careflight.org Open in urlscan Pro
103.242.49.245 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://donate.careflight.org/page.redir?target=http://careflight.org/our-current-appeal-covid-19/&srcid=6259&srctid=1&erid=10...
Effective URL:
https://careflight.org/our-current-appeal-covid-19/
Submission: On July 11 via api (July 11th 2020, 3:09:40 am UTC) from BE

Summary HTTP 65 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 10 domains to perform 65 HTTP transactions. The main IP is 103.242.49.245, located in Australia and belongs to SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU. The main domain is careflight.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 27th 2020. Valid for: 3 months.

This is the only time careflight.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	61.14.102.28 61.14.102.28	9738 (BRENNANIT...) (BRENNANIT-AS9738-AP Brennan IT)
2 33	103.242.49.245 103.242.49.245	133044 (SOL1PTYLT...) (SOL1PTYLTD-AS-AP Sol1 Pty Ltd)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	216.235.207.153 216.235.207.153	3561 (CENTURYLI...) (CENTURYLINK-LEGACY-SAVVIS)
7	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
65	11

1 61.14.102.28 (Sydney, Australia) 1 redirects

ASN9738 (BRENNANIT-AS9738-AP Brennan IT, AU)

donate.careflight.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 103.242.49.245 (Australia) 2 redirects

ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU)

careflight.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.235.207.153 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)

bbox.blackbaudhosting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	careflight.org 3 redirects donate.careflight.org careflight.org	616 KB
11	blackbaudhosting.com bbox.blackbaudhosting.com	90 KB
7	facebook.com www.facebook.com	760 B
5	google.com www.google.com	1 KB
4	facebook.net connect.facebook.net	373 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	gstatic.com www.gstatic.com	257 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
1	doubleclick.net stats.g.doubleclick.net	99 B
1	cloudflare.com cdnjs.cloudflare.com	23 KB
65	10

	Domain	Requested by
33	careflight.org	2 redirects careflight.org
11	bbox.blackbaudhosting.com	careflight.org bbox.blackbaudhosting.com
7	www.facebook.com	careflight.org connect.facebook.net
5	www.google.com	careflight.org www.gstatic.com bbox.blackbaudhosting.com
4	connect.facebook.net	careflight.org connect.facebook.net
2	www.google-analytics.com	1 redirects careflight.org
2	www.gstatic.com	www.google.com
1	stats.g.doubleclick.net	careflight.org
1	cdnjs.cloudflare.com	careflight.org
1	ajax.googleapis.com	careflight.org
1	fonts.googleapis.com	careflight.org
1	donate.careflight.org	1 redirects
65	12

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
careflight.org Let's Encrypt Authority X3	`2020-05-27` - `2020-08-25`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.blackbaudhosting.com GeoTrust TLS RSA CA G1	`2019-10-11` - `2021-12-09`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://careflight.org/our-current-appeal-covid-19/
Frame ID: BB3DB8D7CCEF4966613FFA3D0DCFA5D5
Requests: 59 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/customerchat.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a92574e3c654%26domain%3Dcareflight.org%26origin%3Dhttps%253A%252F%252Fcareflight.org%252Ff227ee0a05c0f08%26relation%3Dparent.parent&container_width=0&locale=en_US&page_id=111125825564374&request_time=1594436962826&sdk=joey
Frame ID: 8071D0B3FDC3AC9B94212F8AB48090D5
Requests: 1 HTTP requests in this frame

Frame: https://bbox.blackbaudhosting.com/webforms/custom/mongo/scripts/MongoServer.html?xdm_e=https%3A%2F%2Fcareflight.org&xdm_c=default9377&xdm_p=1
Frame ID: 51A1B296BF6ABDB84C1695016D60EEFB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr_NEUAAAAAEZLBUC0dVdgimbjsUnR0RDStFhT&co=aHR0cHM6Ly9jYXJlZmxpZ2h0Lm9yZzo0NDM.&hl=en&v=nuX0GNR875hMLA1LR7ayD9tc&size=invisible&cb=t1o1qzvgutyv
Frame ID: FD8B4A47E5BCE2BDE4C22A65F437CDD2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/customer_chat/bubble
Frame ID: 65EA39FBD6F3B1E8498D6C1E6E46955C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdkFJMUAAAAAB1v49N1aaMoEPH85Qvfib4VqlNH&co=aHR0cHM6Ly9jYXJlZmxpZ2h0Lm9yZzo0NDM.&hl=en&v=nuX0GNR875hMLA1LR7ayD9tc&size=invisible&cb=wpzl69pkdti4
Frame ID: 525532B726215AEDAE72A864269E21A6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=nuX0GNR875hMLA1LR7ayD9tc&k=6LdkFJMUAAAAAB1v49N1aaMoEPH85Qvfib4VqlNH&cb=8za157jkbx4d
Frame ID: 1C8507AC6942206809F6208330C23739
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://donate.careflight.org/page.redir?target=http://careflight.org/our-current-appeal-covid-19/&srcid=6... HTTP 302
http://careflight.org/our-current-appeal-covid-19/ HTTP 301
https://careflight.org/our-current-appeal-covid-19/ Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

65
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

12
Subdomains

11
IPs

5
Countries

1408 kB
Transfer

3693 kB
Size

8
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/intl/en/policies/terms/
Title: reCAPTCHA

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en/policies/privacy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mycareflight
Title: MY CAREFLIGHTNational

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CareFlightTopEnd/
Title: CareFLight TopEndNorthern Territory

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/careflight?trk=tabs_biz_home

Search URL Search Domain Scan URL

URL: https://twitter.com/mycareflight

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mycareflight/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CareflightNSW

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://donate.careflight.org/page.redir?target=http://careflight.org/our-current-appeal-covid-19/&srcid=6259&srctid=1&erid=1062592&trid=170b6424-c8bc-49a0-893c-5b393fc9a1d5 HTTP 302
http://careflight.org/our-current-appeal-covid-19/ HTTP 301
https://careflight.org/our-current-appeal-covid-19/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://careflight.org/media/Most-reputable-charity-2019-WHITE HTTP 301
https://careflight.org/media/Most-reputable-charity-2019-WHITE.png

