlC
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: RTFS2Q3K4MNM2PVM
age: 6106
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cvlK+VuW9KokC6xeH8QVFcIbdbZyU/jYVfiXTtOgveJWsw2ZF4t4BqFFVx7LVVTK+5IcinVwf/0=
last-modified: Mon, 29 Jan 2024 16:31:26 GMT
server: cloudflare
etag: W/"0382f787387263af69097ae55ff7e174"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84db245f5cb09945-FRA
expires: Tue, 30 Jan 2024 20:37:53 GMT

GET
H3 200 cc_mc.svg
donordrivecontent.com/resources/img/ 7 KB
3 KB 47ms
44ms Image
image/svg+xml 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donordrivecontent.com/resources/img/cc_mc.svg?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d15d9a70fc6d67bc9ff6f5c1173b2a49e5104aa4766bab337cff2b5bfcfebf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: Hg4sm1caF8_9NIGWrDh6_9NydsnqG8OD
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: RTFWTKJKP910MSWC
age: 6106
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mrrmqX5ZvZCwuZE3RO6nZmldTPJtqJ2g8akaExtIdjbR+yrRzk2s86j+/JdRSUor4zDXkKukI44=
last-modified: Mon, 29 Jan 2024 16:31:26 GMT
server: cloudflare
etag: W/"a8b3375d8f6cc77bda0561216bcb4d54"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84db245f5cb49945-FRA
expires: Tue, 30 Jan 2024 20:37:53 GMT

GET
H3 200 cc_amex.svg
donordrivecontent.com/resources/img/ 7 KB
3 KB 36ms
34ms Image
image/svg+xml 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donordrivecontent.com/resources/img/cc_amex.svg?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fc1a83557d4dfb94f7bcad5f9e8c7df8c041627df0182a9fd016e1851d3be0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: qEv7ebHyTJRJAvvWurHoCL21KYudiYkQ
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: RTFRJ9Y51AZCYGXH
age: 1418
alt-svc: h3=":443"; ma=86400
x-amz-id-2: siW0MojdhZ2TK2wcoiEWOnEJjQeRn/wWngvVzdWzs114VkvdfPVZDN1Cwbq3MrU1LBKDgaqDq98=
last-modified: Mon, 29 Jan 2024 16:31:26 GMT
server: cloudflare
etag: W/"86a2a5aa29c95634611b9bd33802a118"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84db245f5cb69945-FRA
expires: Tue, 30 Jan 2024 20:37:53 GMT

GET
H3 200 cc_discover.svg
donordrivecontent.com/resources/img/ 6 KB
3 KB 256ms
254ms Image
image/svg+xml 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donordrivecontent.com/resources/img/cc_discover.svg?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e34905bad378237098cc8b0b3db9893a35b297482f08e50e30424ad6bd46a8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: _cRo9r0ZZr4b_XM1ULpVirVUHEaijnMZ
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 29 Jan 2024 16:31:26 GMT
server: cloudflare
x-amz-request-id: RTFMN57EGSHYVRW1
etag: W/"3793ddf475ee9c5e708c49ac99b6cf07"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84db245f5cb89945-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: r++yWCrneRJBIKmsyz8FhhunLgYOQcgCNmPmPBpqrfuZGUwVLPk/IeDcmkJLEjh1MOemui6qAYY=
expires: Tue, 30 Jan 2024 20:37:53 GMT

GET
H3 200 paypal.svg
donordrivecontent.com/resources/img/ 5 KB
2 KB 38ms
36ms Image
image/svg+xml 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donordrivecontent.com/resources/img/paypal.svg?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9423fedea26288e6252918d11cdecf5e0302c203cdaf8107dde01f87471951e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: gNsMog1l_wjZXF5jk5plIPO0kzwZ8lZO
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: RTFQNBFP9A05AX2R
age: 6106
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 1oFUidgORJ3+UdvWqDt+s5IRhcnp9Tp69sFEZl1W5/oPUTQlj2ZuIRExMfG1VltklTuejuSgO1g=
last-modified: Mon, 29 Jan 2024 16:31:27 GMT
server: cloudflare
etag: W/"f194bcb920941ed3d14a7f7bf2e61e2a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84db245f5cba9945-FRA
expires: Tue, 30 Jan 2024 20:37:53 GMT

GET
H3 200 bank-account-en.svg
donordrivecontent.com/resources/img/ 11 KB
4 KB 273ms
271ms Image
image/svg+xml 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donordrivecontent.com/resources/img/bank-account-en.svg?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8cea791154939e2ffc2c5946a72dba941310d0dab59d0e4ee966916bd6c5acc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: qr.hdUhqJORW318XKBVR3BWXc84QeuQO
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 29 Jan 2024 16:31:26 GMT
server: cloudflare
x-amz-request-id: RTFNRS4PGT7JTZFB
etag: W/"0ee96b02d14fc56e48d6c5a6c896d8e4"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84db245f5cbc9945-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: qjPSjWTP9XbjwUVH0zuzyNsftpYXFFOoguwX6ZUjAQKfcLA1Cy3svOkMNFYjDT6N+KSTrVFhmXA=
expires: Tue, 30 Jan 2024 20:37:53 GMT

GET
H3 200 amazon-pay.svg
donordrivecontent.com/resources/img/ 11 KB
5 KB 262ms
260ms Image
image/svg+xml 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donordrivecontent.com/resources/img/amazon-pay.svg?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05c73181eaec30a8c8217b1761a37b496d9bbeeaf04a9c066514bb64df55531c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: SAYffhAJbXr_Wh.6cK9eN8SlaXE02P9X
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 29 Jan 2024 16:31:26 GMT
server: cloudflare
x-amz-request-id: RTFYZDGRGVY1MHCK
etag: W/"c017eaa8179d97e07c503ab829add203"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84db245f5cbe9945-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: DX+aTgGirAAxPpRFjmOoFDgGCF7/XR6OQfoRo+mb6ONX5oDyGsyYqYxxA73jaHl/y+uCGNQQBnI=
expires: Tue, 30 Jan 2024 20:37:53 GMT

GET
H3 200 blue_venmo_acceptance_mark.svg
donordrivecontent.com/resources/img/ 1 KB
1003 B 42ms
40ms Image
image/svg+xml 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donordrivecontent.com/resources/img/blue_venmo_acceptance_mark.svg?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b653871fe60b9d9c8fc0da378f949830c31f8e09390b6ef6a6b37c3a06980c53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: hW7fy38ejZqWl.VSKBvqEdlelZ.WZM13
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: RTFRTX5MPJ04SY5D
age: 6106
alt-svc: h3=":443"; ma=86400
x-amz-id-2: /cCY1Z+eBkO9E9FbmPL+iSMVyDVJhX6JrA0I1YwQ5NCg500iae8PA3hu52xCDMbvRo3AeIXY9gQ=
last-modified: Mon, 29 Jan 2024 16:31:26 GMT
server: cloudflare
etag: W/"063679be585f6381769285fe5a91ce6a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84db245f5cc09945-FRA
expires: Tue, 30 Jan 2024 20:37:53 GMT