Request Chain 48

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1811586934&t=pageview&_s=1&dl=https%3A%2F%2Fcareflight.org%2Four-current-appeal-covid-19%2F&ul=en-us&de=UTF-8&dt=Our%20Current%20Appeal%20-%20CareFlight&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1152565781&gjid=1829105796&cid=2076469193.1594436963&tid=UA-46016039-1&_gid=722436526.1594436963&_r=1&z=815602442 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46016039-1&cid=2076469193.1594436963&jid=1152565781&_gid=722436526.1594436963&gjid=1829105796&_v=j83&z=815602442

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
careflight.org/our-current-appeal-covid-19/
Redirect Chain

https://donate.careflight.org/page.redir?target=http://careflight.org/our-current-appeal-covid-19/&srcid=6259&srctid=1&erid=1062592&trid=170b6424-c8bc-49a0-893c-5b393fc9a1d5
http://careflight.org/our-current-appeal-covid-19/
https://careflight.org/our-current-appeal-covid-19/

37 KB
9 KB

1072ms
540ms

Document
text/html

103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: d849cbd2911eeb346b70fa5b52fecd34eca3a8d86379fde840a1e4422ee39db4

Request headers

Host: careflight.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:20 GMT
Server: Apache/2.4.18 (Ubuntu)
Cache-Control: private, proxy-revalidate, s-maxage=0, max-age=604800
Link: <https://careflight.org/?p=7174>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sat, 18 Jul 2020 03:09:20 GMT
Content-Length: 9273
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sat, 11 Jul 2020 03:09:19 GMT
Server: Apache/2.4.18 (Ubuntu)
Location: https://careflight.org/our-current-appeal-covid-19/
Content-Length: 259
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK iframe_resizer.js Show response
careflight.org/wp-content/themes/careflight2016/js/ 13 KB
5 KB 804ms
266ms Script
application/javascript 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-content/themes/careflight2016/js/iframe_resizer.js
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c45687c5602a758f0b7a774a3f6e378439933081cc6f4018090dd979fa2212fa

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Apr 2018 02:29:08 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3343-5699d852c430e-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5175
Expires: Mon, 10 Aug 2020 03:09:21 GMT

GET
H/1.1 200
OK style.min.css
careflight.org/wp-includes/css/dist/components/ 81 KB
13 KB 269ms
267ms Stylesheet
text/css 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-includes/css/dist/components/style.min.css
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4c004b5da51137c8cb98bbcb2c7ac5bb2c84bd0362065807b4f76160b85c5271

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Oct 2019 06:29:28 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "144c3-59474682dbed9-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 13260
Expires: Mon, 10 Aug 2020 03:09:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
954 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif%3A400%2C400i%2C700%2C700i

Requested by

Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e78c502164e5f4af303f1596e393be57199dbf52a7d0baaeb569cc1f4dd99bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 11 Jul 2020 01:32:44 GMT
server: ESF
date: Sat, 11 Jul 2020 03:09:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Jul 2020 03:09:21 GMT

GET
H/1.1 200
OK style.min.css
careflight.org/wp-includes/css/dist/block-editor/ 72 KB
9 KB 537ms
266ms Stylesheet
text/css 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-includes/css/dist/block-editor/style.min.css
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e4b1fe2afad897c08a815e32ae07eeaa7db58ecfe48d75622db313450ebb59e9

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Oct 2019 06:29:28 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "11f74-59474682e1c99-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9011
Expires: Mon, 10 Aug 2020 03:09:21 GMT

GET
H/1.1 200
OK style.min.css
careflight.org/wp-includes/css/dist/nux/ 2 KB
1 KB 763ms
260ms Stylesheet
text/css 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-includes/css/dist/nux/style.min.css
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: dec2ef0b6843c1b310d824f841cea765bdf85cb4700b942b010aa8aa1c201d88

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Oct 2019 06:29:28 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "8ab-59474682dbed9-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 618
Expires: Mon, 10 Aug 2020 03:09:21 GMT

GET
H/1.1 200
OK style.min.css
careflight.org/wp-includes/css/dist/editor/ 16 KB
4 KB 764ms
261ms Stylesheet
text/css 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-includes/css/dist/editor/style.min.css
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 786b58610788fd938ae249f403907d9896a0303702911df6e18c91dbb45e6c5b

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Oct 2019 06:29:28 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3efa-59474682dde19-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3637
Expires: Mon, 10 Aug 2020 03:09:21 GMT

GET
H/1.1 200
OK blocks.style.build.css
careflight.org/wp-content/plugins/wallsio/block/dist/ 0
352 B 756ms
253ms Stylesheet
text/css 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-content/plugins/wallsio/block/dist/blocks.style.build.css
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:21 GMT
Last-Modified: Thu, 30 Apr 2020 03:28:19 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "0-5a479a7fac2ed"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 0
Expires: Mon, 10 Aug 2020 03:09:21 GMT

GET
H/1.1 200
OK style.min.css
careflight.org/wp-content/themes/careflight2016/css/ 218 KB
33 KB 770ms
266ms Stylesheet
text/css 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 2bc24196b7a54ea5b375954cee8b26cd5d247a609b2c6e2e4394ec295aed5ba2

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 06:06:26 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "36907-59f6049b9b60e-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33201
Expires: Mon, 10 Aug 2020 03:09:21 GMT

GET
H/1.1 200
OK careflight-covid.css
careflight.org/wp-content/plugins/careflight-covid/ 7 KB
2 KB 764ms
260ms Stylesheet
text/css 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-content/plugins/careflight-covid/careflight-covid.css
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: f07fb6ddc3a2b18bc838ff26f6a3685175756126d6ba6c196e8986389a030d56

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 May 2020 04:14:37 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1ad6-5a48e6b655054-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1589
Expires: Mon, 10 Aug 2020 03:09:21 GMT

GET
H/1.1 200
OK logo.svg
careflight.org/wp-content/themes/careflight2016/img/ 5 KB
2 KB 944ms
940ms Image
image/svg+xml 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/wp-content/themes/careflight2016/img/logo.svg
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: bfa5856d0fe8397f95aecb52b2a3a01fdb7122432fdba3c22615a394245ea728

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2016 02:05:59 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "130d-53e8d514f0fc0-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1792
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H/1.1 200
OK Medical-cross_14x14_.png
careflight.org/media/ 253 B
608 B 258ms
254ms Image
image/png 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/media/Medical-cross_14x14_.png
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 468fa113e197755326dc3ef8855b867785af4a7280675a014c9137055cda0d66