GET
H2 200 theme.js Show response
donordrivecontent.com/themes/ascend/dist/js/ 8 KB
3 KB 288ms
285ms Script
application/javascript 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/themes/ascend/dist/js/theme.js?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 366fc52c5d29d7844decc858bdcebe3e644009a2ee6b216a537f9ab6ae40e615

Request headers

Referer: https://events.childrens-specialized.org/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: rjdFlK28hNw2wfYs_vkYF3NIsetEI8nX
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: AV0M1E44A9MX9TX8
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0tkw0Y4L+I0tqqZGEdoSmVAfBU7eQJEQPiCvgVQ08MlXIMXpa636eQ7npcL3j/JP29xahe1kAYU=
last-modified: Mon, 29 Jan 2024 16:33:54 GMT
server: cloudflare
etag: W/"43a6ab03307128509b6d5868e25abc3f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
cf-ray: 84db245f59c89b40-FRA
expires: Tue, 30 Jan 2024 20:37:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 75ms
28ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,700&display=swap

Requested by

Host: static.donordrive.com
URL: https://static.donordrive.com/themes/ascend/css/master.css?v=202401291124

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2542cd76df29fd9ac4615f66c62bf94aab8585d36d27c4e8af1354a9bf3a4a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.donordrive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Jan 2024 16:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 15:36:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Jan 2024 16:37:52 GMT

GET
H3 200 print.css
donordrivecontent.com/themes/ascend/css/ 4 KB
2 KB 38ms
37ms Stylesheet
text/css 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/themes/ascend/css/print.css?v=202401291124
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f0c6ea574423d2a06658debdc6e08c0b4bc217d9d46cca23020e21e3346d741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: vv8Yn_CGT7gZ.CQj_ivYx9hgZVjA_obn
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: Y06034C7AKEKFSA2
age: 6754
cf-polished: origSize=5765
alt-svc: h3=":443"; ma=86400
x-amz-id-2: k/Jdw1NTeuHRVvew64p+mA8qe/yj/GrZRIAto2hEXeFUiBy7l8+RcBXmVvbluzJSQUj6Kb+3YAk=
cf-bgj: minify
last-modified: Fri, 26 Jan 2024 06:00:25 GMT
server: cloudflare
etag: W/"953fb217e3646fb1bdb411c9ecc334ab"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 84db245f5cc29945-FRA
expires: Tue, 30 Jan 2024 20:37:53 GMT

GET
H2 200 client.min.js Show response
js.braintreegateway.com/web/3.94.0/js/ 38 KB
12 KB 126ms
20ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.94.0/js/client.min.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB4) /

Resource Hash

e3be81ffbcf09062e7351c784b220f1ae4663cd67b7ecb67b572ea0dbcaeef1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: a0e4eec9df608
dc: ccg11-origin-www-1.paypal.com
content-length: 11738
last-modified: Wed, 10 May 2023 18:41:09 GMT
server: ECAcc (frc/4CB4)
traceparent: 00-0000000000000000000a0e4eec9df608-f5ce0adf2287acc9-01
etag: W/"645be545-9691"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 63ms
18ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 83029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 17:34:04 GMT

GET
H2 200 fontawesome-webfont.woff
donordrivecontent.com/resources/font/ 43 KB
43 KB 472ms
472ms Font
binary/octet-stream 2606:4700::6812:6f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donordrivecontent.com/resources/font/fontawesome-webfont.woff?v=3.2.1
Requested by: Host: donordrivecontent.com
URL: https://donordrivecontent.com/resources/css/dd-public.css?v=202401291124
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

Referer: https://donordrivecontent.com/resources/css/dd-public.css?v=202401291124
Origin: https://events.childrens-specialized.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
x-amz-version-id: rTrcMTFXN.t_cF2oAmd14DH075u_bTje
cf-cache-status: MISS
x-amz-request-id: AV0RXM4CRJ40D6CR
alt-svc: h3=":443"; ma=86400
content-length: 43572
x-amz-id-2: L4czestl4mTod9asCW1y1JfQJM9/9C4cfCFdZnLkJZDjTK7sRNit1D0idJDVaiTBKCNtSn/RQUw=
last-modified: Mon, 29 Jan 2024 16:31:26 GMT
server: cloudflare
etag: "b683029bafe0305ac2234038a03e1541"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84db245f69e69b40-FRA
expires: Tue, 30 Jan 2024 20:37:53 GMT

GET
H2 200 venmo.min.js Show response
js.braintreegateway.com/web/3.94.0/js/ 81 KB
21 KB 20ms
20ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.94.0/js/venmo.min.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA7) /

Resource Hash

e5b4475ec7b2ac36d3d281078b25b63174122439af27b5c40217a76c6abc72c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1355675a9fc4b
dc: ccg11-origin-www-1.paypal.com
content-length: 21487
last-modified: Wed, 10 May 2023 18:41:09 GMT
server: ECAcc (frc/4CA7)
traceparent: 00-00000000000000000001355675a9fc4b-1b0a00140dc2f885-01
etag: W/"645be545-1422b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QN0VFYTF0H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5CL8LLP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

719f41faf3c2794075d7e116f2ab69bb7c6e1619e31bcb65f3e2d96d1c06bff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jan 2024 16:37:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
89 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1ST9TM2NGQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRJTH5C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab623430f5489fe98ba9774c3052a19a6cbe9c12418dcb7c07aa9fc42a9b17aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91224
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 Jan 2024 16:37:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 63ms
18ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRJTH5C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 15:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2984
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 30 Jan 2024 17:48:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
58 KB 63ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05e0d95e16595bcc9b3c0e4f2a0f1a455630f8ab577f682676162e3c87aefe20

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jan 2024 16:37:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57161
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: XDpTXvx5BIm7Suwn/Q4V4QR5THyVjPUVm+nqNbIIMycuLJughyuJwnMwpjGT/5EKkRU3xXxsGs2DmpmsdqTyMA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET m1ImL1mL1wQwmQ5f
service.watchthem.live/pixel/ 0
0

GET
H2 200 data-collector.min.js Show response
js.braintreegateway.com/web/3.94.0/js/ 29 KB
10 KB 21ms
21ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.94.0/js/data-collector.min.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA7) /

Resource Hash

7a1866463755707c082b0577357873ac3304d29d9aefdef66cb7a5ee4c0e941f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: de02a4241a1b8
dc: ccg11-origin-www-1.paypal.com
content-length: 10264
last-modified: Wed, 10 May 2023 18:41:09 GMT
server: ECAcc (frc/4CA7)
traceparent: 00-0000000000000000000de02a4241a1b8-4bb14932b4104741-01
etag: W/"645be545-753f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 100ms
23ms Preflight 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://events.childrens-specialized.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://events.childrens-specialized.org
access-control-max-age: 1800
date: Tue, 30 Jan 2024 16:37:53 GMT
paypal-debug-id: e28c94e2646e4
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 graphql Show response
payments.braintree-api.com/ 946 B
904 B 597ms
597ms XHR
application/json 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.94.0/js/client.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

b8b60343a1c0446b81f5f31e748f07c2c176ef66ea6c0de0d83b903bcc9c032e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://events.childrens-specialized.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Authorization: Bearer production_7bwkxsb5_q5y7yysk7qq3j232
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 16:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://events.childrens-specialized.org
paypal-debug-id: 31217e1f591b4
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 540