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Last-Modified: Tue, 03 Mar 2020 03:15:59 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "fd-59feab90bf4cb"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 253
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H/1.1

200
OK

Most-reputable-charity-2019-WHITE.png
careflight.org/media/
Redirect Chain

https://careflight.org/media/Most-reputable-charity-2019-WHITE
https://careflight.org/media/Most-reputable-charity-2019-WHITE.png

55 KB
55 KB

252ms
251ms

Image
image/png

103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/media/Most-reputable-charity-2019-WHITE.png
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 2717d276b35434202bf3ffcbaec028c33ff5831624a23f93cb4de882ddb44e6b

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:23 GMT
Last-Modified: Thu, 02 Apr 2020 01:51:00 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "da90-5a245085fc642"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 55952
Expires: Mon, 10 Aug 2020 03:09:23 GMT

Redirect headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Redirect-By: Yoast SEO
Content-Type: text/html; charset=UTF-8
Location: https://careflight.org/media/Most-reputable-charity-2019-WHITE.png
Cache-Control: private, proxy-revalidate, s-maxage=0, max-age=604800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 0
Expires: Sat, 18 Jul 2020 03:09:22 GMT

GET
H/1.1 200
OK ico_in.svg
careflight.org/wp-content/themes/careflight2016/img/ 1 KB
936 B 261ms
261ms Image
image/svg+xml 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/wp-content/themes/careflight2016/img/ico_in.svg
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 8436d428ac9fc16c10356bb4acc7febe0446d4c60bc628d32a8cce32b4aa6724

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2016 02:05:35 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "442-53e8d4fe0d9c0-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 524
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H/1.1 200
OK ico_tw.svg
careflight.org/wp-content/themes/careflight2016/img/ 1 KB
1 KB 261ms
260ms Image
image/svg+xml 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/wp-content/themes/careflight2016/img/ico_tw.svg
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 8d27417e97dd6f91c27a5c5b7c8631eca5d7dfadfa666c5b938dd2d7527040de

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2016 02:05:54 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "4b9-53e8d5102c480-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 655
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H/1.1 200
OK ico_is.svg
careflight.org/wp-content/themes/careflight2016/img/ 1 KB
995 B 265ms
264ms Image
image/svg+xml 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/wp-content/themes/careflight2016/img/ico_is.svg
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 7a16d7f2f59e0c2ce6d219e6663ef2fc53fc7dfdfabcc3f42d8d7d73c72c7fc1

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2016 02:05:37 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "500-53e8d4fff5e40-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 583
Expires: Mon, 10 Aug 2020 03:09:23 GMT

GET
H/1.1 200
OK ico_yt.svg
careflight.org/wp-content/themes/careflight2016/img/ 2 KB
1 KB 251ms
251ms Image
image/svg+xml 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/wp-content/themes/careflight2016/img/ico_yt.svg
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: f029937a965dfc36c373189845e327ba1cfe14f0eb87b61bc1a8aeb46dd0315b

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2016 02:05:57 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "625-53e8d51308b40-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 856
Expires: Mon, 10 Aug 2020 03:09:23 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
29 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Jun 2020 00:46:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2773381
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 00:46:20 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/ 58 KB
23 KB 33ms
17ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js

Requested by

Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 11 Jul 2020 03:09:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 9486760
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03dd725e4500001f1d4b34c200000001
served-in-seconds: 0.004
timing-allow-origin: *
last-modified: Mon, 23 Mar 2020 04:01:28 GMT
server: cloudflare
etag: W/"5e783498-e6bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b0f5343a8321f1d-FRA
expires: Thu, 01 Jul 2021 03:09:21 GMT

GET
H/1.1 200
OK careflight-covid.js Show response
careflight.org/wp-content/plugins/careflight-covid/js/ 2 KB
2 KB 266ms
265ms Script
application/javascript 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-content/plugins/careflight-covid/js/careflight-covid.js
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 1b146e335e184e551f5793bed9a8a8a41b04a9c6218b332c75c1d17fcda17a51

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 May 2020 04:14:37 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "9fc-5a48e6b656f94-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1233
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H/1.1 200
OK scripts.js Show response
careflight.org/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 253ms
253ms Script
application/javascript 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Mar 2020 04:22:15 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3868-5a0a0b297459c-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3993
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 708 B
567 B 25ms
21ms Script
text/javascript 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcr_NEUAAAAAEZLBUC0dVdgimbjsUnR0RDStFhT

Requested by

Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ffa58419c2f5d2d7a267a003025385fa5847985c5918c9e367aa181f14126fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 11 Jul 2020 03:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476
x-xss-protection: 1; mode=block
expires: Sat, 11 Jul 2020 03:09:22 GMT

GET
H/1.1 200
OK plugins.min.js Show response
careflight.org/wp-content/themes/careflight2016/js/ 188 KB
49 KB 270ms
266ms Script
application/javascript 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-content/themes/careflight2016/js/plugins.min.js
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 3a30d6c0e5d80748803ed43548af50afbafe0dea396c6aeae5302f69475d4f4e

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2016 19:50:58 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "2ee03-543cbe3854480-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 49593
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H/1.1 200
OK main.min.js Show response
careflight.org/wp-content/themes/careflight2016/js/ 10 KB
3 KB 257ms
253ms Script
application/javascript 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-content/themes/careflight2016/js/main.min.js
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 9cf18f759e9c5510c65575e7df1566f9addf64e8a04e6d40d34325a4241402be

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Apr 2018 02:54:27 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "2662-5699ddfb01c06-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2659
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34220
x-xss-protection: 0
pragma: public
x-fb-debug: KPcRskf+B9+4BgwrCLargw0lzo4Ry5BsCdspOjfdPh//1zB+BmE3/NmsnLLlJpZqb1tr8MJmfSZ3p+DOVMrJAw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 11 Jul 2020 03:09:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 261 KB
76 KB 21ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f04999c8dc5f3fb62b31190b79a3c7ebf83301f46403fc30efe2b2b23be93fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3pJT2NhCrjzfrKN+DBn/Gg==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 77016
etag: "e9e7847c1552920280de7df8e2b8276c"
x-fb-debug: aIiZ5bs9c2PdAEsc6tsvFq39Q0mVv4EMWG1VySm5/AsdVgAF3oN0rhDZmYt9j5S1KWISQbhSDFHGKZqsqhVTTg==
x-fb-trip-id: 664085054
x-fb-content-md5: 89245b183b67a8880050a3549739a7d8
x-frame-options: DENY
date: Sat, 11 Jul 2020 03:09:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 11 Jul 2020 03:23:38 GMT

GET
H/1.1 200
OK ico_down.png
careflight.org/wp-content/themes/careflight2016/img/ 123 B
478 B 696ms
252ms Image
image/png 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/wp-content/themes/careflight2016/img/ico_down.png
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c85b4ec982cf6de7bb2b7b76bb26bd3686b5d2835db33490b483c1ba9d15a963

Request headers

Referer: https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Last-Modified: Tue, 11 Oct 2016 02:05:27 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "7b-53e8d4f66c7c0"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 123
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H/1.1 200
OK ico_search_grey.svg
careflight.org/wp-content/themes/careflight2016/img/ 749 B
826 B 457ms
252ms Image
image/svg+xml 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/wp-content/themes/careflight2016/img/ico_search_grey.svg
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 04d7929ba4f2bd3278d40ef67a722d4e1460c7fa1a593c4e3c6ac4b5784c03a8

Request headers

Referer: https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2016 02:05:53 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "2ed-53e8d50f38240-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 414
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H/1.1 200
OK bg_blue.png
careflight.org/wp-content/themes/careflight2016/img/ 371 B
727 B 608ms
264ms Image
image/png 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/wp-content/themes/careflight2016/img/bg_blue.png
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: aa147e2535dca18d1c6f35b61df283321e05835d43118cba60c8cd1f478bfc87

Request headers

Referer: https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Last-Modified: Tue, 11 Oct 2016 02:04:55 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "173-53e8d4d7e7fc0"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 371
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H/1.1 200
OK ico_bread.svg
careflight.org/wp-content/themes/careflight2016/img/ 438 B
705 B 708ms
251ms Image
image/svg+xml 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/wp-content/themes/careflight2016/img/ico_bread.svg
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 751327d2a90499eb5a6c4a220113580933c957e42b0e4350c6abc9cef4d5fc54

Request headers

Referer: https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2016 02:05:13 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1b6-53e8d4e912840-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 293
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H/1.1 200
OK Tax_appeal_2020_1-1400x499.jpg
careflight.org/media/ 323 KB
323 KB 470ms
264ms Image
image/jpeg 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/media/Tax_appeal_2020_1-1400x499.jpg
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: aa9946f3ea0301e1e49f90b74fcd479f7333b096298b7d0441b4cd51a5ac72d7

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Last-Modified: Wed, 15 Apr 2020 06:11:36 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "50a44-5a34e304698b2"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 330308
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H/1.1 200
OK CenturyGothic-Bold.woff
careflight.org/wp-content/themes/careflight2016/fonts/ 24 KB
25 KB 386ms
266ms Font
application/x-font-woff 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-content/themes/careflight2016/fonts/CenturyGothic-Bold.woff
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 60b9498ecd22f33407fb44aba2af7c313d5991aa23666f7e3876d4944ea6b71d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
Origin: https://careflight.org

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Oct 2016 23:40:06 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6094-53e8b4796e180-gzip"
Vary: Accept-Encoding
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 24657
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H/1.1 200
OK CenturyGothic-Regular.woff
careflight.org/wp-content/themes/careflight2016/fonts/ 24 KB
25 KB 486ms
253ms Font
application/x-font-woff 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://careflight.org/wp-content/themes/careflight2016/fonts/CenturyGothic-Regular.woff
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 8d81303ca0a6e8aad0fe6030abf5b3f1b3febe866a31e01c1221a11a4446f72d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
Origin: https://careflight.org

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Oct 2016 23:40:11 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "6180-53e8b47e32cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 24878
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H/1.1 200
OK bbox-min.js Show response
bbox.blackbaudhosting.com/webforms/ 167 KB
55 KB 308ms
105ms Script
application/javascript 216.235.207.153
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://bbox.blackbaudhosting.com/webforms/bbox-min.js

Requested by

Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

2d687e30b200ff0349d6e0f975712494f0a5b689e98555b0b1bec7cc8c8878b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Thu, 25 Jun 2020 18:31:38 GMT
ETag: "021d4dc1e4bd61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Date: Sat, 11 Jul 2020 03:09:21 GMT
Accept-Ranges: bytes
Content-Length: 55409

GET
H/1.1 200
OK bg_blockquote1.jpg
careflight.org/wp-content/themes/careflight2016/img/ 38 KB
38 KB 252ms
251ms Image
image/jpeg 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/wp-content/themes/careflight2016/img/bg_blockquote1.jpg
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 1ec9d45805459582fb9ad493c203c2221a57e65cb97aae39428e96b08ab4c527

Request headers

Referer: https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:23 GMT
Last-Modified: Tue, 11 Oct 2016 02:04:55 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "980a-53e8d4d7e7fc0"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 38922
Expires: Mon, 10 Aug 2020 03:09:23 GMT

GET
H/1.1 200
OK bg_footer.png
careflight.org/wp-content/themes/careflight2016/img/ 1 KB
2 KB 253ms
252ms Image
image/png 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/wp-content/themes/careflight2016/img/bg_footer.png
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 6ed749cfc070ab413d757bb94a0f6f84044c80cfbcdcea860ab92a48b417209c

Request headers

Referer: https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:23 GMT
Last-Modified: Tue, 11 Oct 2016 02:04:57 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5a0-53e8d4d9d0440"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1440
Expires: Mon, 10 Aug 2020 03:09:23 GMT

GET
H/1.1 200
OK ico_fb.svg
careflight.org/wp-content/themes/careflight2016/img/ 853 B
840 B 277ms
251ms Image
image/svg+xml 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/wp-content/themes/careflight2016/img/ico_fb.svg
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 759fe9a50c63d1a02d80fd4e56a78a1c55e4eb34649a0f5a5be72a367172ca77

Request headers

Referer: https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Oct 2016 02:05:33 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "355-53e8d4fc25540-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 428
Expires: Mon, 10 Aug 2020 03:09:23 GMT

GET
H/1.1 200
OK ico_up_m_grey.png
careflight.org/wp-content/themes/careflight2016/img/ 998 B
1 KB 826ms
264ms Image
image/png 103.242.49.245
SOL1PTYLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://careflight.org/wp-content/themes/careflight2016/img/ico_up_m_grey.png
Requested by: Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.242.49.245 , Australia, ASN133044 (SOL1PTYLTD-AS-AP Sol1 Pty Ltd, AU),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 40c45f169f29dcf56524d4b80851d7baa85e8ae730b40de495f2004fd2021758