POST
H2 204 collect
region1.google-analytics.com/g/ 0
265 B 70ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QN0VFYTF0H&gtm=45je41o0v9115589147z89115695722&_p=1706632672569&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2001369160.1706632673&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706632673&sct=1&seg=0&dl=https%3A%2F%2Fevents.childrens-specialized.org%2Findex.cfm%3Ffuseaction%3Ddonate.event%26eventID%3D503&dt=Children%27s%20Specialized%20Hospital%20Foundation%20-%20Make%20a%20Donation&en=page_view&_fv=1&_nsi=1&_ss=1&up.instanceName=cshf&up.siteName=Children%27s%20Specialized%20Hospital%20Foundation&tfd=1647
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QN0VFYTF0H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 16:37:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://events.childrens-specialized.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 41ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1ST9TM2NGQ&gtm=45je41o0h1v9103296196z8834438295&_p=1706632672569&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2001369160.1706632673&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706632673&sct=1&seg=0&dl=https%3A%2F%2Fevents.childrens-specialized.org%2Findex.cfm%3Ffuseaction%3Ddonate.event%26eventID%3D503&dt=Children%27s%20Specialized%20Hospital%20Foundation%20-%20Make%20a%20Donation&en=page_view&_fv=1&_ss=1&tfd=1676
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1ST9TM2NGQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 16:37:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://events.childrens-specialized.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
220 B 25ms
25ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1554057939&t=pageview&_s=1&dl=https%3A%2F%2Fevents.childrens-specialized.org%2Findex.cfm%3Ffuseaction%3Ddonate.event%26eventID%3D503&ul=en-us&de=UTF-8&dt=Children%27s%20Specialized%20Hospital%20Foundation%20-%20Make%20a%20Donation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=480838199&gjid=408058801&cid=2001369160.1706632673&tid=UA-179795652-1&_gid=1432447944.1706632673&_r=1&_slc=1&gtm=45He41t0h2n81TRJTH5Cv834438295&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1469014956

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.childrens-specialized.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 16:37:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://events.childrens-specialized.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 587095458491281 Show response
connect.facebook.net/signals/config/ 49 KB
11 KB 185ms
185ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/587095458491281?v=2.9.143&r=stable&domain=events.childrens-specialized.org&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e5770d39baac416b5815476c62bc43467ccc8047c91a2931ec1e05b0ea985c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jan 2024 16:37:53 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: dyBpYOw5UXfPs7Uxl6nGS5fnLZISUb/9z0Di8Vj41MruwDlpjUFxTak0mq7IxD7MTrUb+c3Mze5OOMzvGY6ZzQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
357 B 81ms
27ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-179795652-1&cid=2001369160.1706632673&jid=480838199&gjid=408058801&_gid=1432447944.1706632673&_u=YADAAEAAAAAAACAAI~&z=1615512009

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.childrens-specialized.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 30 Jan 2024 16:37:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://events.childrens-specialized.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 294 KB
80 KB 740ms
627ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AZn7u7oYb82h8mDw_J0VPrxQxP1NsF7iLizgKxe7fcJ3mxLnqHFMK70Fb_tH_f0KQBsORAWORR3Xt8L5&vault=true&commit=true&intent=capture&disable-funding=paylater&currency=USD&locale=en_US

Requested by

Host: donordrivecontent.com
URL: https://donordrivecontent.com/resources/js/payment/paypal.paypal.js?v=202401291124

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2a403b78fd1e27022838a17ca6f77357d008ab27b071d89c9d8f2e71c634b753

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-ZuqpSg/zpbYRJpwqYavib9xVEo2wAGgH8z2IVCO3GRTRtg87' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ZuqpSg/zpbYRJpwqYavib9xVEo2wAGgH8z2IVCO3GRTRtg87' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ZuqpSg/zpbYRJpwqYavib9xVEo2wAGgH8z2IVCO3GRTRtg87' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ZuqpSg/zpbYRJpwqYavib9xVEo2wAGgH8z2IVCO3GRTRtg87' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Tue, 30 Jan 2024 16:37:54 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f947487943a13
server-timing: "traceparent;desc="00-0000000000000000000f947487943a13-fd095702537582d0-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 80128
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220117-FRA, cache-fra-etou8220117-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f947487943a13-f53752c9a2d1a245-01
x-timer: S1706632674.626944,VS0,VE608
etag: W/"13900-nIeAgQPiV/sOM+sCnXq0iHdwy3E"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 65ms
19ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=587095458491281&ev=PageView&dl=https%3A%2F%2Fevents.childrens-specialized.org&rl=&if=false&ts=1706632673644&sw=1600&sh=1200&v=2.9.143&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1706632673642.1608253386&pm=1&hrl=ce12ad&ler=empty&cdl=API_unavailable&it=1706632673448&coo=false&up_url=&rp_url=d6c585394ea0783bb3442c38ab7b8edab2df5cd6ff3a3363866c5256f7dbca5e&cs_cc=1&exp=e0&rqm=GET

Requested by

Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 Jan 2024 16:37:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 200
OK q5y7yysk7qq3j232 Show response
client-analytics.braintreegateway.com/ 0
367 B 23ms
23ms XHR
text/plain 35.156.2.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q5y7yysk7qq3j232

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.94.0/js/client.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.2.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-2-107.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://events.childrens-specialized.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 30 Jan 2024 16:37:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://events.childrens-specialized.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q5y7yysk7qq3j232 Show response
client-analytics.braintreegateway.com/ 0
367 B 24ms
24ms XHR
text/plain 35.156.2.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q5y7yysk7qq3j232

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.94.0/js/client.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.2.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-2-107.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://events.childrens-specialized.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 30 Jan 2024 16:37:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://events.childrens-specialized.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q5y7yysk7qq3j232 Show response
client-analytics.braintreegateway.com/ 0
367 B 24ms
23ms XHR
text/plain 35.156.2.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q5y7yysk7qq3j232

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.94.0/js/client.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.2.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-2-107.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://events.childrens-specialized.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 30 Jan 2024 16:37:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://events.childrens-specialized.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q5y7yysk7qq3j232 Show response
client-analytics.braintreegateway.com/ 0
367 B 23ms
23ms XHR
text/plain 35.156.2.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q5y7yysk7qq3j232

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.94.0/js/client.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.2.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-2-107.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://events.childrens-specialized.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 30 Jan 2024 16:37:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://events.childrens-specialized.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 65 KB
22 KB 27ms
20ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.94.0/js/data-collector.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (daa/7D20) /