Request headers

Referer: https://careflight.org/wp-content/themes/careflight2016/css/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 11 Jul 2020 03:09:22 GMT
Last-Modified: Sun, 13 Nov 2016 08:08:32 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3e6-5412a3aa6e000"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 998
Expires: Mon, 10 Aug 2020 03:09:22 GMT

GET
H2 200 2092665377671548 Show response
connect.facebook.net/signals/config/ 522 KB
132 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2092665377671548?v=2.9.22&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e7f8c356e1d7ea0716f4b3e81240460327471a3baa9a7dd95ca8abf5a054cb2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134566
x-xss-protection: 0
pragma: public
x-fb-debug: UzrpAaQc5O3gbY+Wr9h6+FHvbvqOZQlBFjJRUx/L9gZINiRL8t5aHixuR8ylgLAVf/F9RVHEluNurpvfkHNg7A==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 11 Jul 2020 03:09:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
330 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2092665377671548&ev=PageView&dl=https%3A%2F%2Fcareflight.org%2Four-current-appeal-covid-19%2F&rl=&if=false&ts=1594436962201&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1594436962200.399541735&it=1594436962149&coo=false&rqm=GET

Requested by

Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 11 Jul 2020 03:09:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 11 Jul 2020 03:09:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2092665377671548&ev=Search&dl=https%3A%2F%2Fcareflight.org%2Four-current-appeal-covid-19%2F&rl=&if=false&ts=1594436962203&sw=1600&sh=1200&v=2.9.22&r=stable&ec=1&o=30&fbp=fb.1.1594436962200.399541735&it=1594436962149&coo=false&rqm=GET

Requested by

Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 11 Jul 2020 03:09:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 11 Jul 2020 03:09:22 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/nuX0GNR875hMLA1LR7ayD9tc/ 326 KB
129 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nuX0GNR875hMLA1LR7ayD9tc/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcr_NEUAAAAAEZLBUC0dVdgimbjsUnR0RDStFhT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2e2193b80b80a02175ba290c19de90f1be97c03dc535e96add37b080286d597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 06 Jul 2020 16:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 04:04:52 GMT
server: sffe
age: 384514
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131475
x-xss-protection: 0
expires: Tue, 06 Jul 2021 16:20:48 GMT

GET
H/1.1 200
OK ajax_loader_border2.gif
bbox.blackbaudhosting.com/webforms/images/ 7 KB
7 KB 98ms
98ms Image
image/gif 216.235.207.153
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bbox.blackbaudhosting.com/webforms/images/ajax_loader_border2.gif

Requested by

Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

18a44681500a925fc32b3da12bf8c1f3b76d1bfed769546efa26258b2db1df2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 25 Jun 2020 18:29:38 GMT
ETag: "0954d951e4bd61:0"
Content-Type: image/gif
Cache-Control: no-cache
Date: Sat, 11 Jul 2020 03:09:22 GMT
Accept-Ranges: bytes
Content-Length: 7160

POST
H2 200 /
www.facebook.com/tr/ 0
82 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCywzk9aLtZzBsD66

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 11 Jul 2020 03:09:22 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://careflight.org
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 883658725102198 Show response
connect.facebook.net/signals/config/ 522 KB
132 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/883658725102198?v=2.9.22&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f67270c85a8f3cc259b4ae6b694b7d623253c11b305904539e360c973d99c9ce

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134557
x-xss-protection: 0
pragma: public
x-fb-debug: svl0tpbZR6mRnvWPSea0qcjmeHs6v026/d/hYDKUsW7iU0THpL/0nYM2gOOD9OMtiprR1WSYuMeocE+xNXWJHA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 11 Jul 2020 03:09:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 784
date: Sat, 11 Jul 2020 02:56:18 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sat, 11 Jul 2020 04:56:18 GMT

GET
H2 200 customerchat.php
www.facebook.com/v2.12/plugins/ Frame 8071 0
0 95ms
95ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/customerchat.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a92574e3c654%26domain%3Dcareflight.org%26origin%3Dhttps%253A%252F%252Fcareflight.org%252Ff227ee0a05c0f08%26relation%3Dparent.parent&container_width=0&locale=en_US&page_id=111125825564374&request_time=1594436962826&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; frame-ancestors https://careflight.org;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.12/plugins/customerchat.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a92574e3c654%26domain%3Dcareflight.org%26origin%3Dhttps%253A%252F%252Fcareflight.org%252Ff227ee0a05c0f08%26relation%3Dparent.parent&container_width=0&locale=en_US&page_id=111125825564374&request_time=1594436962826&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://careflight.org/our-current-appeal-covid-19/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0EQQgbvTYV59QEGGL..BfCS1i...1.0.BfCS1i.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://careflight.org/our-current-appeal-covid-19/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests; frame-ancestors https://careflight.org;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.0
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: 5n2SYqig6dQbeXGdu75dcdVISWT30ZJh2fs7+EVLb4bvzF0n7Mbgw0frTaqSGPPAzA+eY3RfAInsTZ5/mcYQkQ==
date: Sat, 11 Jul 2020 03:09:22 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H/1.1 200
OK MongoServer.html
bbox.blackbaudhosting.com/webforms/custom/mongo/scripts/ Frame 51A1 0
0 107ms
107ms Document
text/html 216.235.207.153
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://bbox.blackbaudhosting.com/webforms/custom/mongo/scripts/MongoServer.html?xdm_e=https%3A%2F%2Fcareflight.org&xdm_c=default9377&xdm_p=1

Requested by

Host: bbox.blackbaudhosting.com
URL: https://bbox.blackbaudhosting.com/webforms/bbox-min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: bbox.blackbaudhosting.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://careflight.org/our-current-appeal-covid-19/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: NSC_QH-PMY=ffffffff090c1bdb45525d5f4f58455e445a4a42378b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://careflight.org/our-current-appeal-covid-19/

Response headers

Cache-Control: no-cache
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 25 Jun 2020 18:29:40 GMT
Accept-Ranges: bytes
ETag: "0c27e961e4bd61:0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Date: Sat, 11 Jul 2020 03:09:22 GMT
Content-Length: 397

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame FD8B 0
0 32ms
31ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcr_NEUAAAAAEZLBUC0dVdgimbjsUnR0RDStFhT&co=aHR0cHM6Ly9jYXJlZmxpZ2h0Lm9yZzo0NDM.&hl=en&v=nuX0GNR875hMLA1LR7ayD9tc&size=invisible&cb=t1o1qzvgutyv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nuX0GNR875hMLA1LR7ayD9tc/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CPfpEo4punOaLMutWPNvKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lcr_NEUAAAAAEZLBUC0dVdgimbjsUnR0RDStFhT&co=aHR0cHM6Ly9jYXJlZmxpZ2h0Lm9yZzo0NDM.&hl=en&v=nuX0GNR875hMLA1LR7ayD9tc&size=invisible&cb=t1o1qzvgutyv
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://careflight.org/our-current-appeal-covid-19/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://careflight.org/our-current-appeal-covid-19/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 11 Jul 2020 03:09:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-CPfpEo4punOaLMutWPNvKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9566
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1811586934&t=pageview&_s=1&dl=https%3A%2F%2Fcareflight.org%2Four-current-appeal-covid-19%2F&ul=en-us&de=UTF-8&dt=Our%20Current%20Appeal%20-%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46016039-1&cid=2076469193.1594436963&jid=1152565781&_gid=722436526.1594436963&gjid=1829105796&_v=j83&z=815602442

35 B
99 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46016039-1&cid=2076469193.1594436963&jid=1152565781&_gid=722436526.1594436963&gjid=1829105796&_v=j83&z=815602442

Requested by

Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 11 Jul 2020 03:09:22 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 11 Jul 2020 03:09:22 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46016039-1&cid=2076469193.1594436963&jid=1152565781&_gid=722436526.1594436963&gjid=1829105796&_v=j83&z=815602442
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=883658725102198&ev=PageView&dl=https%3A%2F%2Fcareflight.org%2Four-current-appeal-covid-19%2F&rl=&if=false&ts=1594436962905&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1594436962200.399541735&it=1594436962149&coo=false&rqm=GET

Requested by

Host: careflight.org
URL: https://careflight.org/our-current-appeal-covid-19/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 11 Jul 2020 03:09:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 11 Jul 2020 03:09:22 GMT

GET
H2 200 bubble
www.facebook.com/v2.12/plugins/customer_chat/ Frame 65EA 0
0 37ms
37ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/customer_chat/bubble

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.12/plugins/customer_chat/bubble
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://careflight.org/our-current-appeal-covid-19/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0EQQgbvTYV59QEGGL..BfCS1i...1.0.BfCS1i.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://careflight.org/our-current-appeal-covid-19/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.0
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: k7cSDizj9jeLlSrcMbYPCjHKDgordjWP3PA/7VHvYL6Yv6cGAgV2XHX7jVCENacYCUDwHXLNEJil7O5mbXVVKg==
date: Sat, 11 Jul 2020 03:09:23 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

POST
H2 200 /
www.facebook.com/tr/ 0
36 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAlExa1AfdG7UsGAR

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 11 Jul 2020 03:09:23 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://careflight.org
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK Tax-Appeal-Online-Form----Covid-eDM---Copy---248345---Generated.637291790825800000.css
bbox.blackbaudhosting.com/webforms/ 45 KB
7 KB 468ms
468ms Stylesheet
text/css 216.235.207.153
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://bbox.blackbaudhosting.com/webforms/Tax-Appeal-Online-Form----Covid-eDM---Copy---248345---Generated.637291790825800000.css?id=484445&nodefaults=1

Requested by

Host: bbox.blackbaudhosting.com
URL: https://bbox.blackbaudhosting.com/webforms/bbox-min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

2262125484f41a7d9f34d4513cc8666f517643fbd2ba033cbbc37495baa7bc2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Wed, 01 Jul 2020 05:44:42 GMT
Date: Sat, 11 Jul 2020 03:09:24 GMT
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: private
Content-Length: 7145

GET
H/1.1 200
OK 1c89cad8-58be-4aaa-b55f-e9530ddc0a25.637291790823430000.css
bbox.blackbaudhosting.com/webforms/ 7 KB
1 KB 178ms
177ms Stylesheet
text/css 216.235.207.153
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://bbox.blackbaudhosting.com/webforms/1c89cad8-58be-4aaa-b55f-e9530ddc0a25.637291790823430000.css?id=484446&nodefaults=1

Requested by

Host: bbox.blackbaudhosting.com
URL: https://bbox.blackbaudhosting.com/webforms/bbox-min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

b4625c69061f3ba22dd6c14fa0c8eaa9effc9cc00210e506c5425369374a6110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Wed, 01 Jul 2020 05:44:42 GMT
Date: Sat, 11 Jul 2020 03:09:24 GMT
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: private
Content-Length: 893

GET
H/1.1 200
OK bbox-donation-min.js Show response
bbox.blackbaudhosting.com/webforms/custom/mongo/scripts/ 34 KB
10 KB 201ms
201ms Script
application/javascript 216.235.207.153
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://bbox.blackbaudhosting.com/webforms/custom/mongo/scripts/bbox-donation-min.js?v=-268431360

Requested by

Host: bbox.blackbaudhosting.com
URL: https://bbox.blackbaudhosting.com/webforms/bbox-min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

a3834b099917ad50875fa35b176e16d18d8b5c1648ed6e9040dca7c77c88503d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Thu, 25 Jun 2020 18:31:42 GMT
ETag: "07b36df1e4bd61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Date: Sat, 11 Jul 2020 03:09:23 GMT
Accept-Ranges: bytes
Content-Length: 9693

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 734 B
561 B 17ms
17ms Script
text/javascript 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderReCAPTCHA&render=explicit&_=1594436964995

Requested by

Host: bbox.blackbaudhosting.com
URL: https://bbox.blackbaudhosting.com/webforms/bbox-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dee99aa2300c59e6486ab0d6123f8eb828da6d6303272c77c1c1de444998af19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 11 Jul 2020 03:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 470
x-xss-protection: 1; mode=block
expires: Sat, 11 Jul 2020 03:09:25 GMT

GET
H/1.1 200
OK bboxhelp.png
bbox.blackbaudhosting.com/webforms/images/ 531 B
797 B 98ms
97ms Image
image/png 216.235.207.153
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bbox.blackbaudhosting.com/webforms/images/bboxhelp.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