Resource Hash

d564b36f3a0fbaebebdb3ca3f79a8b1d36061b83f72221c036b78d075757f81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 179259
date: Tue, 30 Jan 2024 16:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 316657
x-cache: HIT
paypal-debug-id: f462442442682
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 21999
x-served-by: cache-fra-etou8220117-FRA
last-modified: Sat, 27 Jan 2024 00:26:38 GMT
server: ECAcc (daa/7D20)
traceparent: 00-0000000000000000000f462442442682-21e123ea0dc7a494-01
x-timer: S1706632674.084688,VS0,VE1
etag: W/"65b44dbe-1026d"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: x-csrf-token
expires: Wed, 31 Jan 2024 16:37:54 GMT

OPTIONS
H/1.1 200
OK q5y7yysk7qq3j232
client-analytics.braintreegateway.com/ Frame 0
0 121ms
23ms Preflight 35.156.2.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q5y7yysk7qq3j232

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.2.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-2-107.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://events.childrens-specialized.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://events.childrens-specialized.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 30 Jan 2024 16:37:54 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK q5y7yysk7qq3j232
client-analytics.braintreegateway.com/ Frame 0
0 121ms
23ms Preflight 35.156.2.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q5y7yysk7qq3j232

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.2.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-2-107.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://events.childrens-specialized.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://events.childrens-specialized.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 30 Jan 2024 16:37:54 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK q5y7yysk7qq3j232
client-analytics.braintreegateway.com/ Frame 0
0 118ms
22ms Preflight 35.156.2.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q5y7yysk7qq3j232

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.2.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-2-107.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://events.childrens-specialized.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://events.childrens-specialized.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 30 Jan 2024 16:37:54 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK q5y7yysk7qq3j232
client-analytics.braintreegateway.com/ Frame 0
0 118ms
23ms Preflight 35.156.2.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q5y7yysk7qq3j232

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.2.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-2-107.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://events.childrens-specialized.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://events.childrens-specialized.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 30 Jan 2024 16:37:54 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 6331 160 B
1 KB 171ms
170ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://events.childrens-specialized.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 0ffd7aab930d1
date: Tue, 30 Jan 2024 16:37:54 GMT
origin-trial: A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id: 0ffd7aab930d1
server-timing: "traceparent;desc="00-00000000000000000000ffd7aab930d1-fd8fc0358ca37ecc-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000ffd7aab930d1-af68ec588ef0686f-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220117-FRA
x-timer: S1706632674.159778,VS0,VE151
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/ Frame C052
Redirect Chain

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=584aef81732b19b1bc98d3db955ad145&t=1706632674.067&a=14
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=584aef81732b19b1bc98d3db955ad145&t=1706632674.067&a=14

42 B
299 B

143ms
44ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=584aef81732b19b1bc98d3db955ad145&t=1706632674.067&a=14
Requested by: Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 16:37:54 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=584aef81732b19b1bc98d3db955ad145&t=1706632674.067&a=14
Date: Tue, 30 Jan 2024 16:37:54 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ 0
475 B 277ms
197ms Image
text/plain 2a04:4e42:400::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=584aef81732b19b1bc98d3db955ad145&s=BRAINTREE_SIGNIN

Requested by

Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:54 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: e7275b10a18f0
server-timing: "traceparent;desc="00-0000000000000000000e7275b10a18f0-c26631f2dcd33620-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
x-served-by: cache-fra-eddf8230080-FRA
correlation-id: e7275b10a18f0
traceparent: 00-0000000000000000000e7275b10a18f0-b2684ea56a15b9b3-01
x-timer: S1706632674.237495,VS0,VE178
vary: Accept-Encoding
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
6 KB 700ms
700ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=events.childrens-specialized.org&t=xo&v=5.0.421&source=payments_sdk&client_id=AZn7u7oYb82h8mDw_J0VPrxQxP1NsF7iLizgKxe7fcJ3mxLnqHFMK70Fb_tH_f0KQBsORAWORR3Xt8L5&disableSetCookie=true&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AZn7u7oYb82h8mDw_J0VPrxQxP1NsF7iLizgKxe7fcJ3mxLnqHFMK70Fb_tH_f0KQBsORAWORR3Xt8L5&vault=true&commit=true&intent=capture&disable-funding=paylater&currency=USD&locale=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5882bd1583d3b17ab2680e92826ebb4b3d5a2a55b5803344e859a06d79a8dffe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-horSR3nNqSs5TYqgOWfnLtlcypbtzp0IFag8aJ0O51aCcYdl' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-horSR3nNqSs5TYqgOWfnLtlcypbtzp0IFag8aJ0O51aCcYdl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 16:37:54 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS, MISS
paypal-debug-id: f9474876ff300
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4788
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220117-FRA, cache-fra-etou8220117-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f9474876ff300-f9e2126ed2bcd7e0-01
x-timer: S1706632674.289843,VS0,VE680
etag: W/"3690-S6ZR+lHWB4VFF4P0LCornnOl18g"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 8621 403 KB
104 KB 416ms
415ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=checkout&style.layout=horizontal&style.color=blue&style.shape=pill&style.tagline=true&style.menuPlacement=below&sdkVersion=5.0.421&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpuN3U3b1liODJoOG1Ed19KMFZQcnhReFAxTnNGN2lMaXpnS3hlN2ZjSjNteExucUhGTUs3MEZiX3RIX2YwS1FCc09SQVdPUlIzWHQ4TDUmdmF1bHQ9dHJ1ZSZjb21taXQ9dHJ1ZSZpbnRlbnQ9Y2FwdHVyZSZkaXNhYmxlLWZ1bmRpbmc9cGF5bGF0ZXImY3VycmVuY3k9VVNEJmxvY2FsZT1lbl9VUyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xvYW5ucWt6YnBsanZ4cmFtcXFmenpqcnRpa2h4ZSJ9fQ&clientID=AZn7u7oYb82h8mDw_J0VPrxQxP1NsF7iLizgKxe7fcJ3mxLnqHFMK70Fb_tH_f0KQBsORAWORR3Xt8L5&sdkCorrelationID=f761689e37455&storageID=uid_7a6180c05d_mty6mzc6ntq&sessionID=uid_e83fa36cf7_mty6mzc6ntq&buttonSessionID=uid_9574523d80_mty6mzc6ntq&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=paylater&renderedButtons.0=paypal&clientMetadataID=uid_e83fa36cf7_mty6mzc6ntq&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

06e1a12c2bc2f1db2a893aa7cfc4ca9e40d13e9cda4c3bb058d6ef637420de7a

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://events.childrens-specialized.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Tue, 30 Jan 2024 16:37:54 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"64a37-liw3Onp+mgpBk/nvCJusoReg3vI"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f947487a54363
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f947487a54363-3d3d5f3e5020be06-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f947487a54363-30f34a64f8e01d42-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-etou8220117-FRA, cache-fra-etou8220117-FRA
x-timer: S1706632674.323808,VS0,VE386
x-xss-protection: 1; mode=block

GET
H2 200 paypal-white.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 884B 3 KB
2 KB 82ms
22ms Image
image/svg+xml 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-white.svg

Requested by

Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:54 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
log-origin: shield=SJC,src_ip=157.52.96.43,alternate_path=0,ip=157.52.96.43,port=443,name=shield_ssl_cache_sjc10043_SJC,status=200,reason=OK,method=GET,url="/js-sdk-logos/2.2.7/paypal-white.svg",host=www.paypalobjects.com
strict-transport-security: max-age=31557600
log-timing: fetch=149519,misspass=152,do_stream=0
x-cache: HIT, HIT
paypal-debug-id: 26f7afd896667
dc: ccg11-origin-www-1.paypal.com
content-length: 1139
x-served-by: cache-sjc10043-SJC, cache-fra-etou8220039-FRA
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
traceparent: 00-000000000000000000026f7afd896667-74a99f5766150911-01
x-timer: S1706632674.384218,VS0,VE0
etag: W/"642c9aab-cc2"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 3295, 811

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 6331 65 KB
22 KB 22ms
22ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (daa/7D20) /

Resource Hash

d564b36f3a0fbaebebdb3ca3f79a8b1d36061b83f72221c036b78d075757f81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 179260
date: Tue, 30 Jan 2024 16:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 316657
x-cache: HIT
paypal-debug-id: f462442442682
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 21999
x-served-by: cache-fra-etou8220117-FRA
last-modified: Sat, 27 Jan 2024 00:26:38 GMT
server: ECAcc (daa/7D20)
traceparent: 00-0000000000000000000f462442442682-21e123ea0dc7a494-01
x-timer: S1706632674.333121,VS0,VE2
etag: W/"65b44dbe-1026d"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: x-csrf-token
expires: Wed, 31 Jan 2024 16:37:54 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 6331 212 B
589 B 194ms
193ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c8810c9ea62f8171c562ccd215c96a807e0856085b1dff2861f017c7970e4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jan 2024 16:37:54 GMT
via: 1.1 varnish
disable-set-cookie: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 471a9f8ea09b8
server-timing: "traceparent;desc="00-0000000000000000000471a9f8ea09b8-2d95137e05472ddc-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 212
x-served-by: cache-fra-etou8220117-FRA
correlation-id: 471a9f8ea09b8
traceparent: 00-0000000000000000000471a9f8ea09b8-9485b87f671ecf6c-01
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 6331 0
302 B 188ms
188ms XHR
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jan 2024 16:37:54 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: c24fc2260a439
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220117-FRA
correlation-id: c24fc2260a439
traceparent: 00-0000000000000000000c24fc2260a439-618d930e6e078583-01
vary: Accept-Encoding
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 8621 294 KB
79 KB 37ms
37ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=checkout&style.layout=horizontal&style.color=blue&style.shape=pill&style.tagline=true&style.menuPlacement=below&sdkVersion=5.0.421&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpuN3U3b1liODJoOG1Ed19KMFZQcnhReFAxTnNGN2lMaXpnS3hlN2ZjSjNteExucUhGTUs3MEZiX3RIX2YwS1FCc09SQVdPUlIzWHQ4TDUmdmF1bHQ9dHJ1ZSZjb21taXQ9dHJ1ZSZpbnRlbnQ9Y2FwdHVyZSZkaXNhYmxlLWZ1bmRpbmc9cGF5bGF0ZXImY3VycmVuY3k9VVNEJmxvY2FsZT1lbl9VUyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xvYW5ucWt6YnBsanZ4cmFtcXFmenpqcnRpa2h4ZSJ9fQ&clientID=AZn7u7oYb82h8mDw_J0VPrxQxP1NsF7iLizgKxe7fcJ3mxLnqHFMK70Fb_tH_f0KQBsORAWORR3Xt8L5&sdkCorrelationID=f761689e37455&storageID=uid_7a6180c05d_mty6mzc6ntq&sessionID=uid_e83fa36cf7_mty6mzc6ntq&buttonSessionID=uid_9574523d80_mty6mzc6ntq&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=paylater&renderedButtons.0=paypal&clientMetadataID=uid_e83fa36cf7_mty6mzc6ntq&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2a403b78fd1e27022838a17ca6f77357d008ab27b071d89c9d8f2e71c634b753

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-ZuqpSg/zpbYRJpwqYavib9xVEo2wAGgH8z2IVCO3GRTRtg87' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ZuqpSg/zpbYRJpwqYavib9xVEo2wAGgH8z2IVCO3GRTRtg87' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.label=checkout&style.layout=horizontal&style.color=blue&style.shape=pill&style.tagline=true&style.menuPlacement=below&sdkVersion=5.0.421&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpuN3U3b1liODJoOG1Ed19KMFZQcnhReFAxTnNGN2lMaXpnS3hlN2ZjSjNteExucUhGTUs3MEZiX3RIX2YwS1FCc09SQVdPUlIzWHQ4TDUmdmF1bHQ9dHJ1ZSZjb21taXQ9dHJ1ZSZpbnRlbnQ9Y2FwdHVyZSZkaXNhYmxlLWZ1bmRpbmc9cGF5bGF0ZXImY3VycmVuY3k9VVNEJmxvY2FsZT1lbl9VUyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xvYW5ucWt6YnBsanZ4cmFtcXFmenpqcnRpa2h4ZSJ9fQ&clientID=AZn7u7oYb82h8mDw_J0VPrxQxP1NsF7iLizgKxe7fcJ3mxLnqHFMK70Fb_tH_f0KQBsORAWORR3Xt8L5&sdkCorrelationID=f761689e37455&storageID=uid_7a6180c05d_mty6mzc6ntq&sessionID=uid_e83fa36cf7_mty6mzc6ntq&buttonSessionID=uid_9574523d80_mty6mzc6ntq&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=paylater&renderedButtons.0=paypal&clientMetadataID=uid_e83fa36cf7_mty6mzc6ntq&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ZuqpSg/zpbYRJpwqYavib9xVEo2wAGgH8z2IVCO3GRTRtg87' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ZuqpSg/zpbYRJpwqYavib9xVEo2wAGgH8z2IVCO3GRTRtg87' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Tue, 30 Jan 2024 16:37:54 GMT
age: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f947487943a13
server-timing: "traceparent;desc="00-0000000000000000000f947487943a13-fd095702537582d0-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 80128
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220117-FRA, cache-fra-etou8220117-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f947487943a13-f53752c9a2d1a245-01
x-timer: S1706632675.757323,VS0,VE9
etag: W/"13900-nIeAgQPiV/sOM+sCnXq0iHdwy3E"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
DATA 200
OK truncated
/ Frame 8621 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 8621 1013 B
922 B 228ms
228ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