058000394cc485bd8bd3a84871840fed25416bc309d618b0e014f33d4fa6f811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 25 Jun 2020 18:29:38 GMT
ETag: "0954d951e4bd61:0"
Content-Type: image/png
Cache-Control: no-cache
Date: Sat, 11 Jul 2020 03:09:24 GMT
Accept-Ranges: bytes
Content-Length: 531

GET
H/1.1 200
OK amex_normal.png
bbox.blackbaudhosting.com/webforms/images/cards/ 4 KB
4 KB 101ms
99ms Image
image/png 216.235.207.153
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bbox.blackbaudhosting.com/webforms/images/cards/amex_normal.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

5656cda8005313644d73fa53b51ada197ee1c25a5df5fd1dfa9c7a2d49f74193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 25 Jun 2020 18:29:38 GMT
ETag: "0954d951e4bd61:0"
Content-Type: image/png
Cache-Control: no-cache
Date: Sat, 11 Jul 2020 03:09:24 GMT
Accept-Ranges: bytes
Content-Length: 3809

GET
H/1.1 404
Not Found diners_normal.png
bbox.blackbaudhosting.com/webforms/images/cards/ 0
0 1310ms
1308ms Image
text/html 216.235.207.153
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bbox.blackbaudhosting.com/webforms/images/cards/diners_normal.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK mastercard_normal.png
bbox.blackbaudhosting.com/webforms/images/cards/ 3 KB
3 KB 195ms
98ms Image
image/png 216.235.207.153
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bbox.blackbaudhosting.com/webforms/images/cards/mastercard_normal.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

328d74f5028f8f5f02f611ea9231dfccec0654f92c6bbcb1225f292d25b0c706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 25 Jun 2020 18:29:38 GMT
ETag: "0954d951e4bd61:0"
Content-Type: image/png
Cache-Control: no-cache
Date: Sat, 11 Jul 2020 03:09:24 GMT
Accept-Ranges: bytes
Content-Length: 2896

GET
H/1.1 200
OK visa_normal.png
bbox.blackbaudhosting.com/webforms/images/cards/ 2 KB
2 KB 200ms
99ms Image
image/png 216.235.207.153
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bbox.blackbaudhosting.com/webforms/images/cards/visa_normal.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.235.207.153 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

d7889b1aa77c609f75d849db2fee1575bc403b5518448332d4cdf946dae0823b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 25 Jun 2020 18:29:38 GMT
ETag: "0954d951e4bd61:0"
Content-Type: image/png
Cache-Control: no-cache
Date: Sat, 11 Jul 2020 03:09:24 GMT
Accept-Ranges: bytes
Content-Length: 1896

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/nuX0GNR875hMLA1LR7ayD9tc/ 326 KB
129 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/nuX0GNR875hMLA1LR7ayD9tc/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderReCAPTCHA&render=explicit&_=1594436964995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2e2193b80b80a02175ba290c19de90f1be97c03dc535e96add37b080286d597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://careflight.org/our-current-appeal-covid-19/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 06 Jul 2020 16:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Jul 2020 04:04:52 GMT
server: sffe
age: 384517
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131475
x-xss-protection: 0
expires: Tue, 06 Jul 2021 16:20:48 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 5255 0
0 31ms
30ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdkFJMUAAAAAB1v49N1aaMoEPH85Qvfib4VqlNH&co=aHR0cHM6Ly9jYXJlZmxpZ2h0Lm9yZzo0NDM.&hl=en&v=nuX0GNR875hMLA1LR7ayD9tc&size=invisible&cb=wpzl69pkdti4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nuX0GNR875hMLA1LR7ayD9tc/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fQb8ZTtdY1XICnyuO9wjzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdkFJMUAAAAAB1v49N1aaMoEPH85Qvfib4VqlNH&co=aHR0cHM6Ly9jYXJlZmxpZ2h0Lm9yZzo0NDM.&hl=en&v=nuX0GNR875hMLA1LR7ayD9tc&size=invisible&cb=wpzl69pkdti4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://careflight.org/our-current-appeal-covid-19/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://careflight.org/our-current-appeal-covid-19/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 11 Jul 2020 03:09:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-fQb8ZTtdY1XICnyuO9wjzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11275
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 1C85 0
0 49ms
48ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=nuX0GNR875hMLA1LR7ayD9tc&k=6LdkFJMUAAAAAB1v49N1aaMoEPH85Qvfib4VqlNH&cb=8za157jkbx4d

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nuX0GNR875hMLA1LR7ayD9tc/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-41HFODoU7MV4vy/UZpk5Yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=nuX0GNR875hMLA1LR7ayD9tc&k=6LdkFJMUAAAAAB1v49N1aaMoEPH85Qvfib4VqlNH&cb=8za157jkbx4d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://careflight.org/our-current-appeal-covid-19/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://careflight.org/our-current-appeal-covid-19/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 11 Jul 2020 03:09:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-41HFODoU7MV4vy/UZpk5Yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1176
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 15:17:28	Name: NID Value: 204=aqDI9psg_mA05pZbRcXuXGCBav4qu9Z4Vys4SA_GsT1I60DD6d_gsfeA93US8z8FfccDWvojw4yDXiFbLBGfe5cW-fSdrVEKFisrdDTrqmLtOnM8SDFzXEiKIIWphw2RjGS7xZborgighaXkaKZQDfJP6-sAcOoikIEk9yBCLTU
.facebook.com/	1970-01-19 13:03:32	Name: fr Value: 0EQQgbvTYV59QEGGL..BfCS1i...1.0.BfCS1i.
.careflight.org/	1970-01-19 10:55:23	Name: _gid Value: GA1.2.722436526.1594436963
.careflight.org/	1970-01-19 10:53:57	Name: _gat Value: 1
.careflight.org/	1970-01-19 13:03:32	Name: _fbp Value: fb.1.1594436962200.399541735
bbox.blackbaudhosting.com/	1969-12-31 23:59:59	Name: NSC_QH-PMY Value: ffffffff090c1bdb45525d5f4f58455e445a4a42378b
.careflight.org/	1970-01-20 04:25:08	Name: _ga Value: GA1.2.2076469193.1594436963
careflight.org/	1970-01-19 11:04:01	Name: careflight_loading Value: true