11c4b870044ceb69c8b7785b5d1f6106654c8e60e18be75c33584b164b5ec75b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.label=checkout&style.layout=horizontal&style.color=blue&style.shape=pill&style.tagline=true&style.menuPlacement=below&sdkVersion=5.0.421&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpuN3U3b1liODJoOG1Ed19KMFZQcnhReFAxTnNGN2lMaXpnS3hlN2ZjSjNteExucUhGTUs3MEZiX3RIX2YwS1FCc09SQVdPUlIzWHQ4TDUmdmF1bHQ9dHJ1ZSZjb21taXQ9dHJ1ZSZpbnRlbnQ9Y2FwdHVyZSZkaXNhYmxlLWZ1bmRpbmc9cGF5bGF0ZXImY3VycmVuY3k9VVNEJmxvY2FsZT1lbl9VUyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xvYW5ucWt6YnBsanZ4cmFtcXFmenpqcnRpa2h4ZSJ9fQ&clientID=AZn7u7oYb82h8mDw_J0VPrxQxP1NsF7iLizgKxe7fcJ3mxLnqHFMK70Fb_tH_f0KQBsORAWORR3Xt8L5&sdkCorrelationID=f761689e37455&storageID=uid_7a6180c05d_mty6mzc6ntq&sessionID=uid_e83fa36cf7_mty6mzc6ntq&buttonSessionID=uid_9574523d80_mty6mzc6ntq&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=paylater&renderedButtons.0=paypal&clientMetadataID=uid_e83fa36cf7_mty6mzc6ntq&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

date: Tue, 30 Jan 2024 16:37:55 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f173526c42e59
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220117-FRA, cache-fra-etou8220117-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f173526c42e59-75420880c4d742ca-01
x-timer: S1706632675.958480,VS0,VE209
etag: W/"3f5-yVK5lpMkPPZwfPVWJR/driLLEBQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 8621 1 KB
1003 B 219ms
218ms Ping
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c3d236333d758c8009ca5d788c111c1f59a8ffc4d96b7d141e2d97ff42030be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=checkout&style.layout=horizontal&style.color=blue&style.shape=pill&style.tagline=true&style.menuPlacement=below&sdkVersion=5.0.421&components.0=buttons&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpuN3U3b1liODJoOG1Ed19KMFZQcnhReFAxTnNGN2lMaXpnS3hlN2ZjSjNteExucUhGTUs3MEZiX3RIX2YwS1FCc09SQVdPUlIzWHQ4TDUmdmF1bHQ9dHJ1ZSZjb21taXQ9dHJ1ZSZpbnRlbnQ9Y2FwdHVyZSZkaXNhYmxlLWZ1bmRpbmc9cGF5bGF0ZXImY3VycmVuY3k9VVNEJmxvY2FsZT1lbl9VUyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xvYW5ucWt6YnBsanZ4cmFtcXFmenpqcnRpa2h4ZSJ9fQ&clientID=AZn7u7oYb82h8mDw_J0VPrxQxP1NsF7iLizgKxe7fcJ3mxLnqHFMK70Fb_tH_f0KQBsORAWORR3Xt8L5&sdkCorrelationID=f761689e37455&storageID=uid_7a6180c05d_mty6mzc6ntq&sessionID=uid_e83fa36cf7_mty6mzc6ntq&buttonSessionID=uid_9574523d80_mty6mzc6ntq&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG9iYW5jYXJpbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtdWx0aWJhbmNvIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNhdGlzcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBhaWR5Ijp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=true&disableFunding.0=paylater&renderedButtons.0=paypal&clientMetadataID=uid_e83fa36cf7_mty6mzc6ntq&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jan 2024 16:37:55 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f173526f9594a
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-etou8220117-FRA, cache-fra-etou8220117-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f173526f9594a-e2983287b93a559c-01
x-timer: S1706632675.976540,VS0,VE189
etag: W/"400-8EWwicT+X1THll/+fDZPWL0b3z4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 21ms
21ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=events.childrens-specialized.org&t=xo&v=5.0.421&source=payments_sdk&client_id=AZn7u7oYb82h8mDw_J0VPrxQxP1NsF7iLizgKxe7fcJ3mxLnqHFMK70Fb_tH_f0KQBsORAWORR3Xt8L5&disableSetCookie=true&vault=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 16:37:54 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
log-origin: shield=SJC,src_ip=157.52.96.131,alternate_path=0,ip=157.52.96.81,port=443,name=shield_ssl_cache_sjc10081_SJC,status=200,reason=OK,method=GET,url="/muse/muse.js",host=www.paypalobjects.com
strict-transport-security: max-age=31557600
log-timing: fetch=178261,misspass=93,do_stream=0
x-cache: HIT, HIT
paypal-debug-id: 3fd9c4a83a728
dc: ccg11-origin-www-1.paypal.com
content-length: 15742
x-served-by: cache-sjc10081-SJC, cache-fra-etou8220039-FRA
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
traceparent: 00-00000000000000000003fd9c4a83a728-6a5561e0f3f2e3ff-01
x-timer: S1706632675.993478,VS0,VE0
etag: W/"64f25363-daa8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 9, 87098

GET
H2 200 ts
t.paypal.com/ 42 B
166 B 245ms
187ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A2Q5LM6GQ5T8NS-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A2Q5LM6GQ5T8NS-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=7f5409c6-8709-4bad-b1d4-3a2fe73a5dc2&fltp=analytics&mrid=2Q5LM6GQ5T8NS&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Children%27s%20Specialized%20Hospital%20Foundation%20-%20Make%20a%20Donation&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1706632674983&g=-60&completeurl=https%3A%2F%2Fevents.childrens-specialized.org%2Findex.cfm%3Ffuseaction%3Ddonate.event%26eventID%3D503&disableSetCookie=true

Requested by

Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 30 Jan 2024 16:37:55 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 396287bcfad06
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230052-FRA
pragma: no-cache
correlation-id: 396287bcfad06
traceparent: 00-0000000000000000000396287bcfad06-2fce124f03c9b56e-01
x-timer: S1706632675.058400,VS0,VE160
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 16:37:55 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame B9AA 55 KB
16 KB 23ms
23ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.childrens-specialized.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 16039
content-type: text/html
date: Tue, 30 Jan 2024 16:37:55 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"64f25363-dacc"
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
log-origin: shield=SJC,src_ip=157.52.96.92,alternate_path=0,ip=157.52.96.107,port=443,name=shield_ssl_cache_sjc1000107_SJC,status=200,reason=OK,method=GET,url="/muse/analytics/index.html",host=www.paypalobjects.com
log-timing: fetch=147177,misspass=72,do_stream=0
paypal-debug-id: 7d8e18e65f05e
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000007d8e18e65f05e-bff6b7eca9fa3c2d-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 7, 87889
x-content-type-options: nosniff
x-served-by: cache-sjc1000107-SJC, cache-fra-etou8220039-FRA
x-timer: S1706632675.023110,VS0,VE0

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame B9AA 18 B
600 B 27ms
27ms Fetch
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 10437, 84113
date: Tue, 30 Jan 2024 16:37:55 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
log-origin: shield=SJC,src_ip=157.52.96.145,alternate_path=0,ip=157.52.96.145,port=443,name=shield_ssl_cache_sjc1000145_SJC,status=200,reason=OK,method=GET,url="/muse/noop.js",host=www.paypalobjects.com
log-timing: fetch=146948,misspass=79,do_stream=0
x-cache: HIT, HIT
paypal-debug-id: 7f4693eaf4cf1
dc: ccg11-origin-www-1.paypal.com
content-length: 18
x-served-by: cache-sjc1000145-SJC, cache-fra-etou8220039-FRA
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
traceparent: 00-00000000000000000007f4693eaf4cf1-0dbd27aaa054f89f-01
x-timer: S1706632675.063267,VS0,VE0
etag: "60271cd0-12"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-client-location: DE

GET
H2 200 ts
t.paypal.com/ 42 B
512 B 172ms
172ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A2Q5LM6GQ5T8NS-1&page=muse%3Aoffer%3A%3A%3A2Q5LM6GQ5T8NS-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=7f5409c6-8709-4bad-b1d4-3a2fe73a5dc2&es=visitorInfoFlowStarted&mrid=2Q5LM6GQ5T8NS&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Children%27s%20Specialized%20Hospital%20Foundation%20-%20Make%20a%20Donation&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1706632675053&g=-60&completeurl=https%3A%2F%2Fevents.childrens-specialized.org%2Findex.cfm%3Ffuseaction%3Ddonate.event%26eventID%3D503&disableSetCookie=true

Requested by

Host: events.childrens-specialized.org
URL: https://events.childrens-specialized.org/index.cfm?fuseaction=donate.event&eventID=503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://events.childrens-specialized.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 30 Jan 2024 16:37:55 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: e4ea6833b2686
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230052-FRA
pragma: no-cache
correlation-id: e4ea6833b2686
traceparent: 00-0000000000000000000e4ea6833b2686-f27a726b80607b2a-01
x-timer: S1706632675.067818,VS0,VE147
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 16:37:55 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame B9AA 435 B
2 KB 305ms
305ms Fetch
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c663604075439ac98dc645260f523cf7bc003351609f7688f432f427e3756a42

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-FCv+bn7SnlYUNpZtAn7D81uZQPOnxOj3hmLtHigw35SzB7zr' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-FCv+bn7SnlYUNpZtAn7D81uZQPOnxOj3hmLtHigw35SzB7zr' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 30 Jan 2024 16:37:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f17352637f167
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220117-FRA, cache-fra-etou8220117-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f17352637f167-00d9e0720326c08c-01
x-timer: S1706632675.339522,VS0,VE283
etag: W/"1b3-fJQD96pBu4Xsp08CEfmiaWi7wxI"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 245ms
202ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 30 Jan 2024 16:37:55 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f1735266b1844
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f1735266b1844-48b6cc53d902430b-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-etou8220043-FRA, cache-fra-etou8220043-FRA
x-timer: S1706632675.137100,VS0,VE179

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: service.watchthem.live
URL: https://service.watchthem.live/pixel/m1ImL1mL1wQwmQ5f

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
events.childrens-specialized.org/	1970-01-20 18:13:57	Name: AWSALB Value: XlQuHYHYEOsaklsUSS0Kbig2qFePKB1mI+U2/ADeARVn3vueVNc33PCcGLEaLkMcN8MLIx/vCg1EKu4VUWNandnXWpizlFacKvf+BmcZqQaF8t6XaUE9JADyaTbO
events.childrens-specialized.org/	1970-01-20 18:13:57	Name: AWSALBCORS Value: XlQuHYHYEOsaklsUSS0Kbig2qFePKB1mI+U2/ADeARVn3vueVNc33PCcGLEaLkMcN8MLIx/vCg1EKu4VUWNandnXWpizlFacKvf+BmcZqQaF8t6XaUE9JADyaTbO
events.childrens-specialized.org/	1969-12-31 23:59:59	Name: CFID Value: 501463
events.childrens-specialized.org/	1969-12-31 23:59:59	Name: CFTOKEN Value: 66579505b5a5c457-905787A7-E9AC-53CC-9BE1E077319DF422
events.childrens-specialized.org/	1969-12-31 23:59:59	Name: PUBLICAPPLANGUAGE Value: DEFAULT%3Ben%5FUS
events.childrens-specialized.org/	1970-01-20 18:47:04	Name: PORTALDATA Value: %5B%5BUj6rqhya%2BRd%2FHEvRwTN5NUFLwlRE%2FzEybH7fSdHisf4NBAVUFo1nIr1aHli6P7%2FC%5D%5D
.events.childrens-specialized.org/	1970-01-20 18:03:54	Name: __cf_bm Value: FXrT47K0Z612Sfw.544pxATMjzK6U0HO.fmELhkuu90-1706632672-1-AScCxAI2Q8X9ag6Rc3hRu/1HqJrl9cQ6P6ta9JpUJzgCnkMThTI2TwHOuY9O13q/KaCrUj7Lvm7XDcNXGpZH9TQ=
.events.childrens-specialized.org/	1969-12-31 23:59:59	Name: __cfruid Value: 876db73df6b0439543a3801d4cc86fe183cd71f1-1706632672
.childrens-specialized.org/	1970-01-20 20:13:28	Name: _gcl_au Value: 1.1.2119212032.1706632673
.childrens-specialized.org/	1970-01-21 03:39:52	Name: _ga_QN0VFYTF0H Value: GS1.1.1706632673.1.0.1706632673.0.0.0
.childrens-specialized.org/	1970-01-21 03:39:52	Name: _ga_1ST9TM2NGQ Value: GS1.1.1706632673.1.0.1706632673.0.0.0
.childrens-specialized.org/	1970-01-21 03:39:52	Name: _ga Value: GA1.2.2001369160.1706632673
.childrens-specialized.org/	1970-01-20 18:05:19	Name: _gid Value: GA1.2.1432447944.1706632673
.childrens-specialized.org/	1970-01-20 18:03:52	Name: _gat_UA-179795652-1 Value: 1
.childrens-specialized.org/	1970-01-20 20:13:28	Name: _fbp Value: fb.1.1706632673642.1608253386
.paypal.com/	1970-01-20 18:08:11	Name: tsrce Value: smartcomponentnodeweb
.paypal.com/	1970-01-20 18:03:54	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-21 03:39:52	Name: ts Value: vreXpYrS%3D1801327074%26vteXpYrS%3D1706634474%26vr%3D5b3bfc7218d0a553b83b0524fc261374%26vt%3D5b3bfc7218d0a553b83b0524fc261373%26vtyp%3Dnew
.paypal.com/	1970-01-21 03:39:52	Name: ts_c Value: vr%3D5b3bfc7218d0a553b83b0524fc261374%26vt%3D5b3bfc7218d0a553b83b0524fc261373