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js(Line 10) Message: GSAP target [object Object] not found. https://greensock.com
console-api	warning	URL: https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js(Line 10) Message: GSAP target not found. https://greensock.com
console-api	warning	URL: https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js(Line 10) Message: GSAP target [object Object] not found. https://greensock.com
console-api	warning	URL: https://cdnjs.cloudflare.com/ajax/libs/gsap/3.2.6/gsap.min.js(Line 10) Message: GSAP target not found. https://greensock.com
console-api	log	URL: https://careflight.org/wp-content/plugins/careflight-covid/js/careflight-covid.js(Line 1) Message: DOM Ready…
console-api	log	URL: https://careflight.org/wp-content/plugins/careflight-covid/js/careflight-covid.js(Line 1) Message: Fully Loaded…

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bbox.blackbaudhosting.com
careflight.org
cdnjs.cloudflare.com
connect.facebook.net
donate.careflight.org
fonts.googleapis.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
103.242.49.245
216.235.207.153
2606:4700::6810:84e5
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:820::200a
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
61.14.102.28
04d7929ba4f2bd3278d40ef67a722d4e1460c7fa1a593c4e3c6ac4b5784c03a8
058000394cc485bd8bd3a84871840fed25416bc309d618b0e014f33d4fa6f811
0f04999c8dc5f3fb62b31190b79a3c7ebf83301f46403fc30efe2b2b23be93fb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18a44681500a925fc32b3da12bf8c1f3b76d1bfed769546efa26258b2db1df2f
1b146e335e184e551f5793bed9a8a8a41b04a9c6218b332c75c1d17fcda17a51
1e7f8c356e1d7ea0716f4b3e81240460327471a3baa9a7dd95ca8abf5a054cb2
1ec9d45805459582fb9ad493c203c2221a57e65cb97aae39428e96b08ab4c527
2262125484f41a7d9f34d4513cc8666f517643fbd2ba033cbbc37495baa7bc2b
2717d276b35434202bf3ffcbaec028c33ff5831624a23f93cb4de882ddb44e6b
2bc24196b7a54ea5b375954cee8b26cd5d247a609b2c6e2e4394ec295aed5ba2
2d687e30b200ff0349d6e0f975712494f0a5b689e98555b0b1bec7cc8c8878b6
2ffa58419c2f5d2d7a267a003025385fa5847985c5918c9e367aa181f14126fa
328d74f5028f8f5f02f611ea9231dfccec0654f92c6bbcb1225f292d25b0c706
3a30d6c0e5d80748803ed43548af50afbafe0dea396c6aeae5302f69475d4f4e
40c45f169f29dcf56524d4b80851d7baa85e8ae730b40de495f2004fd2021758
468fa113e197755326dc3ef8855b867785af4a7280675a014c9137055cda0d66
4c004b5da51137c8cb98bbcb2c7ac5bb2c84bd0362065807b4f76160b85c5271
5656cda8005313644d73fa53b51ada197ee1c25a5df5fd1dfa9c7a2d49f74193
60b9498ecd22f33407fb44aba2af7c313d5991aa23666f7e3876d4944ea6b71d
6ed749cfc070ab413d757bb94a0f6f84044c80cfbcdcea860ab92a48b417209c
751327d2a90499eb5a6c4a220113580933c957e42b0e4350c6abc9cef4d5fc54
759fe9a50c63d1a02d80fd4e56a78a1c55e4eb34649a0f5a5be72a367172ca77
786b58610788fd938ae249f403907d9896a0303702911df6e18c91dbb45e6c5b
7a16d7f2f59e0c2ce6d219e6663ef2fc53fc7dfdfabcc3f42d8d7d73c72c7fc1
7e78c502164e5f4af303f1596e393be57199dbf52a7d0baaeb569cc1f4dd99bb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8436d428ac9fc16c10356bb4acc7febe0446d4c60bc628d32a8cce32b4aa6724
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8d27417e97dd6f91c27a5c5b7c8631eca5d7dfadfa666c5b938dd2d7527040de
8d81303ca0a6e8aad0fe6030abf5b3f1b3febe866a31e01c1221a11a4446f72d
9cf18f759e9c5510c65575e7df1566f9addf64e8a04e6d40d34325a4241402be
a3834b099917ad50875fa35b176e16d18d8b5c1648ed6e9040dca7c77c88503d
aa147e2535dca18d1c6f35b61df283321e05835d43118cba60c8cd1f478bfc87
aa9946f3ea0301e1e49f90b74fcd479f7333b096298b7d0441b4cd51a5ac72d7
b2e2193b80b80a02175ba290c19de90f1be97c03dc535e96add37b080286d597
b4625c69061f3ba22dd6c14fa0c8eaa9effc9cc00210e506c5425369374a6110
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bfa5856d0fe8397f95aecb52b2a3a01fdb7122432fdba3c22615a394245ea728
c45687c5602a758f0b7a774a3f6e378439933081cc6f4018090dd979fa2212fa
c85b4ec982cf6de7bb2b7b76bb26bd3686b5d2835db33490b483c1ba9d15a963
d7889b1aa77c609f75d849db2fee1575bc403b5518448332d4cdf946dae0823b
d849cbd2911eeb346b70fa5b52fecd34eca3a8d86379fde840a1e4422ee39db4
ddaae7809050477153c9e46d2f79ae00615a19c2fc887b2e6d83aaab8f2604bc
dec2ef0b6843c1b310d824f841cea765bdf85cb4700b942b010aa8aa1c201d88
dee99aa2300c59e6486ab0d6123f8eb828da6d6303272c77c1c1de444998af19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b1fe2afad897c08a815e32ae07eeaa7db58ecfe48d75622db313450ebb59e9
f029937a965dfc36c373189845e327ba1cfe14f0eb87b61bc1a8aeb46dd0315b
f07fb6ddc3a2b18bc838ff26f6a3685175756126d6ba6c196e8986389a030d56
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
f67270c85a8f3cc259b4ae6b694b7d623253c11b305904539e360c973d99c9ce
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

careflight.org Open in urlscan Pro 103.242.49.245 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

75 %IPv6

10 Domains

12 Subdomains

11 IPs

5 Countries

1408 kBTransfer

3693 kBSize

8 Cookies

8 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

careflight.org Open in urlscan Pro
103.242.49.245 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

12
Subdomains

11
IPs

5
Countries

1408 kB
Transfer

3693 kB
Size

8
Cookies

65 HTTP transactions
0 data transactions