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/587095458491281?v=2.9.143&r=stable&domain=events.childrens-specialized.org&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 80) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
client-analytics.braintreegateway.com
connect.facebook.net
donordrivecontent.com
dub.stats.paypal.com
events.childrens-specialized.org
fonts.googleapis.com
fonts.gstatic.com
js.braintreegateway.com
payments.braintree-api.com
region1.google-analytics.com
service.watchthem.live
static.donordrive.com
stats.g.doubleclick.net
t.paypal.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
service.watchthem.live
151.101.129.35
151.101.65.21
151.101.66.133
192.229.221.25
2001:4860:4802:32::36
2606:4700::6812:6f3
2606:4700::6812:be27
2606:4700::6812:f62
2a00:1450:4001:803::200a
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::291
35.156.2.107
64.4.245.84
76.223.13.31
05c73181eaec30a8c8217b1761a37b496d9bbeeaf04a9c066514bb64df55531c
05e0d95e16595bcc9b3c0e4f2a0f1a455630f8ab577f682676162e3c87aefe20
06e1a12c2bc2f1db2a893aa7cfc4ca9e40d13e9cda4c3bb058d6ef637420de7a
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0f4f424d2e48d289c254977609bd846b2402b7e515a616d0bed405fe0554e147
11c4b870044ceb69c8b7785b5d1f6106654c8e60e18be75c33584b164b5ec75b
13fe4db9e94a26068ea4dab084ded55554d71a7f1f5161cd05d6231d04856e27
14c6e372c745f05c1c982ccdb4040aeb8d5a5b6bbb27d4cf731ec2bb5458b1a3
1625a05067bfc0cf0ad4bffefe38f678fb6dc2eb789e7fa2df196c39362b7945
16878b6eb79de5f968795761ee52262e28ea268527e11a43a32f29d31d508bea
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1a7c96501f556cdde432cef2c9340c0d9c69c501d534bb3390dc648e93b3a52d
1e34905bad378237098cc8b0b3db9893a35b297482f08e50e30424ad6bd46a8d
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
2542cd76df29fd9ac4615f66c62bf94aab8585d36d27c4e8af1354a9bf3a4a99
2a403b78fd1e27022838a17ca6f77357d008ab27b071d89c9d8f2e71c634b753
366fc52c5d29d7844decc858bdcebe3e644009a2ee6b216a537f9ab6ae40e615
378a11dc9726c4d22c15856e2933867e1626a9de06bb5742b5c57d0d302d03bc
3a9fc07ffaa1b91bb3f7b583161d2b8ff860233fd2421625b21c66e6bfb7355e
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
49372277b06129abc97f3ff18112073b1cd1d49a2f81be2f038391b9b0d8e550
4af72b09c45f21a261ed48ec3e8f9be3ee08b66a82523d3272c8c7ea06a1ec0a
4b6ca21331b109f8d9f45457385df75e2bb48b3c5ecb13b86b9f78867063de35
4fc1a83557d4dfb94f7bcad5f9e8c7df8c041627df0182a9fd016e1851d3be0f
55fe72b497a1654c020741e80a24f53e9c5d14f1df57998a43383afaaf62b7ba
5882bd1583d3b17ab2680e92826ebb4b3d5a2a55b5803344e859a06d79a8dffe
59f2939d3343ece8aaad6c2c4a399ae28921fa844b9f9add5dde17c87599df82
5d48d2fc15eaa0af1c30f7cd8f02961a04f9fef428ad9aad94198da638fd8e77
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3d236333d758c8009ca5d788c111c1f59a8ffc4d96b7d141e2d97ff42030be
6c8810c9ea62f8171c562ccd215c96a807e0856085b1dff2861f017c7970e4a4
6d15d9a70fc6d67bc9ff6f5c1173b2a49e5104aa4766bab337cff2b5bfcfebf0
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
719f41faf3c2794075d7e116f2ab69bb7c6e1619e31bcb65f3e2d96d1c06bff6
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
7a1866463755707c082b0577357873ac3304d29d9aefdef66cb7a5ee4c0e941f
7f0c6ea574423d2a06658debdc6e08c0b4bc217d9d46cca23020e21e3346d741
8dee16cf4a80c95df5642ff0d4171ce0330075d05dbb3094cffc1d21fddffb17
8e5770d39baac416b5815476c62bc43467ccc8047c91a2931ec1e05b0ea985c2
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9423fedea26288e6252918d11cdecf5e0302c203cdaf8107dde01f87471951e3
95e3277ccaf4f0927c966b1f639783f7c2360d3a7c8d73c18a4c7cefe54918f7
97f6fa30a57a27509854418dc7a03b209710905fa8258fe0ee9c7c928b8d881b
ab623430f5489fe98ba9774c3052a19a6cbe9c12418dcb7c07aa9fc42a9b17aa
ae35b70dd0112c55987cc2278dc7e39e624a86a419cf35c7e68847de6b97d357
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b653871fe60b9d9c8fc0da378f949830c31f8e09390b6ef6a6b37c3a06980c53
b8b60343a1c0446b81f5f31e748f07c2c176ef66ea6c0de0d83b903bcc9c032e
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c3a466a1573f0db2f665b71bdb48873e630cd104e7a453acc362e617dd9c6b31
c65e9bee064369d49586b4f1934dd236d18c876862a7a2ff93e4d96aadff9e54
c663604075439ac98dc645260f523cf7bc003351609f7688f432f427e3756a42
ce8fb09b51cf2cc34007f104776957263e37644c40667b8704c348097f883851
d564b36f3a0fbaebebdb3ca3f79a8b1d36061b83f72221c036b78d075757f81c
d755d9fffee2857ccf6a2d489659d92548dcef512824ffcf95f1330b46915d91
dde097816ef79381d5bcf732cf9db4d9ba79fbe8df907a977e41a25a04bc02d9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3be81ffbcf09062e7351c784b220f1ae4663cd67b7ecb67b572ea0dbcaeef1a
e5b4475ec7b2ac36d3d281078b25b63174122439af27b5c40217a76c6abc72c9
e8cea791154939e2ffc2c5946a72dba941310d0dab59d0e4ee966916bd6c5acc
f5954ccdf65ec3251f44a6d1c9e7d61545c881f6d5e26030cdd3a1ddab9d4664
fbf89a33c155d951884b2f5c3687a46cff4fc85f8b595000cb0a2795d4918476
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

events.childrens-specialized.org Open in urlscan Pro 2606:4700::6812:f62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

98 %HTTPS

65 %IPv6

15 Domains

23 Subdomains

21 IPs

3 Countries

1255 kBTransfer

4051 kBSize

19 Cookies

4 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

events.childrens-specialized.org Open in urlscan Pro
2606:4700::6812:f62 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

98 %
HTTPS

65 %
IPv6

15
Domains

23
Subdomains

21
IPs

3
Countries

1255 kB
Transfer

4051 kB
Size

19
Cookies

83 HTTP transactions
2 data transactions